github · docs-bot · Jan 13, 2026 · Jan 13, 2026 · Jan 13, 2026 · Jan 13, 2026
diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json
@@ -63,7 +63,7 @@
 
   // Lifecycle commands
   // Start a web server and keep it running
-  "postStartCommand": "nohup bash -c 'npm start &'",
+  "postStartCommand": "nohup bash -c 'npm ci && npm start &'",
   // Set port 4000 to be public
   "postAttachCommand": "gh cs ports visibility 4000:public -c \"$CODESPACE_NAME\"",
 

diff --git a/content/actions/how-tos/monitor-workflows/index.md b/content/actions/how-tos/monitor-workflows/index.md
@@ -11,6 +11,7 @@ children:
   - /view-job-execution-time
   - /add-a-status-badge
   - /use-workflow-run-logs
+  - /view-job-condition-logs
   - /enable-debug-logging
 redirect_from:
   - /actions/monitoring-and-troubleshooting-workflows/monitoring-workflows

diff --git a/content/actions/how-tos/monitor-workflows/view-job-condition-logs.md b/content/actions/how-tos/monitor-workflows/view-job-condition-logs.md
@@ -0,0 +1,40 @@
+---
+title: Viewing job condition expression logs
+shortTitle: View job condition logs
+intro: 'Learn how to access and interpret expression evaluation logs for job-level `if` conditions in {% data variables.product.prodname_actions %}.'
+versions:
+  fpt: '*'
+  ghec: '*'
+contentType: how-tos
+---
+
+When a job's `if` condition is evaluated, {% data variables.product.prodname_actions %} logs the expression evaluation to help you understand the result. This is useful for debugging both why a job was skipped and why a job ran when you expected it to be skipped.
+
+## Accessing expression logs
+
+1. Navigate to the workflow run summary.
+1. Click on the job.
+1. Click **{% octicon "gear" aria-label="The Gear icon" %}**.
+1. Select **Download log archive**.
+1. Extract the ZIP file and open the `JOB-NAME/system.txt` file.
+
+## Understanding the log output
+
+The system log shows the expression evaluation:
+
+```text
+Evaluating: (success() && ((github.repository == 'octo-org/octo-repo-prod')))
+Expanded: (true && (('my-username/octo-repo-prod' == 'octo-org/octo-repo-prod')))
+Result: false
+```
+
+| Line | Description |
+|------|-------------|
+| **Evaluating** | The original `if` expression from your workflow file. |
+| **Expanded** | The expression with context values substituted. This shows you exactly what values were used at runtime. |
+| **Result** | The final evaluation result (`true` or `false`). |
+
+In this example, the expanded line reveals that `github.repository` was `'my-username/octo-repo-prod'` (not `'octo-org/octo-repo-prod'`), which caused the condition to evaluate to `false`.
+
+> [!NOTE]
+> Expression logs are only available for job-level `if` conditions. For step-level conditions, you can enable debug logging to see expression evaluation in the job logs. For more information, see [AUTOTITLE](/actions/how-tos/monitor-workflows/enable-debug-logging).
diff --git a/content/actions/how-tos/troubleshoot-workflows.md b/content/actions/how-tos/troubleshoot-workflows.md
@@ -98,6 +98,23 @@ For path filtering, evaluating diffs is limited to the first 300 files. If there
 
 Workflow execution involves any issues seen after the workflow was triggered and a workflow run has been created.
 
+{% ifversion fpt or ghec %}
+
+### Debugging job conditions
+
+If a job was skipped unexpectedly, or ran when you expected it to be skipped, you can view the expression evaluation to understand why:
+
+1. Click on the job in the workflow run.
+1. Download the log archive from the job's menu.
+1. Open the `JOB-NAME/system.txt` file.
+1. Look for the `Evaluating`, `Expanded`, and `Result` lines.
+
+The `Expanded` line shows the actual runtime values that were substituted into your `if` condition, making it clear why the expression evaluated to `true` or `false`.
+
+For more information, see [AUTOTITLE](/actions/how-tos/monitor-workflows/view-job-condition-logs).
+
+{% endif %}
+
 ### Canceling Workflows
 
 If standard cancellation through the [UI](/actions/managing-workflow-runs-and-deployments/managing-workflow-runs/canceling-a-workflow) or [API](/rest/actions/workflow-runs?apiVersion=2022-11-28#cancel-a-workflow-run) does not process as expected, there may be a conditional statement configured for your running workflow job(s) that causes it to not cancel.

diff --git a/...w-tos/write-workflows/choose-when-workflows-run/control-jobs-with-conditions.md b/...w-tos/write-workflows/choose-when-workflows-run/control-jobs-with-conditions.md
@@ -37,3 +37,9 @@ Skipped jobs display the message "This check was skipped."
 
