From ac2cf0fe711ff4d50424c79cafd04a13db85fa16 Mon Sep 17 00:00:00 2001 From: Rachael Rose Renk <91027132+rachaelrenk@users.noreply.github.com> Date: Tue, 1 Apr 2025 09:22:32 -0600 Subject: [PATCH 1/8] Correct versioning for onboarding landing page (#55092) --- .../getting-started-with-your-enterprise/index.md | 1 - content/enterprise-onboarding/index.md | 1 - 2 files changed, 2 deletions(-) diff --git a/content/enterprise-onboarding/getting-started-with-your-enterprise/index.md b/content/enterprise-onboarding/getting-started-with-your-enterprise/index.md index 7b6637c6abc6..87500f05ef0c 100644 --- a/content/enterprise-onboarding/getting-started-with-your-enterprise/index.md +++ b/content/enterprise-onboarding/getting-started-with-your-enterprise/index.md @@ -4,7 +4,6 @@ title: Getting started with your enterprise intro: 'Learn how to start a trial of {% data variables.product.prodname_enterprise %}, and about enterprise billing and migrations.' versions: ghec: '*' - ghes: '*' topics: - Accounts - Enterprise diff --git a/content/enterprise-onboarding/index.md b/content/enterprise-onboarding/index.md index 3d6bc985f23d..2a361c4029c1 100644 --- a/content/enterprise-onboarding/index.md +++ b/content/enterprise-onboarding/index.md @@ -15,7 +15,6 @@ featuredLinks: layout: product-landing versions: ghec: '*' - ghes: '*' topics: - Administrator - Enterprise From e552c6d5745d9147a10219debec5fac5687a280b Mon Sep 17 00:00:00 2001 From: docs-bot <77750099+docs-bot@users.noreply.github.com> Date: Tue, 1 Apr 2025 09:32:33 -0700 Subject: [PATCH 2/8] Delete orphaned features (2025-04-01-15-13) (#55093) Co-authored-by: Felicity Chapman --- data/features/re-run-jobs.yml | 6 ------ data/features/read-audit-scope.yml | 5 ----- data/features/releases-set-latest-release.yml | 6 ------ data/features/rename-and-transfer-repository.yml | 6 ------ data/features/replication-management-api.yml | 5 ----- data/features/repositories-forks-page-improvement.yml | 6 ------ data/features/repository-activity-view.yml | 6 ------ data/features/require-tls-for-smtp.yml | 4 ---- data/features/required-deployments.yml | 6 ------ data/features/required-workflows.yml | 6 ------ data/features/rest-permissions-header.yml | 5 ----- data/features/restrict-groups-to-workflows.yml | 5 ----- data/features/restrict-pushes-create-branch.yml | 6 ------ data/features/restricted-permissions-oidc.yml | 6 ------ data/features/scim-for-ghes.yml | 4 ---- .../secret-scanning-backfills-historical-issues.yml | 6 ------ data/features/secret-scanning-custom-link-on-block.yml | 7 ------- data/features/secret-scanning-enterprise-level-api.yml | 5 ----- data/features/secret-scanning-enterprise-level.yml | 5 ----- data/features/secret-scanning-issue-body-comments.yml | 6 ------ data/features/secret-scanning-notification-settings.yml | 6 ------ data/features/secret-scanning-push-protection-email.yml | 6 ------ data/features/secret-scanning-validity-check-audit-log.yml | 6 ------ data/features/security-advisories-ghes.yml | 3 --- data/features/security-advisories-rest-api.yml | 6 ------ 25 files changed, 138 deletions(-) delete mode 100644 data/features/re-run-jobs.yml delete mode 100644 data/features/read-audit-scope.yml delete mode 100644 data/features/releases-set-latest-release.yml delete mode 100644 data/features/rename-and-transfer-repository.yml delete mode 100644 data/features/replication-management-api.yml delete mode 100644 data/features/repositories-forks-page-improvement.yml delete mode 100644 data/features/repository-activity-view.yml delete mode 100644 data/features/require-tls-for-smtp.yml delete mode 100644 data/features/required-deployments.yml delete mode 100644 data/features/required-workflows.yml delete mode 100644 data/features/rest-permissions-header.yml delete mode 100644 data/features/restrict-groups-to-workflows.yml delete mode 100644 data/features/restrict-pushes-create-branch.yml delete mode 100644 data/features/restricted-permissions-oidc.yml delete mode 100644 data/features/scim-for-ghes.yml delete mode 100644 data/features/secret-scanning-backfills-historical-issues.yml delete mode 100644 data/features/secret-scanning-custom-link-on-block.yml delete mode 100644 data/features/secret-scanning-enterprise-level-api.yml delete mode 100644 data/features/secret-scanning-enterprise-level.yml delete mode 100644 data/features/secret-scanning-issue-body-comments.yml delete mode 100644 data/features/secret-scanning-notification-settings.yml delete mode 100644 data/features/secret-scanning-push-protection-email.yml delete mode 100644 data/features/secret-scanning-validity-check-audit-log.yml delete mode 100644 data/features/security-advisories-ghes.yml