Merge pull request #43127 from github/repo-sync

Repo sync

Author: docs-bot

content/actions/how-tos/create-and-publish-actions/manage-custom-actions.md

@@ -50,7 +50,7 @@ To use a specific action version, users can configure their {% data variables.pr
 
 ### Using tags for release management
 
-{% ifversion fpt or ghec %}
+{% ifversion immutable-releases %}
 > [!NOTE] If you have enabled immutable releases to help prevent supply chain attacks and accidental changes to your releases, instead see [AUTOTITLE](/actions/how-tos/create-and-publish-actions/using-immutable-releases-and-tags-to-manage-your-actions-releases).
 {% endif %}
 

content/actions/how-tos/create-and-publish-actions/release-and-maintain-actions.md

@@ -55,7 +55,7 @@ To support the developer process in the next section, add two {% data variables.
 1. Add a workflow that triggers when a commit is pushed to a feature branch or to `main` or when a pull request is created. Configure the workflow to run your unit and integration tests. For an example, see [this workflow](https://github.com/actions/javascript-action/blob/main/.github/workflows/ci.yml).
 1. Add a workflow that triggers when a release is published or edited. Configure the workflow to ensure semantic tags are in place. You can use an action like [JasonEtco/build-and-tag-action](https://github.com/JasonEtco/build-and-tag-action) to compile and bundle the JavaScript and metadata file and force push semantic major, minor, and patch tags. For more information about semantic tags, see [About semantic versioning](https://docs.npmjs.com/about-semantic-versioning).
 
-    {% ifversion fpt or ghec %}
+    {% ifversion immutable-releases %}
     > [!NOTE]
     > If you enable immutable releases for your repository, you cannot use this action to force push tags tied to releases on {% data variables.product.github %}. To learn how to manage your releases with immutable releases, see [AUTOTITLE](/actions/how-tos/create-and-publish-actions/using-immutable-releases-and-tags-to-manage-your-actions-releases).
     {% endif %}

content/actions/how-tos/create-and-publish-actions/using-immutable-releases-and-tags-to-manage-your-actions-releases.md

@@ -3,8 +3,7 @@ title: Using immutable releases and tags to manage your action's releases
 shortTitle: Use immutable releases
 intro: 'Learn how you can use a combination of immutable releases on {% data variables.product.github %} and Git tags to manage your action''s releases.'
 versions:
-  fpt: '*'
-  ghec: '*'
+  feature: immutable-releases
 topics:
   - Actions
   - Code Security

content/admin/all-releases.md

@@ -58,6 +58,7 @@ If you run analysis in an external CI system, we recommend using the same versio
 
 | {% data variables.product.prodname_ghe_server %} version | Recommended {% data variables.product.prodname_codeql_cli %} version |
 | ------------------------------------------------- | ---------------------- |
+| 3.20 | 2.23.9 ([changelog](https://codeql.github.com/docs/codeql-overview/codeql-changelog/codeql-cli-2.23.9/)) |
 | 3.19 | 2.22.4 ([changelog](https://codeql.github.com/docs/codeql-overview/codeql-changelog/codeql-cli-2.22.4/)) |
 | 3.18 | 2.21.4 ([changelog](https://codeql.github.com/docs/codeql-overview/codeql-changelog/codeql-cli-2.21.4/)) |
 | 3.17 | 2.20.7 ([changelog](https://codeql.github.com/docs/codeql-overview/codeql-changelog/codeql-cli-2.20.7/)) |
@@ -79,6 +80,7 @@ For instances with {% data variables.product.prodname_actions %} enabled, self-h
 
 | {% data variables.product.prodname_ghe_server %} version | Minimum Runner version |
 | ------------------------------------------------- | ---------------------- |
+| 3.20 | 2.330.0 ([release notes](https://github.com/actions/runner/releases/tag/v2.330.0)) |
 | 3.19 | 2.328.0 ([release notes](https://github.com/actions/runner/releases/tag/v2.328.0)) |
 | 3.18 | 2.324.0 ([release notes](https://github.com/actions/runner/releases/tag/v2.324.0)) |
 | 3.17 | 2.322.0 ([release notes](https://github.com/actions/runner/releases/tag/v2.322.0)) |

content/admin/concepts/enterprise-fundamentals/automations-in-your-enterprise.md

@@ -51,7 +51,7 @@ A {% data variables.product.prodname_github_app %} provides the **identity, perm
 
 ## {% data variables.product.prodname_actions %}
 
-{% data variables.product.prodname_actions %} provide {% data variables.product.github %}’s built-in **runtime** for executing automation logic inside repositories. Workflows run on hosted or self-hosted runners and are ideal for tasks tied to code changes or repository events.
+{% data variables.product.prodname_actions %} provide {% data variables.product.github %}’s built-in **runtime** for executing automation logic inside repositories. Workflows run on {% ifversion ghec %}hosted or {% endif %}self-hosted runners and are ideal for tasks tied to code changes or repository events.
 
