diff --git a/.github/workflows/content-pipelines.yml b/.github/workflows/content-pipelines.yml index c135e47d6e97..4a1da7b36eda 100644 --- a/.github/workflows/content-pipelines.yml +++ b/.github/workflows/content-pipelines.yml @@ -62,8 +62,10 @@ jobs: echo "pr_number=$PR_NUMBER" >> "$GITHUB_OUTPUT" - name: Setup branch + id: setup-branch env: UPDATE_BRANCH: ${{ steps.branch.outputs.update_branch }} + PR_NUMBER: ${{ steps.check-pr.outputs.pr_number }} run: | git config user.name "github-actions[bot]" git config user.email "github-actions[bot]@users.noreply.github.com" @@ -76,7 +78,12 @@ jobs: git merge --abort 2>/dev/null || true git checkout main git branch -D "$UPDATE_BRANCH" - git push origin --delete "$UPDATE_BRANCH" || true + if [ -z "$PR_NUMBER" ]; then + git push origin --delete "$UPDATE_BRANCH" || true + else + echo "Skipping remote branch delete — PR #$PR_NUMBER is open" + echo "force_push=true" >> "$GITHUB_OUTPUT" + fi git checkout -b "$UPDATE_BRANCH" } else @@ -111,12 +118,19 @@ jobs: if: steps.commit.outputs.has_changes == 'true' env: UPDATE_BRANCH: ${{ steps.branch.outputs.update_branch }} - run: git push origin "$UPDATE_BRANCH" + FORCE_PUSH: ${{ steps.setup-branch.outputs.force_push }} + run: | + if [ "$FORCE_PUSH" = "true" ]; then + echo "Force-pushing to align branch after merge conflict reset" + git push --force-with-lease origin "$UPDATE_BRANCH" + else + git push origin "$UPDATE_BRANCH" + fi - name: Create or update PR if: steps.commit.outputs.has_changes == 'true' env: - GH_TOKEN: ${{ github.token }} + GH_TOKEN: ${{ secrets.DOCS_BOT_PAT_BASE }} UPDATE_BRANCH: ${{ steps.branch.outputs.update_branch }} PIPELINE_ID: ${{ matrix.id }} run: | @@ -136,6 +150,8 @@ jobs: if [ -n "$PR_NUMBER" ]; then echo "PR #$PR_NUMBER already exists — new commit pushed" + echo "Ensuring PR #$PR_NUMBER is marked ready for review" + gh pr ready "$PR_NUMBER" || echo "Unable to mark PR #$PR_NUMBER as ready (it may already be ready)" else echo "Creating new PR" gh pr create \ @@ -143,8 +159,7 @@ jobs: --body "$PR_BODY" \ --base main \ --head "$UPDATE_BRANCH" \ - --label "workflow-generated,content-pipeline-update" \ - --draft + --label "workflow-generated,content-pipeline-update,ready-for-doc-review" fi - uses: ./.github/actions/slack-alert diff --git a/content/actions/concepts/runners/larger-runners.md b/content/actions/concepts/runners/larger-runners.md index 55869e0f5ce7..e624d65bab73 100644 --- a/content/actions/concepts/runners/larger-runners.md +++ b/content/actions/concepts/runners/larger-runners.md @@ -24,11 +24,26 @@ To learn about larger runners, see [the {% data variables.product.prodname_ghe_c {% data variables.product.prodname_dotcom %} offers {% data variables.actions.hosted_runners %} with macOS, Ubuntu, or Windows operating systems, and different features and sizes are available depending on which operating system you use. +{% ifversion default-setup-larger-runners %} + +## About {% data variables.actions.hosted_runners %} for {% data variables.product.prodname_code_scanning %} default setup + +Consider configuring {% data variables.actions.hosted_runners %} for {% data variables.product.prodname_code_scanning %} default setup if: + +* Your scans with standard {% data variables.product.prodname_dotcom %}-hosted runners are taking too long. +* Your scans with standard {% data variables.product.prodname_dotcom %}-hosted runners are returning memory or disk errors. +* You want to customize aspects of your {% data variables.product.prodname_code_scanning %} runner, such as the runner size, runner image, and job concurrency, without using self-hosted runners. + +For more information on configuring {% data variables.actions.hosted_runners %} for {% data variables.product.prodname_code_scanning %} default setup, see [AUTOTITLE](/code-security/how-tos/scan-code-for-vulnerabilities/manage-your-configuration/configuring-larger-runners-for-default-setup). + +{% endif %} + ## About Ubuntu and Windows {% data variables.actions.hosted_runners %} {% data variables.actions.hosted_runner_caps %}s with Ubuntu or Windows operating systems are configured in your organization or enterprise. When you add a {% data variables.actions.hosted_runner %}, you are defining a type of machine from a selection of available hardware specifications and operating system images. With Ubuntu and Windows {% data variables.actions.hosted_runners %}, you can: + * Assign runners static IP addresses from a specific range, allowing you to use this range to configure a firewall allowlist * Control access to your resources by assigning runners to runner groups * Use autoscaling to simplify runner management and control your costs diff --git a/content/billing/how-tos/products/disable-ghas-for-enterprise.md b/content/billing/how-tos/products/disable-ghas-for-enterprise.md index b0c691fa8b38..3a81c7a3d8c4 100644 --- a/content/billing/how-tos/products/disable-ghas-for-enterprise.md +++ b/content/billing/how-tos/products/disable-ghas-for-enterprise.md @@ -4,10 +4,6 @@ intro: Disable {% data variables.product.prodname_GHAS %} and prevent accidental permissions: Enterprise owners versions: feature: disable-ghas-button -topics: - - Billing - - Advanced Security - - Enterprise shortTitle: Disable GHAS for enterprise contentType: how-tos --- @@ -34,4 +30,4 @@ Once you have disabled {% data variables.product.prodname_GHAS %}: * If you use **volume billing**, you agreed to a number of licenses and billing period upfront. You'll continue to pay for the rest of this period. * If you use **metered billing**, you pay based on usage, and your billing will stop from next month. However, you _will_ continue paying for any licenses you've already consumed this month until the end of the month. - For example, if you had 10 licenses in use and disabled GHAS on the second day of the month, you will still be billed for your 10 licenses for the full month instead of just for the two days. + For example, if you had 10 licenses in use and disabled {% data variables.product.prodname_GHAS %} on the second day of the month, you will still be billed for your 10 licenses for the full month instead of just for the two days. diff --git a/content/code-security/concepts/code-scanning/codeql/about-the-codeql-cli.md b/content/code-security/concepts/code-scanning/codeql/about-the-codeql-cli.md index 0b79eaa71288..a2a3f80f7d06 100644 --- a/content/code-security/concepts/code-scanning/codeql/about-the-codeql-cli.md +++ b/content/code-security/concepts/code-scanning/codeql/about-the-codeql-cli.md @@ -115,6 +115,12 @@ The {% data variables.product.prodname_codeql_cli %} uses special programs, call {% data reusables.code-scanning.codeql-license %} +## About {% data variables.product.prodname_codeql_cli %} database bundles + +The {% data variables.product.prodname_codeql_cli %} database bundle command can be used to create a relocatable archive of a {% data variables.product.prodname_codeql %} database. + +A copy of a database bundle can be used to share troubleshooting information with your team members or with {% data variables.contact.github_support %}. See [AUTOTITLE](/code-security/how-tos/scan-code-for-vulnerabilities/scan-from-the-command-line/creating-database-bundle-for-troubleshooting). + ## Getting started For the simplest way to get started, see [AUTOTITLE](/code-security/codeql-cli/getting-started-with-the-codeql-cli/setting-up-the-codeql-cli). diff --git a/content/code-security/concepts/code-scanning/copilot-autofix-for-code-scanning.md b/content/code-security/concepts/code-scanning/copilot-autofix-for-code-scanning.md new file mode 100644 index 