 > [!NOTE]
 > A job that is skipped will report its status as "Success". It will not prevent a pull request from merging, even if it is a required check.
+
+{% ifversion fpt or ghec %}
+
+To debug why a job was skipped or ran unexpectedly, you can view job condition expression logs. For more information, see [AUTOTITLE](/actions/how-tos/monitor-workflows/view-job-condition-logs).
+
+{% endif %}
diff --git a/...a-residency/feature-overview-for-github-enterprise-cloud-with-data-residency.md b/...a-residency/feature-overview-for-github-enterprise-cloud-with-data-residency.md
@@ -16,19 +16,27 @@ redirect_from:
 
 ## Currently unavailable features
 
-The following features are currently unavailable on {% data variables.enterprise.data_residency_site %}.
+The following features are currently unavailable on {% data variables.enterprise.data_residency_site %}, but may be planned for future development.
 
 | Feature | Details | More information |
 | :- | :- | :- |
-| {% data variables.product.prodname_copilot_short %} Metrics API | Currently unavailable | [AUTOTITLE](/rest/copilot/copilot-metrics) |
+| {% data variables.product.prodname_copilot_short %} Metrics API | Currently unavailable. | [AUTOTITLE](/rest/copilot/copilot-metrics) |
 | {% data variables.product.prodname_github_codespaces %} | Currently unavailable. | [AUTOTITLE](/codespaces/quickstart) |
-| {% data variables.product.prodname_importer %} (the "Import repository" button on {% data variables.product.prodname_dotcom_the_website %}) | Instead, the **{% data variables.product.prodname_importer_proper_name %}** is available to migrate data. See [AUTOTITLE](/migrations/using-github-enterprise-importer/understanding-github-enterprise-importer/about-github-enterprise-importer). | [AUTOTITLE](/migrations/importing-source-code/using-github-importer/about-github-importer) |
-| {% data variables.product.prodname_marketplace %} | Currently, apps from {% data variables.product.prodname_marketplace %} are unavailable. {% data variables.product.prodname_actions %} workflows from {% data variables.product.prodname_marketplace %} may not function as expected. For more information, see [{% data variables.product.prodname_actions %} workflows from {% data variables.product.prodname_marketplace %}](#github-actions-workflows-from-github-marketplace). | [AUTOTITLE](/search-github/searching-on-github/searching-github-marketplace)<br>[AUTOTITLE](/enterprise-server@latest/admin/configuration/configuring-github-connect/about-github-connect#github-connect-features) in the {% data variables.product.prodname_ghe_server %} documentation |
-| {% data variables.product.prodname_github_models %} |  Currently unavailable | [AUTOTITLE](/github-models/about-github-models) |
 | macOS runners for {% data variables.product.prodname_actions %} | Currently unavailable. | [AUTOTITLE](/actions/using-github-hosted-runners/about-github-hosted-runners/about-github-hosted-runners) |
 | Maven and Gradle support for {% data variables.product.prodname_registry %} | Currently unavailable. | [AUTOTITLE](/packages/working-with-a-github-packages-registry/working-with-the-apache-maven-registry) |
-| {% data variables.product.prodname_spark_short %} | Unavailable due to dependency on {% data variables.product.prodname_github_codespaces %} | [AUTOTITLE](/copilot/concepts/spark) |
-| Some features currently in {% data variables.release-phases.public_preview %} or {% data variables.release-phases.private_preview %} | Certain features that are in a preview phase on {% data variables.product.prodname_dotcom_the_website %} may not be available on {% data variables.enterprise.data_residency_site %} | |
+| {% data variables.product.prodname_spark_short %} | Currently unavailable. | [AUTOTITLE](/copilot/concepts/spark) |
+| {% data variables.product.prodname_marketplace %} | {% data variables.product.prodname_marketplace %}, as a means of searching for, purchasing, and directly installing apps and actions, is unavailable. Ecosystem apps and actions can still be discovered and installed from their source, but they may require modification to work on {% data variables.enterprise.data_residency_site %}. | [{% data variables.product.prodname_actions %} workflows from {% data variables.product.prodname_marketplace %}](#github-actions-workflows-from-github-marketplace) |
+| Certain features of {% data variables.product.prodname_github_connect %} | Although you can connect an enterprise on {% data variables.enterprise.data_residency_site %} to a {% data variables.product.prodname_ghe_server %} instance, certain features of {% data variables.product.prodname_github_connect %} are not available, including resolution of actions from {% data variables.product.prodname_dotcom_the_website %}. | [{% data variables.product.prodname_github_connect %}](#github-connect) |
+| Some features currently in {% data variables.release-phases.public_preview %} or {% data variables.release-phases.private_preview %} | Certain features that are in a preview phase on {% data variables.product.prodname_dotcom_the_website %} may not be available on {% data variables.enterprise.data_residency_site %} until GA. | |
+
+## Permanently unavailable features
+
+By design, the following features are permanently unavailable on {% data variables.enterprise.data_residency_site %}. This is generally because they are not intended for large enterprises with strict compliance requirements.
+
+| Feature | Details | More information |
+| :- | :- | :- |
+| Features unavailable with {% data variables.product.prodname_emus %} | Because {% data variables.product.prodname_emus %} is the only option for identity management on {% data variables.enterprise.data_residency_site %}, features that are unavailable with {% data variables.product.prodname_emus %} on {% data variables.product.prodname_dotcom_the_website %} are also unavailable on {% data variables.enterprise.data_residency_site %}. Notably, these include gists and public repositories. | [AUTOTITLE](/admin/managing-iam/understanding-iam-for-enterprises/abilities-and-restrictions-of-managed-user-accounts) |
+| {% data variables.product.prodname_importer %} (the "Import repository" button on {% data variables.product.prodname_dotcom_the_website %}) | Instead, the **{% data variables.product.prodname_importer_proper_name %}** is available to migrate data. See [AUTOTITLE](/migrations/using-github-enterprise-importer/understanding-github-enterprise-importer/about-github-enterprise-importer). | [AUTOTITLE](/migrations/importing-source-code/using-github-importer/about-github-importer) |
 