delete mode 100644 data/features/security-advisories-rest-api.yml diff --git a/data/features/re-run-jobs.yml b/data/features/re-run-jobs.yml deleted file mode 100644 index 30aa1ffcf6b0..000000000000 --- a/data/features/re-run-jobs.yml +++ /dev/null @@ -1,6 +0,0 @@ -# Issue 4722 -# Re-running failed jobs in an Actions workflow -versions: - fpt: '*' - ghec: '*' - ghes: '>=3.5' diff --git a/data/features/read-audit-scope.yml b/data/features/read-audit-scope.yml deleted file mode 100644 index b9716e669254..000000000000 --- a/data/features/read-audit-scope.yml +++ /dev/null @@ -1,5 +0,0 @@ -# Issue 8432 -# read:audit_log scope -versions: - ghec: '*' - ghes: '>=3.8' diff --git a/data/features/releases-set-latest-release.yml b/data/features/releases-set-latest-release.yml deleted file mode 100644 index 7a2741afaeb5..000000000000 --- a/data/features/releases-set-latest-release.yml +++ /dev/null @@ -1,6 +0,0 @@ -# Reference: #8172. -# Documentation for explicitly declarable latest release. -versions: - fpt: '*' - ghec: '*' - ghes: '>=3.8' diff --git a/data/features/rename-and-transfer-repository.yml b/data/features/rename-and-transfer-repository.yml deleted file mode 100644 index f8f97160d57a..000000000000 --- a/data/features/rename-and-transfer-repository.yml +++ /dev/null @@ -1,6 +0,0 @@ -# Issue #8916 -# Rename repositories while transferring them -versions: - fpt: '*' - ghec: '*' - ghes: '>=3.9' diff --git a/data/features/replication-management-api.yml b/data/features/replication-management-api.yml deleted file mode 100644 index a5bfb6b337ec..000000000000 --- a/data/features/replication-management-api.yml +++ /dev/null @@ -1,5 +0,0 @@ -# Replication management API for GHES. -# Reference: #9931 - -versions: - ghes: '> 3.8' diff --git a/data/features/repositories-forks-page-improvement.yml b/data/features/repositories-forks-page-improvement.yml deleted file mode 100644 index a4d740d5c68f..000000000000 --- a/data/features/repositories-forks-page-improvement.yml +++ /dev/null @@ -1,6 +0,0 @@ -# Reference: Issue #8558 - Make the forks page of a repository more useful - -versions: - fpt: '*' - ghec: '*' - ghes: '>= 3.9' diff --git a/data/features/repository-activity-view.yml b/data/features/repository-activity-view.yml deleted file mode 100644 index 90a936416f69..000000000000 --- a/data/features/repository-activity-view.yml +++ /dev/null @@ -1,6 +0,0 @@ -# Reference: Issue #8651 - Repository Activity View - -versions: - fpt: '*' - ghec: '*' - ghes: '>= 3.11' diff --git a/data/features/require-tls-for-smtp.yml b/data/features/require-tls-for-smtp.yml deleted file mode 100644 index 4f9de7ca769c..000000000000 --- a/data/features/require-tls-for-smtp.yml +++ /dev/null @@ -1,4 +0,0 @@ -# Reference 7394 -# Documentation for the option to enforce TLS encryption for incoming SMTP connections -versions: - ghes: '>=3.6' diff --git a/data/features/required-deployments.yml b/data/features/required-deployments.yml deleted file mode 100644 index 358dca6ccdba..000000000000 --- a/data/features/required-deployments.yml +++ /dev/null @@ -1,6 +0,0 @@ -# Issue 6384 -# Required deployments branch protection rule -versions: - fpt: '*' - ghec: '*' - ghes: '>=3.5' diff --git a/data/features/required-workflows.yml b/data/features/required-workflows.yml deleted file mode 100644 index 4fc2047fd71e..000000000000 --- a/data/features/required-workflows.yml +++ /dev/null @@ -1,6 +0,0 @@ -# Issue 8526 -# Required workflows -versions: - fpt: '*' - ghec: '*' - ghes: '>=3.8' diff --git a/data/features/rest-permissions-header.yml b/data/features/rest-permissions-header.yml deleted file mode 100644 index f175c008da36..000000000000 --- a/data/features/rest-permissions-header.yml +++ /dev/null @@ -1,5 +0,0 @@ -# Issue 11209 -versions: - fpt: '*' - ghec: '*' - ghes: '>=3.11' diff --git a/data/features/restrict-groups-to-workflows.yml b/data/features/restrict-groups-to-workflows.yml deleted file mode 100644 index fb6251221df9..000000000000 --- a/data/features/restrict-groups-to-workflows.yml +++ /dev/null @@ -1,5 +0,0 @@ -# Issue 6137 -# Restrict self-hosted runner groups to specific workflows -versions: - ghec: '*' - ghes: '>=3.5' diff --git a/data/features/restrict-pushes-create-branch.yml b/data/features/restrict-pushes-create-branch.yml deleted file mode 100644 index bfdc7e9cfba0..000000000000 --- a/data/features/restrict-pushes-create-branch.yml +++ /dev/null @@ -1,6 +0,0 @@ -# Issue 6045 -# Restrict pushes that create matching branches option, within branch restrictions -versions: - fpt: '*' - ghec: '*' - ghes: '>=3.7' diff --git a/data/features/restricted-permissions-oidc.yml b/data/features/restricted-permissions-oidc.yml