000000000000..10f22ddba377 --- /dev/null +++ b/content/code-security/concepts/code-scanning/copilot-autofix-for-code-scanning.md @@ -0,0 +1,29 @@ +--- +title: About Copilot Autofix for code scanning +shortTitle: Copilot Autofix +allowTitleToDifferFromFilename: true +intro: '{% data variables.copilot.copilot_autofix_short %} provides targeted recommendations to help you fix {% data variables.product.prodname_code_scanning %} alerts and avoid introducing new security vulnerabilities.' +product: '{% data reusables.rai.code-scanning.gated-feature-autofix %}' +versions: + feature: code-scanning-autofix +contentType: concepts +topics: + - Code Security + - Code scanning + - CodeQL + - AI +--- + +{% data variables.copilot.copilot_autofix_short %} is an expansion of {% data variables.product.prodname_code_scanning %} that provides you with targeted recommendations to help you fix {% data variables.product.prodname_code_scanning %} alerts so you can avoid introducing new security vulnerabilities. The potential fixes are generated automatically by large language models (LLMs) using data from the codebase and from {% data variables.product.prodname_code_scanning %} analysis. + +## How {% data variables.copilot.copilot_autofix_short %} works + +{% data variables.copilot.copilot_autofix_short %} translates the description and location of an alert into code changes that may fix the alert. It interfaces with the large language model {% data variables.copilot.copilot_gpt_51 %} from OpenAI, which has sufficient generative capabilities to produce both suggested fixes in code and explanatory text for those fixes. + +## Enabling and managing {% data variables.copilot.copilot_autofix_short %} + +You do not need a subscription to {% data variables.product.prodname_copilot %} to use {% data variables.copilot.copilot_autofix %}. {% data variables.copilot.copilot_autofix_short %} is available to all public repositories on {% data variables.product.prodname_dotcom_the_website %}, as well as internal or private repositories owned by organizations and enterprises that have a license for {% data variables.product.prodname_GH_code_security %}. + +{% data variables.copilot.copilot_autofix_short %} is allowed by default and enabled for every repository that uses {% data variables.product.prodname_codeql %}, regardless of whether it uses default or advanced setup for {% data variables.product.prodname_code_scanning %}. There is no separate step to enable {% data variables.copilot.copilot_autofix_short %}: enabling {% data variables.product.prodname_code_scanning %} with {% data variables.product.prodname_codeql %} is sufficient. See [AUTOTITLE](/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning). + +Administrators at the enterprise, organization, and repository levels can choose to disable {% data variables.copilot.copilot_autofix_short %}. If {% data variables.copilot.copilot_autofix_short %} has been disabled at your level, you can re-enable it by following the same steps used to disable it and selecting the option to allow {% data variables.copilot.copilot_autofix_short %}. To learn how to manage {% data variables.copilot.copilot_autofix_short %} at each level, see [AUTOTITLE](/code-security/how-tos/manage-security-alerts/manage-code-scanning-alerts/disabling-autofix-for-code-scanning). diff --git a/content/code-security/concepts/code-scanning/index.md b/content/code-security/concepts/code-scanning/index.md index 828ddac60559..09dddbc7bc44 100644 --- a/content/code-security/concepts/code-scanning/index.md +++ b/content/code-security/concepts/code-scanning/index.md @@ -15,6 +15,7 @@ contentType: concepts children: - /about-code-scanning - /about-code-scanning-alerts + - /copilot-autofix-for-code-scanning - /setup-types - /about-integration-with-code-scanning - /sarif-files diff --git a/content/code-security/concepts/security-at-scale/delegated-alert-dismissal.md b/content/code-security/concepts/security-at-scale/delegated-alert-dismissal.md new file mode 100644 index 000000000000..83e7ea4caebf --- /dev/null +++ b/content/code-security/concepts/security-at-scale/delegated-alert-dismissal.md @@ -0,0 +1,43 @@ +--- +title: Delegated alert dismissal +intro: 'Increase your governance over security alerts with delegated alert dismissal.' +versions: + feature: security-delegated-alert-dismissal +topics: + - Alerts + - Repositories + - Dependencies + - Vulnerabilities + - Secret scanning + - Code scanning +contentType: concepts +--- + +Delegated alert dismissal lets you restrict which users can directly dismiss an alert. When you enable the feature: +* Users with write access to a repository must request to dismiss alerts in that repository. +* Organization owners and security managers can approve or deny dismissal requests, as well as dismiss alerts directly themselves. + +Reviewers are notified of dismissal requests via email, and can either approve the request to dismiss the alert, or deny the request to leave the alert open. After a request is reviewed, the requester is notified of the outcome via email. + +## Availability + +You can enable delegated alert dismissal for: +* {% data variables.product.prodname_code_scanning_caps %} alerts (available on {% data variables.product.prodname_dotcom_the_website %} and {% data variables.product.prodname_ghe_server %} 3.17+) +* {% data variables.product.prodname_secret_scanning_caps %} alerts (available on {% data variables.product.prodname_dotcom_the_website %} and {% data variables.product.prodname_ghe_server %} 3.17+) +* {% data variables.product.prodname_dependabot_alerts %} (available on {% data variables.product.prodname_dotcom_the_website %} and {% data variables.product.prodname_ghe_server %} 3.21+) + +## Custom roles for delegated alert dismissal + +You can use a custom role to let team members who are not organization owners or security managers respond to dismissal requests and dismiss alerts directly. The custom role needs the following permissions: + +* Organization permissions for reviewing and bypassing alert dismissal requests. To find the exact permissions required for a particular product, see [Permissions for organization access](/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles#permissions-for-organization-access). +* Repository permissions to view, dismiss, and reopen alerts. To find the exact permissions required for a particular product, see [Security](/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles#security). + +{% data reusables.organizations.custom-role-repo-perms-preview-note %} + +## Next steps + +To configure delegated alert dismissal, see: +* [AUTOTITLE](/code-security/how-tos/manage-security-alerts/manage-code-scanning-alerts/enabling-delegated-alert-dismissal-for-code-scanning) +* [AUTOTITLE](/code-security/how-tos/manage-security-alerts/manage-secret-scanning-alerts/enabling-delegated-alert-dismissal-for-secret-scanning){% ifversion dependabot-delegated-alert-dismissal %} +* [AUTOTITLE](/code-security/how-tos/manage-security-alerts/manage-dependabot-alerts/enable-delegated-alert-dismissal){% endif %} diff --git a/content/code-security/concepts/security-at-scale/index.md b/content/code-security/concepts/security-at-scale/index.md index bf47d01ead33..a68dbcfb6c80 100644 --- a/content/code-security/concepts/security-at-scale/index.md +++ b/content/code-security/concepts/security-at-scale/index.md @@ -20,6 +20,7 @@ children: - /about-security-overview - /about-security-campaigns - /auditing-security-alerts + - /delegated-alert-dismissal - /about-supply-chain-security-for-your-enterprise redirect_from: - /admin/managing-code-security/managing-supply-chain-security-for-your-enterprise diff --git a/content/code-security/how-tos/manage-security-alerts/manage-code-scanning-alerts/disabling-autofix-for-code-scanning.md b/content/code-security/how-tos/manage-security-alerts/manage-code-scanning-alerts/disabling-autofix-for-code-scanning.md index 7db6f7f67fb6..358fc43b65f9 100644 --- a/content/code-security/how-tos/manage-security-alerts/manage-code-scanning-alerts/disabling-autofix-for-code-scanning.md +++ b/content/code-security/how-tos/manage-security-alerts/manage-code-scanning-alerts/disabling-autofix-for-code-scanning.md @@ -16,26 +16,22 @@ redirect_from: - /code-security/code-scanning/managing-code-scanning-alerts/disabling-autofix-for-code-scanning --- -## About disabling {% data variables.copilot.copilot_autofix_short %} for {% data variables.product.prodname_code_scanning %} - -{% data variables.copilot.copilot_autofix %} is a {% data variables.product.prodname_copilot %}-powered expansion of {% data variables.product.prodname_code_scanning %}. It provides users with targeted recommendations to help them fix {% data variables.product.prodname_code_scanning %} alerts (including {% data variables.product.prodname_codeql %} alerts) so they can avoid introducing new security vulnerabilities. To learn more about {% data variables.copilot.copilot_autofix_short %} for {% data variables.product.prodname_code_scanning %}, see [AUTOTITLE](/code-security/code-scanning/managing-code-scanning-alerts/responsible-use-autofix-code-scanning). - {% data reusables.rai.code-scanning.copilot-autofix-note %} -{% data variables.copilot.copilot_autofix_short %} is allowed by default and enabled for every repository that uses {% data variables.product.prodname_codeql %}, regardless of whether it uses default or advanced setup for {% data variables.product.prodname_code_scanning %}. Administrators at the enterprise, organization and repository levels can choose to opt out and disable {% data variables.copilot.copilot_autofix_short %} for security alerts. - -Note that disabling {% data variables.copilot.copilot_autofix_short %} at any level will close all open {% data variables.copilot.copilot_autofix_short %} suggestions on security comments. If {% data variables.copilot.copilot_autofix_short %} is disabled and then subsequently enabled, {% data variables.copilot.copilot_autofix_short %} won't automatically suggest fixes for any pull requests that are already open. The suggestions will only be generated for any pull requests that are opened after {% data variables.copilot.copilot_autofix_short %} is enabled, or after re-running {% data variables.product.prodname_code_scanning %} security analysis on existing pull requests. +Disabling {% data variables.copilot.copilot_autofix_short %} at any level will close all open {% data variables.copilot.copilot_autofix_short %} suggestions that were added as comments on {% data variables.product.prodname_code_scanning %} alerts in pull requests. If {% data variables.copilot.copilot_autofix_short %} is later re-enabled, suggestions will only be generated for pull requests opened after that point, or after re-running {% data variables.product.prodname_code_scanning %} security analysis on existing pull requests. > [!NOTE] > {% data variables.copilot.copilot_autofix_short %} is an integral part of {% data variables.product.prodname_code_quality %} and will continue to run on code quality results even when it is disabled for code security results. +For more information about {% data variables.copilot.copilot_autofix_short %}, see [AUTOTITLE](/code-security/concepts/code-scanning/copilot-autofix-for-code-scanning). + ## Blocking use of {% data variables.copilot.copilot_autofix_short %} for an enterprise Enterprise administrators can disallow {% data variables.copilot.copilot_autofix_short %} for security results in their enterprise. If you disallow {% data variables.copilot.copilot_autofix_short %} for an enterprise, {% data variables.copilot.copilot_autofix_short %} cannot be enabled for any organizations or repositories within the enterprise. -Note that allowing {% data variables.copilot.copilot_autofix_short %} for an enterprise does not enforce enablement of {% data variables.copilot.copilot_autofix_short %}, but means that organization and repository administrators will have the option to enable or disable {% data variables.copilot.copilot_autofix_short %} for security results. +Allowing {% data variables.copilot.copilot_autofix_short %} for an enterprise does not enforce enablement of {% data variables.copilot.copilot_autofix_short %}, but means that organization and repository administrators will have the option to enable or disable {% data variables.copilot.copilot_autofix_short %} for security results. -Disallowing {% data variables.copilot.copilot_autofix_short %} at the enterprise level will remove all open {% data variables.copilot.copilot_autofix_short %} suggestions on security comments across all repositories of all organizations within the enterprise. +Disallowing {% data variables.copilot.copilot_autofix_short %} at the enterprise level will remove all open {% data variables.copilot.copilot_autofix_short %} suggestions that were added as comments on {% data variables.product.prodname_code_scanning %} alerts in pull requests across all repositories of all organizations within the enterprise. {% data reusables.enterprise-accounts.access-enterprise %} {% data reusables.enterprise-accounts.policies-tab %} @@ -46,7 +42,7 @@ Disallowing {% data variables.copilot.copilot_autofix_short %} at the enterprise If {% data variables.copilot.copilot_autofix_short %} is allowed at the enterprise level, organization administrators have the option to disable {% data variables.copilot.copilot_autofix_short %} for an organization. If you disable {% data variables.copilot.copilot_autofix_short %} for an organization, {% data variables.copilot.copilot_autofix_short %} cannot be enabled for any repositories within the organization. -Note that disabling {% data variables.copilot.copilot_autofix_short %} at the organization level will remove all open {% data variables.copilot.copilot_autofix_short %} suggestions on security comments across all repositories in the organization. +Disabling {% data variables.copilot.copilot_autofix_short %} at the organization level will remove all open {% data variables.copilot.copilot_autofix_short %} suggestions that were added as comments on {% data variables.product.prodname_code_scanning %} alerts in pull requests across all repositories in the organization. {% data reusables.profile.access_org %} {% data reusables.profile.org_settings %} @@ -57,7 +53,7 @@ For more information about configuring global {% data variables.product.prodname ## Disabling {% data variables.copilot.copilot_autofix_short %} for a repository -If {% data variables.copilot.copilot_autofix_short %} is allowed at the enterprise level and enabled at the organization level, repository administrators have the option to disable {% data variables.copilot.copilot_autofix_short %} for a repository. Disabling {% data variables.copilot.copilot_autofix_short %} at the repository level will remove all open {% data variables.copilot.copilot_autofix_short %} suggestions on security comments across the repository. +If {% data variables.copilot.copilot_autofix_short %} is allowed at the enterprise level and enabled at the organization level, repository administrators have the option to disable {% data variables.copilot.copilot_autofix_short %} for a repository. Disabling {% data variables.copilot.copilot_autofix_short %} at