 ## Features that work differently
 

diff --git a/...on/keeping-your-account-and-data-secure/managing-your-personal-access-tokens.md b/...on/keeping-your-account-and-data-secure/managing-your-personal-access-tokens.md
@@ -144,6 +144,7 @@ Below are some example URLs that generate the tokens we see most often:
 * [GitHub Models access](https://github.com/settings/personal-access-tokens/new?name=GitHub+Models+token&description=Used%20to%20call%20GitHub%20Models%20APIs%20to%20easily%20run%20LLMs%3A%20https%3A%2F%2Fdocs.github.com%2Fgithub-models%2Fquickstart%23step-2-make-an-api-call&user_models=read)<!-- markdownlint-disable-line search-replace Custom rule -->
 * [Update code and open a PR](https://github.com/settings/personal-access-tokens/new?name=Core-loop+token&description=Write%20code%20and%20push%20it%20to%20main%21%20Includes%20permission%20to%20edit%20workflow%20files%20for%20Actions%20-%20remove%20%60workflows%3Awrite%60%20if%20you%20don%27t%20need%20to%20do%20that&contents=write&pull_requests=write&workflows=write)
 * [Manage Copilot licenses in an organization](https://github.com/settings/personal-access-tokens/new?name=Core-loop+token&description=Enable%20or%20disable%20copilot%20access%20for%20users%20with%20the%20Seat%20Management%20APIs%3A%20https%3A%2F%2Fdocs.github.com%2Frest%2Fcopilot%2Fcopilot-user-management%0ABe%20sure%20to%20select%20an%20organization%20for%20your%20resource%20owner%20below%21&organization_copilot_seat_management=write)<!-- markdownlint-disable-line search-replace Custom rule -->
+* [Make Copilot requests](https://github.com/settings/personal-access-tokens/new?name=Copilot+requests+token&description=Make%20Copilot%20API%20requests%20on%20behalf%20of%20the%20user%2C%20consuming%20premium%20requests%3A%20https%3A%2F%2Fdocs.github.com%2Fcopilot%2Fconcepts%2Fbilling%2Fcopilot-requests&copilot_requests=write)<!-- markdownlint-disable-line search-replace Custom rule -->
 