deleted file mode 100644 index bdb565772cc5..000000000000 --- a/data/features/restricted-permissions-oidc.yml +++ /dev/null @@ -1,6 +0,0 @@ -# Issue 10918 -# Stricter permissions for securely enabling OpenID Connect (OIDC) in a reusable workflows -versions: - fpt: '*' - ghec: '*' - ghes: '>=3.10' diff --git a/data/features/scim-for-ghes.yml b/data/features/scim-for-ghes.yml deleted file mode 100644 index 77e211c2c9b1..000000000000 --- a/data/features/scim-for-ghes.yml +++ /dev/null @@ -1,4 +0,0 @@ -# Issue #7791: SCIM for GitHub Enterprise Server - -versions: - ghes: '>=3.7' diff --git a/data/features/secret-scanning-backfills-historical-issues.yml b/data/features/secret-scanning-backfills-historical-issues.yml deleted file mode 100644 index f44aa944e151..000000000000 --- a/data/features/secret-scanning-backfills-historical-issues.yml +++ /dev/null @@ -1,6 +0,0 @@ -# Reference: #9139. -# Documentation for secret scanning detects secrets in historical issues content. -versions: - fpt: '*' - ghec: '*' - ghes: '>=3.11' diff --git a/data/features/secret-scanning-custom-link-on-block.yml b/data/features/secret-scanning-custom-link-on-block.yml deleted file mode 100644 index 193e5e0c3630..000000000000 --- a/data/features/secret-scanning-custom-link-on-block.yml +++ /dev/null @@ -1,7 +0,0 @@ -# Reference: #8384. -# Documentation for secret scanning: on block. -# Ref 17108 Advanced Security available to Team plans -versions: - fpt: '*' - ghec: '*' - ghes: '>=3.8' diff --git a/data/features/secret-scanning-enterprise-level-api.yml b/data/features/secret-scanning-enterprise-level-api.yml deleted file mode 100644 index 6bb159d563c7..000000000000 --- a/data/features/secret-scanning-enterprise-level-api.yml +++ /dev/null @@ -1,5 +0,0 @@ -# Reference: #7526. -# Secret scanning: Enable at Enterprise level with REST API -versions: - ghec: '*' - ghes: '>=3.8' diff --git a/data/features/secret-scanning-enterprise-level.yml b/data/features/secret-scanning-enterprise-level.yml deleted file mode 100644 index d5ed29691322..000000000000 --- a/data/features/secret-scanning-enterprise-level.yml +++ /dev/null @@ -1,5 +0,0 @@ -# Reference: #7526. -# Secret scanning: Enable at Enterprise level -versions: - ghec: '*' - ghes: '>=3.7' diff --git a/data/features/secret-scanning-issue-body-comments.yml b/data/features/secret-scanning-issue-body-comments.yml deleted file mode 100644 index b3ecd796a335..000000000000 --- a/data/features/secret-scanning-issue-body-comments.yml +++ /dev/null @@ -1,6 +0,0 @@ -# Reference: #8385. -# Secret scanning: Scan Issues body and comments -versions: - fpt: '*' - ghec: '*' - ghes: '>=3.11' diff --git a/data/features/secret-scanning-notification-settings.yml b/data/features/secret-scanning-notification-settings.yml deleted file mode 100644 index 67f94852e4b5..000000000000 --- a/data/features/secret-scanning-notification-settings.yml +++ /dev/null @@ -1,6 +0,0 @@ -# Reference: #9138. -# Documentation for secret scanning: users can choose how they receive notifications in their notification settings. -versions: - fpt: '*' - ghec: '*' - ghes: '>= 3.9' diff --git a/data/features/secret-scanning-push-protection-email.yml b/data/features/secret-scanning-push-protection-email.yml deleted file mode 100644 index 0642bccdfa88..000000000000 --- a/data/features/secret-scanning-push-protection-email.yml +++ /dev/null @@ -1,6 +0,0 @@ -# Reference: #7511. -# When developers bypass a block by push protection for a detected secret, administrators will receive an email notification of that bypass. -versions: - fpt: '*' - ghec: '*' - ghes: '>=3.7' diff --git a/data/features/secret-scanning-validity-check-audit-log.yml b/data/features/secret-scanning-validity-check-audit-log.yml deleted file mode 100644 index 1845e7180965..000000000000 --- a/data/features/secret-scanning-validity-check-audit-log.yml +++ /dev/null @@ -1,6 +0,0 @@ -# Reference: #10734 -# Secret scanning: validity check audit log events -versions: - fpt: '*' - ghec: '*' - ghes: '> 3.11' diff --git a/data/features/security-advisories-ghes.yml b/data/features/security-advisories-ghes.yml deleted file mode 100644 index 5e11cfbcd4a5..000000000000 --- a/data/features/security-advisories-ghes.yml +++ /dev/null @@ -1,3 +0,0 @@ -# Reference: Issue #6982 Community Contributions to Security Advisories - Enterprise 3.6 -versions: - ghes: '>=3.6' diff --git a/data/features/security-advisories-rest-api.yml b/data/features/security-advisories-rest-api.yml deleted file mode 100644 index e20792c6b347..000000000000 --- a/data/features/security-advisories-rest-api.yml +++ /dev/null @@ -1,6 +0,0 @@ -# Reference: #10167. -# Documentation for Global