the repository level will remove all open {% data variables.copilot.copilot_autofix_short %} suggestions that were added as comments on {% data variables.product.prodname_code_scanning %} alerts in pull requests across the repository. {% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-settings %} diff --git a/content/code-security/how-tos/manage-security-alerts/manage-code-scanning-alerts/enabling-delegated-alert-dismissal-for-code-scanning.md b/content/code-security/how-tos/manage-security-alerts/manage-code-scanning-alerts/enabling-delegated-alert-dismissal-for-code-scanning.md index e1431663bb6f..f25eb301b102 100644 --- a/content/code-security/how-tos/manage-security-alerts/manage-code-scanning-alerts/enabling-delegated-alert-dismissal-for-code-scanning.md +++ b/content/code-security/how-tos/manage-security-alerts/manage-code-scanning-alerts/enabling-delegated-alert-dismissal-for-code-scanning.md @@ -15,9 +15,7 @@ redirect_from: - /code-security/code-scanning/managing-your-code-scanning-configuration/enabling-delegated-alert-dismissal-for-code-scanning --- -## About enabling delegated alert dismissal - -{% data reusables.security.delegated-alert-dismissal-intro %} +{% data reusables.security.delegated-alert-dismissal-capacity %} ## Configuring delegated dismissal for a repository diff --git a/content/code-security/how-tos/manage-security-alerts/manage-code-scanning-alerts/resolving-code-scanning-alerts.md b/content/code-security/how-tos/manage-security-alerts/manage-code-scanning-alerts/resolving-code-scanning-alerts.md index 53bffe071e7f..3ba94060ed2c 100644 --- a/content/code-security/how-tos/manage-security-alerts/manage-code-scanning-alerts/resolving-code-scanning-alerts.md +++ b/content/code-security/how-tos/manage-security-alerts/manage-code-scanning-alerts/resolving-code-scanning-alerts.md @@ -37,7 +37,7 @@ With a {% data variables.copilot.copilot_enterprise %} license, you can ask {% d ## Generating suggested fixes for {% data variables.product.prodname_code_scanning %} alerts -{% data variables.copilot.copilot_autofix %} can generate fixes for alerts identified by {% data variables.product.prodname_code_scanning %} analysis. Most {% data variables.product.prodname_codeql %} alert types are supported. For more information, see [AUTOTITLE](/code-security/code-scanning/managing-code-scanning-alerts/responsible-use-autofix-code-scanning). +{% data variables.copilot.copilot_autofix %} can generate fixes for alerts identified by {% data variables.product.prodname_code_scanning %} analysis. Most {% data variables.product.prodname_codeql %} alert types are supported. See [AUTOTITLE](/code-security/concepts/code-scanning/copilot-autofix-for-code-scanning). {% data reusables.rai.code-scanning.copilot-autofix-note %} diff --git a/content/code-security/how-tos/manage-security-alerts/manage-dependabot-alerts/enable-delegated-alert-dismissal.md b/content/code-security/how-tos/manage-security-alerts/manage-dependabot-alerts/enable-delegated-alert-dismissal.md index 837e10cf17f6..f65652293aa2 100644 --- a/content/code-security/how-tos/manage-security-alerts/manage-dependabot-alerts/enable-delegated-alert-dismissal.md +++ b/content/code-security/how-tos/manage-security-alerts/manage-dependabot-alerts/enable-delegated-alert-dismissal.md @@ -16,9 +16,7 @@ redirect_from: - /code-security/dependabot/dependabot-alerts/enable-delegated-alert-dismissal --- -## About enabling delegated alert dismissal - -{% data reusables.security.delegated-alert-dismissal-intro %} +{% data reusables.security.delegated-alert-dismissal-capacity %} ## Configuring delegated dismissal for a repository diff --git a/content/code-security/how-tos/manage-security-alerts/manage-secret-scanning-alerts/enabling-delegated-alert-dismissal-for-secret-scanning.md b/content/code-security/how-tos/manage-security-alerts/manage-secret-scanning-alerts/enabling-delegated-alert-dismissal-for-secret-scanning.md index eda4b2aac61c..566d8ee578e8 100644 --- a/content/code-security/how-tos/manage-security-alerts/manage-secret-scanning-alerts/enabling-delegated-alert-dismissal-for-secret-scanning.md +++ b/content/code-security/how-tos/manage-security-alerts/manage-secret-scanning-alerts/enabling-delegated-alert-dismissal-for-secret-scanning.md @@ -15,9 +15,7 @@ redirect_from: - /code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/enabling-delegated-alert-dismissal-for-secret-scanning --- -## About enabling delegated alert dismissal - -{% data reusables.security.delegated-alert-dismissal-intro %} +{% data reusables.security.delegated-alert-dismissal-capacity %} ## Configuring delegated dismissal for a repository diff --git a/content/code-security/how-tos/scan-code-for-vulnerabilities/manage-your-configuration/configuring-larger-runners-for-default-setup.md b/content/code-security/how-tos/scan-code-for-vulnerabilities/manage-your-configuration/configuring-larger-runners-for-default-setup.md index 73b28ff5486e..c084f13e53bb 100644 --- a/content/code-security/how-tos/scan-code-for-vulnerabilities/manage-your-configuration/configuring-larger-runners-for-default-setup.md +++ b/content/code-security/how-tos/scan-code-for-vulnerabilities/manage-your-configuration/configuring-larger-runners-for-default-setup.md @@ -1,7 +1,7 @@ --- title: Configuring larger runners for default setup shortTitle: Configure larger runners -intro: You can run {% data variables.product.prodname_code_scanning %} default setup more quickly on bigger codebases using {% data variables.actions.hosted_runners %}. +intro: Run {% data variables.product.prodname_code_scanning %} default setup more quickly on bigger codebases using {% data variables.actions.hosted_runners %}. product: '{% data reusables.actions.larger-runner-permissions %}' versions: feature: default-setup-larger-runners @@ -16,20 +16,6 @@ contentType: how-tos {% data reusables.code-scanning.beta-larger-runners-support %} -## About {% data variables.actions.hosted_runners %} for default setup - -{% data reusables.actions.about-larger-runners %} For more information about {% data variables.actions.hosted_runners %}, see [AUTOTITLE](/actions/using-github-hosted-runners/about-larger-runners/about-larger-runners). - -Consider configuring {% data variables.actions.hosted_runners %} for default setup if: -* Your scans with standard {% data variables.product.prodname_dotcom %}-hosted runners are taking too long. -* Your scans with standard {% data variables.product.prodname_dotcom %}-hosted runners are returning memory or disk errors. -* You want to customize aspects of your {% data variables.product.prodname_code_scanning %} runner like the runner size, runner image, and job concurrency without using self-hosted runners. - -> [!WARNING] -> Currently, Swift analysis is not available on {% data variables.actions.hosted_runners %} for default setup. Additionally, if your repository has access to a runner with the `code-scanning` label, such as a {% data variables.actions.hosted_runner %} provisioned for default setup, default setup workflows will _only_ use runners labeled `code-scanning`. If you would like to configure default setup on {% data variables.actions.hosted_runners %} _and_ analyze Swift, you have two options: -> * Provision a self-hosted macOS runner with the `code-scanning` label in addition to your {% data variables.actions.hosted_runner %}. For more information, see {% ifversion ghec %}[AUTOTITLE](/admin/code-security/managing-github-advanced-security-for-your-enterprise/configuring-code-scanning-for-your-appliance).{% else %}[AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/adding-self-hosted-runners#adding-a-self-hosted-runner-to-a-repository).