 #### Supported Query Parameters
 
@@ -173,6 +174,7 @@ Account permissions are only used when the current user is set as the resource o
 | `codespaces_user_secrets` | Codespaces user secrets | `read`, `write` |
 | `copilot_messages` | Copilot Chat | `read` |
 | `copilot_editor_context` | Copilot Editor Context | `read` |
+| `copilot_requests` | Copilot requests | `write` |
 | `emails` | Email addresses | `read`, `write` |
 | `user_events` | Events | `read` |
 | `followers` | Followers | `read`, `write` |
@@ -189,6 +191,12 @@ Account permissions are only used when the current user is set as the resource o
 | `starring` | Starring | `read`, `write` |
 | `watching` | Watching | `read`, `write` |
 
+{% ifversion copilot %}
+
+> [!NOTE]
+> The `copilot_requests` permission enables making {% data variables.product.prodname_copilot_short %} requests for the given user, which count towards the user's premium request allowance or are charged to overage billing if the allowance is exceeded. For more information about {% data variables.product.prodname_copilot_short %} requests and billing, see [AUTOTITLE](/copilot/concepts/billing/copilot-requests).
+
+{% endif %}
 ##### Repository Permissions
 
 Repository permissions work for both user and organization resource owners.

diff --git a/...security/concepts/secret-security/about-delegated-bypass-for-push-protection.md b/...security/concepts/secret-security/about-delegated-bypass-for-push-protection.md
@@ -15,6 +15,7 @@ topics:
 shortTitle: Delegated bypass
 redirect_from:
   - /code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/delegated-bypass-for-push-protection/about-delegated-bypass-for-push-protection
+  - /code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/delegated-bypass-for-push-protection
 contentType: concepts
 ---
 

diff --git a/content/code-security/concepts/secret-security/about-secret-scanning.md b/content/code-security/concepts/secret-security/about-secret-scanning.md
@@ -126,7 +126,6 @@ Define your own patterns for secrets used by your organization that {% data vari
 
 * [AUTOTITLE](/code-security/secret-scanning/enabling-secret-scanning-features/enabling-secret-scanning-for-your-repository)
 * [AUTOTITLE](/code-security/secret-scanning/introduction/about-push-protection)
-* [AUTOTITLE](/code-security/secret-scanning/working-with-secret-scanning-and-push-protection)
 * [AUTOTITLE](/code-security/getting-started/best-practices-for-preventing-data-leaks-in-your-organization)
 * [AUTOTITLE](/code-security/getting-started/securing-your-repository)
 * [AUTOTITLE](/authentication/keeping-your-account-and-data-secure)
diff --git a/content/code-security/dependabot/ecosystems-supported-by-dependabot/index.md b/content/code-security/dependabot/ecosystems-supported-by-dependabot/index.md
diff --git a/content/code-security/dependabot/index.md b/content/code-security/dependabot/index.md
@@ -14,7 +14,6 @@ topics:
   - Repositories
   - Dependencies
 children:
-  - /ecosystems-supported-by-dependabot
   - /dependabot-alerts
   - /dependabot-auto-triage-rules
   - /dependabot-version-updates

diff --git a/content/code-security/dependabot/working-with-dependabot/index.md b/content/code-security/dependabot/working-with-dependabot/index.md
@@ -16,7 +16,6 @@ topics:
 children:
   - /automating-dependabot-with-github-actions
   - /configuring-multi-ecosystem-updates
-  - /dependabot-options-reference
   - /setting-dependabot-to-run-on-self-hosted-runners-using-arc
   - /setting-dependabot-to-run-on-github-hosted-runners-using-vnet
 ---