security advisories REST API. -versions: - fpt: '*' - ghec: '*' - ghes: '>= 3.11' From 9536a3b3aaf51f145744701d297a1d9432271556 Mon Sep 17 00:00:00 2001 From: Roniece Ricardo <33437850+RonRicardo@users.noreply.github.com> Date: Tue, 1 Apr 2025 13:33:49 -0400 Subject: [PATCH 3/8] Revert "Bump github/gh-base-image/gh-base-noble from 20250319-193531-g83d4e6244 to 20250328-000607-gf66d47491 in the baseimages group" (#55101) --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index c7e17333cf74..91ae75e8bab0 100644 --- a/Dockerfile +++ b/Dockerfile @@ -8,7 +8,7 @@ # --------------------------------------------------------------- # To update the sha: # https://github.com/github/gh-base-image/pkgs/container/gh-base-image%2Fgh-base-noble -FROM ghcr.io/github/gh-base-image/gh-base-noble:20250328-000607-gf66d47491 AS base +FROM ghcr.io/github/gh-base-image/gh-base-noble:20250319-193531-g83d4e6244 AS base # Install curl for Node install and determining the early access branch # Install git for cloning docs-early-access & translations repos From 5972196fb998505851219c3e2bf298d02ed74d2a Mon Sep 17 00:00:00 2001 From: Evan Bonsignori Date: Tue, 1 Apr 2025 10:25:58 -0700 Subject: [PATCH 4/8] add back button to ask AI search state (#55072) --- data/ui.yml | 1 + src/fixtures/fixtures/data/ui.yml | 1 + src/search/components/input/SearchOverlay.tsx | 25 +++++++++++++++++++ 3 files changed, 27 insertions(+) diff --git a/data/ui.yml b/data/ui.yml index dcbdd185d734..49c34644dbdb 100644 --- a/data/ui.yml +++ b/data/ui.yml @@ -55,6 +55,7 @@ search: thumbs_up: This answer was helpful thumbs_down: This answer was not helpful thumbs_announcement: Thank you for your feedback! + back_to_search: Back to search failure: general_title: There was an error loading search results. ai_title: There was an error loading Copilot. diff --git a/src/fixtures/fixtures/data/ui.yml b/src/fixtures/fixtures/data/ui.yml index dcbdd185d734..49c34644dbdb 100644 --- a/src/fixtures/fixtures/data/ui.yml +++ b/src/fixtures/fixtures/data/ui.yml @@ -55,6 +55,7 @@ search: thumbs_up: This answer was helpful thumbs_down: This answer was not helpful thumbs_announcement: Thank you for your feedback! + back_to_search: Back to search failure: general_title: There was an error loading search results. ai_title: There was an error loading Copilot. diff --git a/src/search/components/input/SearchOverlay.tsx b/src/search/components/input/SearchOverlay.tsx index 1300c2759868..44713753091f 100644 --- a/src/search/components/input/SearchOverlay.tsx +++ b/src/search/components/input/SearchOverlay.tsx @@ -5,6 +5,7 @@ import { ActionList, Box, Header, + IconButton, Link, Overlay, Spinner, @@ -20,6 +21,7 @@ import { CopilotIcon, FileIcon, ArrowRightIcon, + ArrowLeftIcon, } from '@primer/octicons-react' import { useTranslation } from 'src/languages/components/useTranslation' @@ -483,6 +485,15 @@ export function SearchOverlay({ } } + const onBackButton = () => { + // Leave the Ask AI state when the user clicks the back button + setSelectedIndex(-1) + updateParams({ + 'search-overlay-ask-ai': '', + 'search-overlay-input': urlSearchInputQuery, + }) + } + // We render the AI Result in the searchGroups call, so we pass the props down via an object // TODO: Move stateful logic to Context since we now have so many props: const askAIState = { @@ -626,6 +637,20 @@ export function SearchOverlay({ ref={overlayRef} >
+ + + Date: Tue, 1 Apr 2025 18:35:19 +0100 Subject: [PATCH 5/8] Update terms for Additional Products and Features to mention new GHAS products and availability to GitHub Team (#54729) Co-authored-by: Jesse Geraci <6133249+jessephus@users.noreply.github.com> --- ...hub-terms-for-additional-products-and-features.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/content/site-policy/github-terms/github-terms-for-additional-products-and-features.md b/content/site-policy/github-terms/github-terms-for-additional-products-and-features.md index 6ad07a563607..d809044e3d47 100644 --- a/content/site-policy/github-terms/github-terms-for-additional-products-and-features.md +++ b/content/site-policy/github-terms/github-terms-for-additional-products-and-features.md @@ -14,16 +14,16 @@ topics: - Legal --- -Version Effective Date: December 18, 2024 +Version Effective Date: April 1, 2025 When you use GitHub, you may be given access to lots of additional products and features ("Additional Products and Features"). Because many of the Additional Products and Features offer different functionality, your Agreement with us (the "Agreement") includes the specific terms for that product or feature combined with your main agreement — the GitHub Terms of Service or GitHub Customer