{% endif %} -> * Ensure any repositories containing Swift _do not_ have access to runners with the label `code-scanning`. Default setup workflows for that repository will only use standard runners. - {% ifversion ghec %} ## Provisioning enterprise-level {% data variables.actions.hosted_runners %} for default setup @@ -46,6 +32,15 @@ Consider configuring {% data variables.actions.hosted_runners %} for default set ## Provisioning organization-level {% data variables.actions.hosted_runners %} for default setup 1. Add a {% data variables.actions.hosted_runner %} to your organization. See [AUTOTITLE](/actions/using-github-hosted-runners/about-larger-runners/managing-larger-runners#adding-a-larger-runner-to-an-organization). - * To add a custom label to your {% data variables.actions.hosted_runner %}, give the runner a name that matches that label. You can use this custom label when you configure default setup with {% data variables.actions.hosted_runners %}. For more information, see [AUTOTITLE](/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning#assigning-labels-to-runners). + + * To add a custom label to your {% data variables.actions.hosted_runner %}, give the runner a name that matches that label. You can use this custom label when you configure default setup with {% data variables.actions.hosted_runners %}. + 1. By default, all repositories in your organization have access to organization-level runners, meaning every repository can use your {% data variables.actions.hosted_runner %}. For information on granting only select repositories access to a {% data variables.actions.hosted_runner %}, see [AUTOTITLE](/actions/using-github-hosted-runners/about-larger-runners/managing-larger-runners#allowing-repositories-to-access-larger-runners). 1. You can now configure default setup for your organization and repositories, and your {% data variables.actions.hosted_runner %} will automatically pick up {% data variables.product.prodname_code_scanning %} jobs. For more information on configuring default setup, see [AUTOTITLE](/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning) and [AUTOTITLE](/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning-at-scale). + +## Extra steps for Swift analysis + +Currently, Swift analysis is not available on {% data variables.actions.hosted_runners %} for default setup. Additionally, if your repository has access to a runner with the `code-scanning` label, such as a {% data variables.actions.hosted_runner %} provisioned for default setup, default setup workflows will _only_ use runners labeled `code-scanning`. If you would like to configure default setup on {% data variables.actions.hosted_runners %} _and_ analyze Swift, you have two options: + +* Provision a self-hosted macOS runner with the `code-scanning` label in addition to your {% data variables.actions.hosted_runner %}. For more information, see {% ifversion ghec %}[AUTOTITLE](/admin/code-security/managing-github-advanced-security-for-your-enterprise/configuring-code-scanning-for-your-appliance).{% else %}[AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/adding-self-hosted-runners#adding-a-self-hosted-runner-to-a-repository).{% endif %} +* Ensure any repositories containing Swift _do not_ have access to runners with the label `code-scanning`. Default setup workflows for that repository will only use standard runners diff --git a/content/code-security/how-tos/scan-code-for-vulnerabilities/scan-from-the-command-line/creating-database-bundle-for-troubleshooting.md b/content/code-security/how-tos/scan-code-for-vulnerabilities/scan-from-the-command-line/creating-database-bundle-for-troubleshooting.md index 48cb24da1497..b04e67d60e63 100644 --- a/content/code-security/how-tos/scan-code-for-vulnerabilities/scan-from-the-command-line/creating-database-bundle-for-troubleshooting.md +++ b/content/code-security/how-tos/scan-code-for-vulnerabilities/scan-from-the-command-line/creating-database-bundle-for-troubleshooting.md @@ -1,7 +1,7 @@ --- title: Creating CodeQL CLI database bundles shortTitle: Creating CodeQL CLI database bundles -intro: You can create a database bundle with {% data variables.product.prodname_codeql %} troubleshooting information. +intro: Create a database bundle with {% data variables.product.prodname_codeql %} troubleshooting information. allowTitleToDifferFromFilename: true product: '{% data reusables.gated-features.codeql %}' versions: @@ -19,18 +19,9 @@ contentType: how-tos {% data reusables.code-scanning.codeql-database-archive-contains-source-code %} -## About creating {% data variables.product.prodname_codeql_cli %} database bundles - {% data reusables.code-scanning.codeql-cli-version-ghes %} -The {% data variables.product.prodname_codeql_cli %} database bundle command can be used to create a relocatable archive of a {% data variables.product.prodname_codeql %} database. - -A copy of a database bundle can be used to share troubleshooting information with your team members or with {% data variables.contact.github_support %}. - -The following {% data variables.product.prodname_codeql_cli %} command syntax is suggested when creating a database bundle for troubleshooting purposes: - -> [!NOTE] -> This sample `database bundle` command requires {% data variables.product.prodname_codeql_cli %} version {% data variables.product.codeql_cli_version_min_version_create_bundle %} or higher. +The following {% data variables.product.prodname_codeql_cli %} command syntax is suggested when creating a database bundle for troubleshooting purposes. This sample `database bundle` command requires {% data variables.product.prodname_codeql_cli %} version {% data variables.product.codeql_cli_version_min_version_create_bundle %} or higher. ```shell codeql database bundle --output=codeql-debug-artifacts.zip --include-diagnostics --include-logs --include-results -- diff --git a/content/copilot/concepts/agents/copilot-cli/research.md b/content/copilot/concepts/agents/copilot-cli/research.md index c46cdf9aa56f..1d5ac19da4d7 100644 --- a/content/copilot/concepts/agents/copilot-cli/research.md +++ b/content/copilot/concepts/agents/copilot-cli/research.md @@ -5,8 +5,6 @@ allowTitleToDifferFromFilename: true intro: 'The `/research` slash command turns {% data variables.product.prodname_copilot_short %} into your research assistant, gathering in-depth information and insights on a topic.' versions: feature: copilot -topics: - - CLI contentType: concepts category: - Learn about Copilot # Copilot discovery page diff --git a/content/copilot/concepts/copilot-usage-metrics/copilot-metrics.md b/content/copilot/concepts/copilot-usage-metrics/copilot-metrics.md index 4155c7f05993..28b1b48b7e3b 100644 --- a/content/copilot/concepts/copilot-usage-metrics/copilot-metrics.md +++ b/content/copilot/concepts/copilot-usage-metrics/copilot-metrics.md @@ -35,7 +35,7 @@ Metrics are available through: ## Which usage is included? -The {% data variables.product.prodname_copilot_short %} usage metrics are derived from telemetry across multiple Copilot surfaces. Because many metrics come from IDE telemetry, **end users must have telemetry enabled in their IDE to be included in these metrics**. +{% data variables.product.prodname_copilot_short %} usage metrics are derived from telemetry across multiple {% data variables.product.prodname_copilot_short %} surfaces, including IDE and {% data variables.copilot.copilot_cli_short %} activity. Because many metrics come from IDE telemetry, **end users must have telemetry enabled in their IDE to be included in these metrics**. The