diff --git a/content/code-security/how-tos/index.md b/content/code-security/how-tos/index.md
@@ -17,8 +17,9 @@ topics:
 contentType: how-tos
 children:
   - /secure-at-scale
-  - /secure-your-supply-chain
+  - /secure-your-secrets
   - /scan-code-for-vulnerabilities
+  - /secure-your-supply-chain
   - /maintain-quality-code
   - /report-and-fix-vulnerabilities
 ---
diff --git a/...ng-custom-patterns-for-secret-scanning.md → ...ng-custom-patterns-for-secret-scanning.md b/...ng-custom-patterns-for-secret-scanning.md → ...ng-custom-patterns-for-secret-scanning.md
@@ -1,17 +1,18 @@
 ---
 title: Defining custom patterns for secret scanning
 shortTitle: Define custom patterns
-intro: 'You can define your own custom patterns to extend the capabilities of {% data variables.product.prodname_secret_scanning %} by generating one or more regular expressions.'
+intro: You can define your own custom patterns to extend the capabilities of {% data variables.product.prodname_secret_scanning %} by generating one or more regular expressions.
 product: '{% data reusables.gated-features.secret-scanning-custom-patterns %}'
 permissions: '{% data reusables.permissions.security-enterprise-enable %}'
 redirect_from:
   - /code-security/secret-security/defining-custom-patterns-for-secret-scanning
   - /code-security/secret-scanning/defining-custom-patterns-for-secret-scanning
+  - /code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/custom-patterns/defining-custom-patterns-for-secret-scanning
 versions:
   fpt: '*'
   ghes: '*'
   ghec: '*'
-type: how_to
+contentType: how-tos
 topics:
   - Secret Protection
   - Secret scanning

diff --git a/...ed-metadata-checks-for-your-repository.md → ...ed-metadata-checks-for-your-repository.md b/...ed-metadata-checks-for-your-repository.md → ...ed-metadata-checks-for-your-repository.md
@@ -1,17 +1,18 @@
 ---
 title: Enabling extended metadata checks for your repository
 shortTitle: Enable metadata checks
-intro: 'Learn how to enable extended metadata checks for detected secrets so alerts detected by {% data variables.product.prodname_secret_scanning %} include additional information that help you assess and remediate leaks faster.'
+intro: Learn how to enable extended metadata checks for detected secrets so alerts detected by {% data variables.product.prodname_secret_scanning %} include additional information that help you assess and remediate leaks faster.
 product: '{% data reusables.gated-features.metadata-checks-ghas %}'
 permissions: '{% data reusables.permissions.push-protection %}'
 versions:
   feature: secret-scanning-extended-metadata-checks
-type: how_to
+contentType: how-tos
 topics:
   - Secret scanning
   - Secret Protection
   - Alerts
-contentType: how-tos
+redirect_from:
+  - /code-security/secret-scanning/enabling-secret-scanning-features/enabling-extended-metadata-checks-for-your-repository
 ---
 
 {% data reusables.secret-scanning.metadata-checks-public-preview %}

diff --git a/...ng-validity-checks-for-your-repository.md → ...ng-validity-checks-for-your-repository.md b/...ng-validity-checks-for-your-repository.md → ...ng-validity-checks-for-your-repository.md
@@ -1,15 +1,17 @@
 ---
 title: Enabling validity checks for your repository
 shortTitle: Enable validity checks
-intro: 'Enabling validity checks on your repository helps you prioritize the remediation of alerts as it tells you if a secret is active or inactive.'
+intro: Enabling validity checks on your repository helps you prioritize the remediation of alerts as it tells you if a secret is active or inactive.
 product: '{% data reusables.gated-features.partner-pattern-validity-check-ghas %}'
 versions:
   feature: secret-scanning-validity-check-partner-patterns
-type: how_to
+contentType: how-tos
 topics:
   - Secret scanning
   - Secret Protection
   - Alerts
+redirect_from:
+  - /code-security/secret-scanning/enabling-secret-scanning-features/enabling-validity-checks-for-your-repository
 ---
 
 ## About validity checks

diff --git a/...folders-and-files-from-secret-scanning.md → ...folders-and-files-from-secret-scanning.md b/...folders-and-files-from-secret-scanning.md → ...folders-and-files-from-secret-scanning.md
@@ -1,17 +1,19 @@
 ---
 title: Excluding folders and files from secret scanning
-intro: 'You can customize {% data variables.product.prodname_secret_scanning %} to automatically close alerts for secrets found in specific directories or files by configuring a `secret_scanning.yml` file in your repository.'
+intro: You can customize {% data variables.product.prodname_secret_scanning %} to automatically close alerts for secrets found in specific directories or files by configuring a `secret_scanning.yml` file in your repository.
 permissions: '{% data reusables.permissions.secret-scanning-alerts %}'
 shortTitle: Exclude folders and files
 versions:
   fpt: '*'
   ghes: '*'
   ghec: '*'
-type: how_to
+contentType: how-tos
 topics:
   - Secret scanning
   - Secret Protection
   - Repositories
+redirect_from:
+  - /code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/excluding-folders-and-files-from-secret-scanning
 ---
 
 ## About {% data variables.product.prodname_secret_scanning %}