Agreement, or the GitHub Corporate Terms of Service or other legacy GitHub contract, or a Microsoft volume licensing agreement. Below, we've listed those products and features, along with the corresponding additional terms that apply to your use of them. By using the Additional Products and Features, you also agree to the applicable GitHub Terms for Additional Products and Features listed below. A violation of these GitHub Terms for Additional Products and Features is a violation of the Agreement. Capitalized terms not defined here have the meaning given in the Agreement. **For Enterprise users** -* **GitHub Enterprise Cloud** users may have access to the following Additional Products and Features: Actions, Advanced Security, Advisory Database, Codespaces, Dependabot Preview, GitHub Enterprise Importer, Packages, and Pages. +* **GitHub Enterprise Cloud** users may have access to the following Additional Products and Features: Actions, Advanced Security (including Code Security and Secret Protection), Advisory Database, Codespaces, Dependabot, GitHub Enterprise Importer, Packages, and Pages. -* **GitHub Enterprise Server** users may have access to the following Additional Products and Features: Actions, Advanced Security, Advisory Database, Connect, Dependabot Preview, GitHub Enterprise Importer, Packages, Pages, and SQL Server Images. +* **GitHub Enterprise Server** users may have access to the following Additional Products and Features: Actions, Advanced Security (including Code Security and Secret Protection), Advisory Database, Connect, Dependabot, GitHub Enterprise Importer, Packages, Pages, and SQL Server Images. ## Actions @@ -56,11 +56,11 @@ If you use self-hosted runners, you have the ability to turn off automatic updat ## Advanced Security -GitHub makes extra security features available to customers under an Advanced Security license. These features include code scanning, secret scanning, and dependency review. The [Advanced Security documentation](/get-started/learning-about-github/about-github-advanced-security) provides more details. +GitHub makes extra security features available to customers under Advanced Security licenses. From April 1, 2025, features that were previously only available under a single GitHub Advanced Security license will be alternatively available under two separate licenses: GitHub Code Security (code scanning and dependency scanning features) and GitHub Secret Protection (secret scanning features). The [Advanced Security documentation](/get-started/learning-about-github/about-github-advanced-security) provides more details. -Advanced Security is licensed on a "Unique Committer" basis. A "Unique Committer" is a licensed user of GitHub Enterprise, GitHub Enterprise Cloud, or GitHub Enterprise Server, who has made a commit in the last 90 days to any repository with any GitHub Advanced Security functionality activated. You must acquire a GitHub Advanced Security User license for each of your Unique Committers. You may only use GitHub Advanced Security on codebases that are developed by or for you. For GitHub Enterprise Cloud users, some Advanced Security features also require the use of GitHub Actions. +Advanced Security features are licensed on a "Unique Committer" basis. A "Unique Committer" is a licensed user of GitHub Team, GitHub Enterprise, GitHub Enterprise Cloud, or GitHub Enterprise Server, who has made a commit in the last 90 days to any repository with any GitHub Advanced Security functionality activated. You must acquire an appropriate GitHub Advanced Security User license for each of your Unique Committers. You may only use GitHub Advanced Security features on codebases that are developed by or for you. For GitHub Team and GitHub Enterprise Cloud users, some Advanced Security features may also require the use of GitHub Actions. -For secret scanning with GitHub Advanced Security, when you opt-in to automatic validity checks for partner patterns, exposed third-party tokens may be shared with the relevant partner, in order to provide you with more information about the validity of the token. Not all partners are based in the United States. The [Secret scanning patterns documentation](/enterprise-cloud@latest/code-security/secret-scanning/introduction/supported-secret-scanning-patterns) provides more details on which partners support the validity check. +For secret scanning with GitHub Advanced Security or GitHub Secret Protection, when you opt-in to automatic validity checks for partner patterns, exposed third-party tokens may be shared with the relevant partner, in order to provide you with more information about the validity of the