data **does not include** activity from other {% data variables.product.prodname_copilot_short %} surfaces, such as: @@ -127,7 +127,7 @@ These metrics can be used together to answer key questions about your teams' usa | Which features deliver the most value? | Requests per chat mode, agent adoption | | Do developers trust {% data variables.product.prodname_copilot_short %}’s output? | Acceptance rate trends | | Are enablement efforts working? | Growth in adoption and engagement after training or communication campaigns | -| Is {% data variables.product.prodname_copilot_short %} influencing delivery speed or PR throughput? | Pull request merge counts and median time to merge | +| Is {% data variables.product.prodname_copilot_short %} influencing delivery speed or pull request throughput? | Pull request merge counts and median time to merge | Look for patterns across these signals rather than focusing on any single number. For example, a steady DAU paired with a rising acceptance rate indicates growing trust and value. diff --git a/content/copilot/how-tos/copilot-cli/customize-copilot/add-mcp-servers.md b/content/copilot/how-tos/copilot-cli/customize-copilot/add-mcp-servers.md index 58e616312205..325c3507a7f6 100644 --- a/content/copilot/how-tos/copilot-cli/customize-copilot/add-mcp-servers.md +++ b/content/copilot/how-tos/copilot-cli/customize-copilot/add-mcp-servers.md @@ -5,8 +5,6 @@ allowTitleToDifferFromFilename: true intro: 'Extend {% data variables.product.prodname_copilot_short %}''s capabilities by connecting Model Context Protocol (MCP) servers to provide additional tools and context.' versions: feature: copilot -topics: - - Copilot contentType: how-tos category: - Configure Copilot CLI # Copilot CLI bespoke page diff --git a/content/copilot/how-tos/copilot-cli/use-copilot-cli-agents/agentic-code-review.md b/content/copilot/how-tos/copilot-cli/use-copilot-cli-agents/agentic-code-review.md index 7a92f4260d65..d1aa6ea07b15 100644 --- a/content/copilot/how-tos/copilot-cli/use-copilot-cli-agents/agentic-code-review.md +++ b/content/copilot/how-tos/copilot-cli/use-copilot-cli-agents/agentic-code-review.md @@ -6,8 +6,6 @@ intro: 'Use {% data variables.copilot.copilot_cli_short %} to review your code c product: '{% data reusables.gated-features.copilot-cli %}' versions: feature: copilot -topics: - - Copilot contentType: how-tos category: - Build with Copilot CLI diff --git a/content/copilot/how-tos/copilot-cli/use-copilot-cli-agents/delegate-tasks-to-cca.md b/content/copilot/how-tos/copilot-cli/use-copilot-cli-agents/delegate-tasks-to-cca.md index 0ec73068654d..8857cef4a648 100644 --- a/content/copilot/how-tos/copilot-cli/use-copilot-cli-agents/delegate-tasks-to-cca.md +++ b/content/copilot/how-tos/copilot-cli/use-copilot-cli-agents/delegate-tasks-to-cca.md @@ -6,8 +6,6 @@ allowTitleToDifferFromFilename: true product: '{% data reusables.gated-features.copilot-cli %}' versions: feature: copilot -topics: - - Copilot contentType: how-tos category: - Build with Copilot CLI diff --git a/content/copilot/how-tos/copilot-cli/use-copilot-cli-agents/index.md b/content/copilot/how-tos/copilot-cli/use-copilot-cli-agents/index.md index ced9e83a5c9f..d118337ada3a 100644 --- a/content/copilot/how-tos/copilot-cli/use-copilot-cli-agents/index.md +++ b/content/copilot/how-tos/copilot-cli/use-copilot-cli-agents/index.md @@ -4,8 +4,6 @@ shortTitle: Use Copilot CLI agents intro: Understand the different ways you can use agents in {% data variables.copilot.copilot_cli_short %} to delegate and automate work. versions: feature: copilot -topics: - - Copilot children: - /overview - /delegate-tasks-to-cca diff --git a/content/copilot/how-tos/copilot-cli/use-copilot-cli-agents/invoke-custom-agents.md b/content/copilot/how-tos/copilot-cli/use-copilot-cli-agents/invoke-custom-agents.md index f22da83034e2..01a308d59b92 100644 --- a/content/copilot/how-tos/copilot-cli/use-copilot-cli-agents/invoke-custom-agents.md +++ b/content/copilot/how-tos/copilot-cli/use-copilot-cli-agents/invoke-custom-agents.md @@ -5,8 +5,6 @@ intro: Use custom agents, skills, and MCP servers in {% data variables.copilot.c product: '{% data reusables.gated-features.copilot-cli %}' versions: feature: copilot -topics: - - Copilot contentType: how-tos category: - Build with Copilot CLI diff --git a/content/copilot/how-tos/copilot-cli/use-copilot-cli-agents/steer-agents.md b/content/copilot/how-tos/copilot-cli/use-copilot-cli-agents/steer-agents.md index 6079908b48c6..e82725acd218 100644 --- a/content/copilot/how-tos/copilot-cli/use-copilot-cli-agents/steer-agents.md +++ b/content/copilot/how-tos/copilot-cli/use-copilot-cli-agents/steer-agents.md @@ -5,8 +5,6 @@ intro: Guide {% data variables.product.prodname_copilot_short %} during task exe product: '{% data reusables.gated-features.copilot-cli %}' versions: feature: copilot -topics: - - Copilot contentType: how-tos category: - Build with Copilot CLI diff --git a/content/copilot/how-tos/use-copilot-agents/request-a-code-review/configure-self-hosted-runners.md b/content/copilot/how-tos/use-copilot-agents/request-a-code-review/configure-self-hosted-runners.md index e2357c818f29..53c1ee12fdef 100644 --- a/content/copilot/how-tos/use-copilot-agents/request-a-code-review/configure-self-hosted-runners.md +++ b/content/copilot/how-tos/use-copilot-agents/request-a-code-review/configure-self-hosted-runners.md @@ -5,8 +5,6 @@ intro: 'Learn how to configure self-hosted runners for {% data variables.copilot allowTitleToDifferFromFilename: true versions: feature: copilot -topics: - - Copilot contentType: how-tos category: - Author and optimize with Copilot diff --git a/content/copilot/reference/ai-models/model-comparison.md b/content/copilot/reference/ai-models/model-comparison.md index 729c56f0d7c3..2c4c5a6fd041 100644 --- a/content/copilot/reference/ai-models/model-comparison.md +++ b/content/copilot/reference/ai-models/model-comparison.md @@ -38,7 +38,7 @@ Use these models for common development tasks that require a balance of quality, | Model | Why it's a good fit | |---------------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------| -| {% data variables.copilot.copilot_gpt_51_codex %} | Delivers higher-quality code on complex engineering tasks like features, tests, debugging, refactors, and reviews without lengthy instructions. | +| {% data variables.copilot.copilot_gpt_53_codex %} | Delivers higher-quality code on complex engineering tasks like features, tests, debugging, refactors, and reviews without lengthy instructions. | | {% data variables.copilot.copilot_gpt_5_mini %} | Reliable default for most coding and writing tasks. Fast, accurate, and works well across languages and frameworks. | | {% data variables.copilot.copilot_grok_code %} | Specialized for coding tasks. Performs well on code generation, and debugging across multiple languages. | | {% data variables.copilot.copilot_raptor_mini %} | Specialized for fast, accurate inline suggestions and explanations. | @@ -89,11 +89,11 @@ These models are designed for tasks that require step-by-step reasoning, complex | Model | Why it's a good fit | |-------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------| | {% data variables.copilot.copilot_gpt_5_mini %} | Delivers deep reasoning and debugging with faster responses and lower resource usage than GPT-5. Ideal for interactive sessions and step-by-step code analysis. | -| {% data variables.copilot.copilot_gpt_52 %} | Great at complex reasoning, code analysis, and technical decision-making. | -| {% data variables.copilot.copilot_claude_sonnet_40 %} | Improves on 3.7 with more reliable completions and smarter reasoning under pressure. | +| {% data variables.copilot.copilot_gpt_54 %} | Great at complex reasoning, code analysis, and technical decision-making. | +| {% data variables.copilot.copilot_claude_sonnet_46 %} | Improves on Sonnet 4.5 with more reliable completions and smarter reasoning under pressure. | | {% data variables.copilot.copilot_claude_opus_46 %} | Anthropic’s most powerful model. Improves on {% data variables.copilot.copilot_claude_opus_45 %}. | | {% data variables.copilot.copilot_gemini_3_pro %} | Advanced reasoning across long contexts and scientific or technical analysis. | -| {% data variables.copilot.copilot_goldeneye %} | Complex problem-solving challenges and sophisticated reasoning. | +| {% data variables.copilot.copilot_goldeneye %} | Complex problem-solving challenges and sophisticated reasoning. | ### When to use these models @@ -114,11 +114,11 @@ For general development workflows or content generation, see [General-purpose co Use these models when you want to ask questions about screenshots, diagrams, UI components, or other visual input. These models support multimodal input and are well suited for front-end work or visual debugging. -| Model | Why it's a good fit | -|-------------------------------------------------------|---------------------| +| Model | Why it's a good fit | +|-------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | {% data variables.copilot.copilot_gpt_5_mini %} | Reliable default for most coding and writing tasks. Fast, accurate, and supports multimodal input for visual reasoning tasks. Works well across languages and frameworks. | -| {% data variables.copilot.copilot_claude_sonnet_40 %} | Improves on 3.7 with more reliable completions and smarter reasoning under pressure. | -| {% data variables.copilot.copilot_gemini_3_pro %} | Deep reasoning and debugging, ideal for complex code generation, debugging, and research workflows. | +| {% data variables.copilot.copilot_claude_sonnet_46 %} | Improves on Sonnet 4.5 with more reliable completions and smarter reasoning under pressure. | +| {% data variables.copilot.copilot_gemini_3_pro %} | Deep reasoning and debugging, ideal for complex code generation, debugging, and research workflows. | ### When to use these models diff --git a/content/copilot/reference/ai-models/model-hosting.md b/content/copilot/reference/ai-models/model-hosting.md index dda3facdaf7c..4443ae67ac51 100644 --- a/content/copilot/reference/ai-models/model-hosting.md +++ b/content/copilot/reference/ai-models/model-hosting.md @@ -27,6 +27,7 @@ Used for: * {% data variables.copilot.copilot_gpt_52 %} * {% data variables.copilot.copilot_gpt_52_codex %} * {% data variables.copilot.copilot_gpt_53_codex %} +* {% data variables.copilot.copilot_gpt_54 %} These models are hosted by OpenAI and {% data variables.product.github %}'s Azure infrastructure. diff --git a/content/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles.md b/content/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles.md index 0c11f9752e3b..f2ea78179897 100644 --- a/content/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles.md +++ b/content/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles.md @@ -22,7 +22,7 @@ There are several ways to combine permissions for repositories and organizations Without repository permissions or a base repository role, the organization role doesn't grant access to any repositories. ->[!NOTE] Adding repository permissions to a custom organization role is currently in {% data variables.release-phases.public_preview %} and subject to change. +{% data reusables.organizations.custom-role-repo-perms-preview-note %} {% endif %} @@ -67,6 +67,16 @@ Organization permissions do not grant read, write, or administrator access to an | {% ifversion secret-scanning-alert-dismiss-custom-role %} | | Review and manage {% data variables.product.prodname_secret_scanning %} alert dismissal requests | Review and manage {% data variables.product.prodname_secret_scanning %} alert dismissal requests for your organization. | [AUTOTITLE](/code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/enabling-delegated-alert-dismissal-for-secret-scanning) | | {% endif %} | +| {% ifversion security-delegated-alert-dismissal %} | +| Bypass {% data variables.product.prodname_code_scanning %} alert dismissal requests | Bypass {% data variables.product.prodname_code_scanning %} alert dismissal requests for your organization. | [AUTOTITLE](/code-security/how-tos/manage-security-alerts/manage-code-scanning-alerts/enabling-delegated-alert-dismissal-for-code-scanning) | +| Review {% data variables.product.prodname_code_scanning %} alert dismissal requests | Review and manage {% data variables.product.prodname_code_scanning %} alert dismissal requests for your organization. | [AUTOTITLE](/code-security/how-tos/manage-security-alerts/manage-code-scanning-alerts/enabling-delegated-alert-dismissal-for-code-scanning) | +| View {% data variables.product.prodname_code_scanning %} alert dismissal requests | View {% data variables.product.prodname_code_scanning %} alert dismissal requests for your organization. | [AUTOTITLE](/code-security/how-tos/manage-security-alerts/manage-code-scanning-alerts/enabling-delegated-alert-dismissal-for-code-scanning) | +| {% endif %} | +| {% ifversion dependabot-delegated-alert-dismissal %} | +| Bypass {% data variables.product.prodname_dependabot %} alert dismissal requests | Bypass {% data variables.product.prodname_dependabot %} alert dismissal requests for your organization. | [AUTOTITLE](/code-security/how-tos/manage-security-alerts/manage-dependabot-alerts/enable-delegated-alert-dismissal) | +| Review {% data variables.product.prodname_dependabot %} alert dismissal requests | Review and manage {% data variables.product.prodname_dependabot %} alert dismissal requests for your organization. | [AUTOTITLE](/code-security/how-tos/manage-security-alerts/manage-dependabot-alerts/enable-delegated-alert-dismissal) | +| View {% data variables.product.prodname_dependabot %} alert dismissal requests | View {% data variables.product.prodname_dependabot %} alert dismissal requests for your organization. | [AUTOTITLE](/code-security/how-tos/manage-security-alerts/manage-dependabot-alerts/enable-delegated-alert-dismissal) | +| {% endif %} | | {% ifversion copilot %} | | View organization {% data variables.product.prodname_copilot_short %} metrics | View {% data variables.product.prodname_copilot_short %} usage metrics for your organization. | [AUTOTITLE](/copilot/concepts/copilot-metrics) | | {% endif %} | diff --git a/content/pages/getting-started-with-github-pages/github-pages-limits.md b/content/pages/getting-started-with-github-pages/github-pages-limits.md index a51b79c70f59..d56cd8320c2d 100644 --- a/content/pages/getting-started-with-github-pages/github-pages-limits.md +++ b/content/pages/getting-started-with-github-pages/github-pages-limits.md @@ -6,8 +6,6 @@ versions: fpt: '*' ghes: '*' ghec: '*' -topics: - - Pages category: - Set up a GitHub Pages site --- diff --git a/content/pages/getting-started-with-github-pages/what-is-github-pages.md b/content/pages/getting-started-with-github-pages/what-is-github-pages.md index 4011acc8e4a3..3976ab661898 100644 --- a/content/pages/getting-started-with-github-pages/what-is-github-pages.md +++ b/content/pages/getting-started-with-github-pages/what-is-github-pages.md @@ -17,8 +17,6 @@ versions: fpt: '*' ghes: '*' ghec: '*' -topics: - - Pages category: - Learn about GitHub Pages --- diff --git a/data/reusables/actions/configure-autoscaling-for-larger-runners.md