token. Not all partners are based in the United States. The [Secret scanning patterns documentation](/enterprise-cloud@latest/code-security/secret-scanning/introduction/supported-secret-scanning-patterns) provides more details on which partners support the validity check. ## Advisory Database From fedbe3dd359ca4b9b49b5a0a804cbe805bfdac3e Mon Sep 17 00:00:00 2001 From: docs-bot <77750099+docs-bot@users.noreply.github.com> Date: Tue, 1 Apr 2025 10:57:17 -0700 Subject: [PATCH 6/8] Sync secret scanning data (#55096) Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com> --- src/secret-scanning/data/public-docs.yml | 59 ++++++++++++++---------- src/secret-scanning/lib/config.json | 4 +- 2 files changed, 37 insertions(+), 26 deletions(-) diff --git a/src/secret-scanning/data/public-docs.yml b/src/secret-scanning/data/public-docs.yml index a578cd847886..bf47bc019623 100644 --- a/src/secret-scanning/data/public-docs.yml +++ b/src/secret-scanning/data/public-docs.yml @@ -720,6 +720,30 @@ hasPushProtection: true hasValidityCheck: false isduplicate: false +- provider: Brevo + supportedSecret: Sendinblue API Key + secretType: sendinblue_api_key + versions: + fpt: '*' + ghec: '*' + ghes: '>=3.5' + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + isduplicate: false +- provider: Brevo + supportedSecret: Sendinblue SMTP Key + secretType: sendinblue_smtp_key + versions: + fpt: '*' + ghec: '*' + ghes: '>=3.5' + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + isduplicate: false - provider: Canadian Digital Service supportedSecret: Canadian Digital Service Notify API Key secretType: cds_canada_notify_api_key @@ -2793,6 +2817,17 @@ hasPushProtection: true hasValidityCheck: false isduplicate: false +- provider: Pangea + supportedSecret: Pangea Token + secretType: pangea_token + versions: + fpt: '*' + ghec: '*' + isPublic: false + isPrivateWithGhas: true + hasPushProtection: false + hasValidityCheck: false + isduplicate: false - provider: Persona Identities supportedSecret: Persona Production Api Key secretType: persona_production_api_key @@ -3273,30 +3308,6 @@ hasPushProtection: true hasValidityCheck: '{% ifversion fpt or ghes %}false{% else %}true{% endif %}' isduplicate: false -- provider: Sendinblue - supportedSecret: Sendinblue API Key - secretType: sendinblue_api_key - versions: - fpt: '*' - ghec: '*' - ghes: '>=3.5' - isPublic: true - isPrivateWithGhas: true - hasPushProtection: true - hasValidityCheck: false - isduplicate: false -- provider: Sendinblue - supportedSecret: Sendinblue SMTP Key - secretType: sendinblue_smtp_key - versions: - fpt: '*' - ghec: '*' - ghes: '>=3.5' - isPublic: true - isPrivateWithGhas: true - hasPushProtection: true - hasValidityCheck: false - isduplicate: false - provider: Sentry supportedSecret: Sentry Integration Token secretType: sentry_integration_token diff --git a/src/secret-scanning/lib/config.json b/src/secret-scanning/lib/config.json index fbffb55be679..eabd49aaee4c 100644 --- a/src/secret-scanning/lib/config.json +++ b/src/secret-scanning/lib/config.json @@ -1,5 +1,5 @@ { - "sha": "07761079d909a12807304bab07cb03cf8506bc91", - "blob-sha": "5a68beab53f085fdc5cef716920f22ce9618c947", + "sha": "8ac939d1d6cc631a764024efd9638e2d366fd5a4", + "blob-sha": "dcd2a16b74621ad62f7af0775535331ee3f62dbd", "targetFilename": "code-security/secret-scanning/introduction/supported-secret-scanning-patterns" } \ No newline at end of file From 42fbbad1e75e1f68e7afcc9c61a8c699fc3a849f Mon Sep 17 00:00:00 2001 From: mc <42146119+mchammer01@users.noreply.github.com> Date: Tue, 1 Apr 2025 19:04:19 +0100 Subject: [PATCH 7/8] A couple of fixes for the GHAS unbundling and secret risk assesment work - fast follow (#55083) --- .../security-overview/assessing-code-security-risk.md | 6 ++++-- .../filtering-alerts-in-security-overview.md | 2 ++ 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/content/code-security/security-overview/assessing-code-security-risk.md b/content/code-security/security-overview/assessing-code-security-risk.md index 35f54e930ceb..30cb2cced360 100644 --- a/content/code-security/security-overview/assessing-code-security-risk.md +++ b/content/code-security/security-overview/assessing-code-security-risk.md @@ -26,14 +26,16 @@ redirect_from: You can use the different views on your **Security** tab to explore the security risks in your code. * **Overview:** use to explore trends in **Detection**, **Remediation**, and **Prevention** of security alerts. -* **Risk:** use to explore the current state of repositories, across all alert types. +* **Risk:** use to explore the current state of repositories, across all alert types.