b/data/reusables/actions/configure-autoscaling-for-larger-runners.md index 1ef96ee3232c..172d84eb43d1 100644 --- a/data/reusables/actions/configure-autoscaling-for-larger-runners.md +++ b/data/reusables/actions/configure-autoscaling-for-larger-runners.md @@ -1,2 +1,2 @@ -1. In the "Auto-scaling" section, under "Maximum Job Concurrency," enter the maximum number of jobs you would like to allow to run at the same time. +1. In the "Capacity" section, under "Maximum concurrency", enter the maximum number of jobs you would like to allow to run at the same time. 1. Click **Save**. diff --git a/data/reusables/organizations/additional-permissions.md b/data/reusables/organizations/additional-permissions.md index caa9d92d570a..f8dc1cbbf1a1 100644 --- a/data/reusables/organizations/additional-permissions.md +++ b/data/reusables/organizations/additional-permissions.md @@ -58,13 +58,13 @@ For more information, see [AUTOTITLE](/repositories/configuring-branches-and-mer ### Security -* View {% data variables.product.prodname_code_scanning %} results -* Dismiss or reopen {% data variables.product.prodname_code_scanning %} results -* Delete {% data variables.product.prodname_code_scanning %} results +* View {% data variables.product.prodname_code_scanning %} alerts +* Dismiss or reopen {% data variables.product.prodname_code_scanning %} alerts +* Delete {% data variables.product.prodname_code_scanning %} alerts * View {% data variables.product.prodname_dependabot_alerts %} * Dismiss or reopen {% data variables.product.prodname_dependabot_alerts %} -* View {% data variables.product.prodname_secret_scanning %} results -* Dismiss or reopen {% data variables.product.prodname_secret_scanning %} results +* View {% data variables.product.prodname_secret_scanning %} alerts +* Dismiss, reopen, or assign {% data variables.product.prodname_secret_scanning %} alerts {%- ifversion ghec %} ### Actions diff --git a/data/reusables/organizations/custom-role-repo-perms-preview-note.md b/data/reusables/organizations/custom-role-repo-perms-preview-note.md new file mode 100644 index 000000000000..ab9d3ab18e9f --- /dev/null +++ b/data/reusables/organizations/custom-role-repo-perms-preview-note.md @@ -0,0 +1,2 @@ +> [!NOTE] +> Adding repository permissions to a custom organization role is currently in {% data variables.release-phases.public_preview %} and subject to change. diff --git a/data/reusables/security/delegated-alert-dismissal-capacity.md b/data/reusables/security/delegated-alert-dismissal-capacity.md new file mode 100644 index 000000000000..26ee0bc81776 --- /dev/null +++ b/data/reusables/security/delegated-alert-dismissal-capacity.md @@ -0,0 +1,2 @@ +> [!NOTE] +> The implementation of this approval process can potentially cause some friction, so it's important to ensure that the team of security managers has adequate coverage to review dismissal requests regularly before proceeding. diff --git a/data/tables/copilot/model-comparison.yml b/data/tables/copilot/model-comparison.yml index 842cc3ebb2a6..f982631d00cd 100644 --- a/data/tables/copilot/model-comparison.yml +++ b/data/tables/copilot/model-comparison.yml @@ -47,6 +47,16 @@ excels_at: Agentic tasks further_reading: '[GPT-5.2-Codex model card](https://cdn.openai.com/pdf/ac7c37ae-7f4c-4442-b741-2eabdeaf77e0/oai_5_2_Codex.pdf)' +- name: GPT-5.3-Codex + task_area: Agentic software development + excels_at: Agentic tasks + further_reading: '[GPT-5.3-Codex model card](https://deploymentsafety.openai.com/gpt-5-3-codex)' + +- name: GPT-5.4 + task_area: Deep reasoning and debugging + excels_at: Multi-step problem solving and architecture-level code analysis + further_reading: 'Not available' + # Anthropic - name: Claude Haiku 4.5 task_area: Fast help with simple or repetitive tasks @@ -78,6 +88,11 @@ excels_at: Complex problem-solving challenges, sophisticated reasoning further_reading: '[Claude Sonnet 4.5 model card](https://assets.anthropic.com/m/12f214efcc2f457a/original/Claude-Sonnet-4-5-System-Card.pdf)' +- name: Claude Sonnet 4.6 + task_area: General-purpose coding and agent tasks + excels_at: Complex problem-solving challenges, sophisticated reasoning + further_reading: '[Claude Sonnet 4.6 model card](https://www-cdn.anthropic.com/78073f739564e986ff3e28522761a7a0b4484f84.pdf)' + # Google - name: Gemini 2.5 Pro task_area: Deep reasoning and debugging diff --git a/data/tables/copilot/model-multipliers.yml b/data/tables/copilot/model-multipliers.yml index 69ae0375076d..77fbd5312028 100644 --- a/data/tables/copilot/model-multipliers.yml +++ b/data/tables/copilot/model-multipliers.yml @@ -93,6 +93,10 @@ multiplier_paid: 1.0 multiplier_free: Not applicable +- name: GPT-5.4 + multiplier_paid: 1.0 + multiplier_free: Not applicable + - name: Grok Code Fast 1 multiplier_paid: 0.25 multiplier_free: 1 diff --git a/data/tables/copilot/model-release-status.yml b/data/tables/copilot/model-release-status.yml index 457bea7da01f..f72f4e6e8e79 100644 --- a/data/tables/copilot/model-release-status.yml +++ b/data/tables/copilot/model-release-status.yml @@ -81,6 +81,13 @@ ask_mode: true edit_mode: true +- name: 'GPT-5.4' + provider: 'OpenAI' + release_status: 'GA' + agent_mode: true + ask_mode: true + edit_mode: true + # Anthropic models - name: 'Claude Haiku 4.5' provider: 'Anthropic' diff --git a/data/tables/copilot/model-supported-clients.yml b/data/tables/copilot/model-supported-clients.yml index 9ab59c52fd1a..422ab158b9a1 100644 --- a/data/tables/copilot/model-supported-clients.yml +++ b/data/tables/copilot/model-supported-clients.yml @@ -173,6 +173,14 @@ xcode: true jetbrains: true +- name: GPT-5.4 + dotcom: true + vscode: true + vs: true + eclipse: true + xcode: true + jetbrains: true + - name: Grok Code Fast 1 dotcom: true vscode: true diff --git a/data/tables/copilot/model-supported-plans.yml b/data/tables/copilot/model-supported-plans.yml index 88f9f05abb42..8b6fbc8cba85 100644 --- a/data/tables/copilot/model-supported-plans.yml +++ b/data/tables/copilot/model-supported-plans.yml @@ -152,6 +152,13 @@ business: true enterprise: true +- name: GPT-5.4 + free: false + pro: true + pro_plus: true + business: true + enterprise: true + - name: Grok Code Fast 1 free: true pro: true diff --git a/data/variables/copilot.yml b/data/variables/copilot.yml index 52f35216bcf6..553f88e62884 100644 --- a/data/variables/copilot.yml +++ b/data/variables/copilot.yml @@ -173,6 +173,7 @@ copilot_gpt_51_codex_max: 'GPT-5.1-Codex-Max' copilot_gpt_52: 'GPT-5.2' copilot_gpt_52_codex: 'GPT-5.2-Codex' copilot_gpt_53_codex: 'GPT-5.3-Codex' +copilot_gpt_54: 'GPT-5.4' # OpenAI 'o' series: copilot_o3: 'o3' copilot_o4_mini: 'o4-mini' diff --git a/src/secret-scanning/data/pattern-docs/fpt/public-docs.yml b/src/secret-scanning/data/pattern-docs/fpt/public-docs.yml index 9722847ff517..6f52f9c4f55b 100644 --- a/src/secret-scanning/data/pattern-docs/fpt/public-docs.yml +++ b/src/secret-scanning/data/pattern-docs/fpt/public-docs.yml @@ -3272,7 +3272,7 @@ isPublic: true isPrivateWithGhas: true hasPushProtection: true - hasValidityCheck: false + hasValidityCheck: true hasExtendedMetadata: false base64Supported: false isduplicate: true diff --git a/src/secret-scanning/data/pattern-docs/ghec/public-docs.yml b/src/secret-scanning/data/pattern-docs/ghec/public-docs.yml index 9722847ff517..6f52f9c4f55b 100644 --- a/src/secret-scanning/data/pattern-docs/ghec/public-docs.yml +++ b/src/secret-scanning/data/pattern-docs/ghec/public-docs.yml @@ -3272,7 +3272,7 @@ isPublic: true isPrivateWithGhas: true hasPushProtection: true - hasValidityCheck: false + hasValidityCheck: true hasExtendedMetadata: false base64Supported: false isduplicate: true