{% ifversion secret-risk-assessment %} +* **Assessments:** use to explore the current state of repositories, for secret leaks specifically{% endif %} * **Alerts views:** use to explore {% data variables.product.prodname_code_scanning %}, {% data variables.product.prodname_dependabot %}, or {% data variables.product.prodname_secret_scanning %} alerts in greater detail. These views provide you with the data and filters to: * Assess the landscape of security risk of code stored in all your repositories. * Identify the highest impact vulnerabilities to address. -* Monitor your progress in remediating potential vulnerabilities. {% ifversion security-overview-export-data %} +* Monitor your progress in remediating potential vulnerabilities.{% ifversion secret-risk-assessment %} +* Understand how your organization is affected by secret leaks and exposures.{% endif %}{% ifversion security-overview-export-data %} * Export your current selection of data for further analysis and reporting. {% endif %} {% ifversion security-overview-dashboard %} diff --git a/content/code-security/security-overview/filtering-alerts-in-security-overview.md b/content/code-security/security-overview/filtering-alerts-in-security-overview.md index 9202fda5e59b..7cb475ee3274 100644 --- a/content/code-security/security-overview/filtering-alerts-in-security-overview.md +++ b/content/code-security/security-overview/filtering-alerts-in-security-overview.md @@ -121,7 +121,9 @@ In the "Risk" and "Coverage" views, you can show data only for repositories wher | Qualifier | Description | | -------- | -------- | +| {% ifversion ghes < 3.17 %} | | `advanced-security` | Display data for repositories where {% data variables.product.prodname_GHAS %} is enabled or not enabled. | +| {% endif %} | | `code-scanning-default-setup`| Display data for repositories where {% data variables.product.prodname_code_scanning %} is enabled or not enabled using {% data variables.product.prodname_codeql %} default setup. | | `code-scanning-pull-request-alerts`| Display data for repositories where {% data variables.product.prodname_code_scanning %} is enabled or not enabled to run on pull requests. | | `dependabot-security-updates` | Display data for repositories where {% data variables.product.prodname_dependabot_security_updates %} is enabled or not enabled. | From daaa0fe05cc7ae2d80a9d1c385a7d1feceab1c94 Mon Sep 17 00:00:00 2001 From: Aleah Dawson <44206063+aleah@users.noreply.github.com> Date: Tue, 1 Apr 2025 11:04:56 -0700 Subject: [PATCH 8/8] Update about-the-billing-cycle.md (#54920) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Sam Browning <106113886+sabrowning1@users.noreply.github.com> Co-authored-by: Holly 🦒 <104800384+holly-kassel@users.noreply.github.com> Co-authored-by: Sophie <29382425+sophietheking@users.noreply.github.com> --- .../about-the-billing-cycle.md | 55 ++++++++++++++++++- 1 file changed, 52 insertions(+), 3 deletions(-) diff --git a/content/billing/using-the-new-billing-platform/about-the-billing-cycle.md b/content/billing/using-the-new-billing-platform/about-the-billing-cycle.md index 2d76284e8006..70aa0217a0ff 100644 --- a/content/billing/using-the-new-billing-platform/about-the-billing-cycle.md +++ b/content/billing/using-the-new-billing-platform/about-the-billing-cycle.md @@ -16,8 +16,57 @@ product: '{% data reusables.billing.enhanced-billing-platform-product %}' > > To check if you are on the new billing platform, see [How do I know if I can access the new billing platform?](/billing/using-the-new-billing-platform/about-the-new-billing-platform-for-enterprises#how-do-i-know-if-i-can-access-the-enhanced-billing-platform). -If your {% data variables.enterprise.enterprise_or_org %} {% ifversion fpt %}or personal account{% endif %} uses the new billing platform, you have a fixed billing period for metered usage which runs from the first day of the month to the last day of the month. When the month ends, the usage is scheduled to be billed on your bill cycle day. Your bill cycle day {% ifversion fpt %}is the day you created your organization. For example, if you created the account{% elsif ghec %}is dictated by the moment you converted from a trial to a paid enterprise account. For example, if you converted{% endif %} on the fifteenth of the month, you will be billed on the fifteenth of each subsequent month. +Your billing experience depends on whether your products are metered, volume-based, or a combination of both. Some products, like {% data variables.product.prodname_enterprise %} and {% data variables.product.prodname_GHAS %}, can be either volume-based or metered, depending on when and how your account was created. -This applies to all products available through the new billing platform. +* **Metered**: Pay monthly for the number of licenses you use +* **Volume-based**: Traditional annual subscriptions with a fixed number of licenses -If you still use the previous billing platform, for more information about the billing cycle for your account, see [AUTOTITLE](/billing/using-the-billing-platform/changing-the-duration-of-your-billing-cycle). +## Billing cycles for metered products + +If your {% data variables.enterprise.enterprise_or_org %} {% ifversion fpt %}or personal account{% endif %} uses the new billing platform for **metered** products, you have a fixed **billing period** that runs from the first day of each month to the last day of the month. + +At the end of each month, your metered usage is calculated and scheduled to be billed on your **bill cycle day**. + +{% ifversion fpt %}For personal accounts and organizations, your bill cycle day is typically the day you started a paid plan (not necessarily when the account was created).{% elsif ghec %}Your bill cycle day is typically determined by when you converted from a trial to a paid enterprise account.{% endif %} For example, if you {% ifversion fpt %}started a paid plan{% elsif ghec %}converted from a trial{% endif %} on the 15th of a month, you will be billed on the 15th of each subsequent month. + +## Billing cycles for volume-based products + +Volume-based licenses may follow a different billing cycle, even if your account is on the new billing platform. These products are often billed based on the anniversary date of your subscription rather than by calendar month. + +## How mid-cycle changes affect your billing + +Mid-cycle changes to your account can affect your bill. + +### Changes to metered products + +Metered products (such as {% data variables.product.prodname_actions %} minutes, {% data variables.product.prodname_registry %} storage, or {% data variables.product.prodname_codespaces %} compute) are billed based on your actual usage throughout the month. For more information on how usage is calculated for a specific product, see [Where to find usage details for specific products](#where-to-find-usage-details-for-specific-products). + +### Changes to volume-based products + +Volume-based products are billed per user, seat, or resource. Changes to these mid-cycle won’t always immediately change your bill—but they may affect your next invoice. + +#### Adding users or resources + +* **Add users or licenses**: For license-based products like {% data variables.product.prodname_copilot_short %}, {% data variables.product.prodname_enterprise %}, or {% data variables.product.prodname_GHAS %}, you'll be billed a **prorated amount** based on how many days remain in the current billing cycle. +* **Add organizations or repositories**: These will also result in **prorated charges**, which appear on your next invoice. + +#### Removing users or resources + +* **Remove users or seats**: The user’s access is revoked immediately, but you'll still be billed for the **full billing cycle**. Removing a user won't reduce your current bill. +* **Remove organizations or repositories**: Charges **stop immediately** when removed, but you'll still be billed for any usage **up to that point**. + +#### Transferring users or resources + +* **Within the same billing account**: No double-billing. Moving users or resources between organizations under the same account is handled automatically. +* **Between different billing accounts**: Each account is billed according to its own cycle. You may see charges in both accounts if the move overlaps billing periods. + +## Where to find usage details for specific products + +Find product-specific guidance on how usage is calculated and billed. + +* [AUTOTITLE](/billing/managing-billing-for-your-products/managing-billing-for-github-actions/about-billing-for-github-actions) +* [AUTOTITLE](/billing/managing-billing-for-your-products/managing-billing-for-github-codespaces/about-billing-for-github-codespaces) +* [AUTOTITLE](/billing/managing-billing-for-your-products/managing-billing-for-github-packages/about-billing-for-github-packages) +* [AUTOTITLE](/billing/managing-billing-for-your-products/managing-billing-for-github-copilot/about-billing-for-github-copilot) +* [AUTOTITLE](/billing/managing-billing-for-your-products/managing-licenses-for-visual-studio-subscriptions-with-github-enterprise/about-visual-studio-subscriptions-with-github-enterprise#about-licenses-for-visual-studio-subscriptions-with-github-enterprise-cloud) +* [AUTOTITLE](/billing/managing-billing-for-your-products/managing-billing-for-git-large-file-storage/about-billing-for-git-large-file-storage)