 Use {% data variables.product.prodname_actions %} for:
 

content/admin/data-residency/feature-overview-for-github-enterprise-cloud-with-data-residency.md

@@ -25,7 +25,7 @@ The following features are currently unavailable on {% data variables.enterprise
 | Repository traffic metrics | Currently unavailable through both the UI and REST API. | [AUTOTITLE](/repositories/viewing-activity-and-data-for-your-repository/viewing-traffic-to-a-repository) |
 | {% data variables.product.prodname_spark_short %} | Currently unavailable. | [AUTOTITLE](/copilot/concepts/spark) |
 | {% data variables.product.prodname_marketplace %} | {% data variables.product.prodname_marketplace %}, as a means of searching for, purchasing, and directly installing apps and actions, is unavailable. Ecosystem apps and actions can still be discovered and installed from their source, but they may require modification to work on {% data variables.enterprise.data_residency_site %}. | [{% data variables.product.prodname_actions %} workflows from {% data variables.product.prodname_marketplace %}](#github-actions-workflows-from-github-marketplace) |
-| Certain features of {% data variables.product.prodname_github_connect %} | Although you can connect an enterprise on {% data variables.enterprise.data_residency_site %} to a {% data variables.product.prodname_ghe_server %} instance, certain features of {% data variables.product.prodname_github_connect %} are not available, including resolution of actions from {% data variables.product.prodname_dotcom_the_website %}. | [{% data variables.product.prodname_github_connect %}](#github-connect) |
+| Certain features of {% data variables.product.prodname_github_connect %} | Although you can connect an enterprise on {% data variables.enterprise.data_residency_site %} to a {% data variables.product.prodname_ghe_server %} instance, certain features of {% data variables.product.prodname_github_connect %} are not available. | [{% data variables.product.prodname_github_connect %}](#github-connect) |
 | Some features currently in {% data variables.release-phases.public_preview %} or {% data variables.release-phases.private_preview %} | Certain features that are in a preview phase on {% data variables.product.prodname_dotcom_the_website %} may not be available on {% data variables.enterprise.data_residency_site %} until GA. | |
 | Migrations REST API | Currently unavailable. | [AUTOTITLE](/rest/migrations) |
 | Streaming audit logs to Amazon S3 with OpenID Connect (OIDC) | Currently unavailable. | [AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/streaming-the-audit-log-for-your-enterprise) |

content/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/create-enterprise-teams.md

@@ -23,6 +23,12 @@ Adding a user to a team grants them the privileges associated with the team. Rem
 
 {% data reusables.enterprise-onboarding.create-enterprise-teams %}
 
+{% ifversion ghes %}
+
+## 4. Assign roles
+
+{% else %}
+
 ## 4. Assign licenses
 
 You can assign {% data variables.product.prodname_copilot %} licenses to an enterprise team. This allows you to manage {% data variables.product.prodname_copilot_short %} access through team membership, independent of organizations. Once you have assigned licenses to a team, users will gain or lose access to {% data variables.product.prodname_copilot_short %} when they are added or removed from the team.
@@ -31,4 +37,6 @@ For instructions, see [AUTOTITLE](/copilot/how-tos/administer-copilot/manage-for
 
 ## 5. Assign roles
 
+{% endif %}
+
 You can assign custom enterprise roles and certain predefined roles to enterprise teams. This allows you to delegate administrative duties to specific teams or provide non-administrators with permissions that will help them work independently. See [AUTOTITLE](/admin/managing-accounts-and-repositories/managing-roles-in-your-enterprise/assign-roles).

content/code-security/concepts/secret-security/custom-patterns.md

@@ -0,0 +1,20 @@
+---
+title: Custom patterns
+intro: 'Detect secret types specific to your organization with custom patterns.'
+versions:
+  fpt: '*'
+  ghes: '*'
+  ghec: '*'
+topics:
+  - Secret scanning
+  - Secret Protection
+contentType: concepts
+---
+
+You can define custom patterns to identify secrets that are not detected by the default patterns supported by {% data variables.product.prodname_secret_scanning %}. For example, you might have a secret pattern that is internal to your organization. For a list of supported secrets and service providers, see [AUTOTITLE](/code-security/secret-scanning/introduction/supported-secret-scanning-patterns).
+
+Custom patterns for {% data variables.product.prodname_secret_scanning %} are defined as regular expressions, and can be created at the enterprise, organization, or repository level. You can also enable push protection for custom patterns, stopping those secrets from ever reaching your repository.
+
+## Next steps
+
+To start using custom patterns, see [AUTOTITLE](/code-security/how-tos/secure-your-secrets/customize-leak-detection/defining-custom-patterns-for-secret-scanning).

content/code-security/concepts/secret-security/index.md

@@ -15,6 +15,7 @@ children:
   - /about-push-protection
   - /about-secret-security-with-github
   - /about-alerts
+  - /custom-patterns
   - /about-validity-checks
   - /about-delegated-bypass-for-push-protection
   - /about-bypass-requests-for-push-protection

content/code-security/concepts/supply-chain-security/immutable-releases.md

@@ -2,8 +2,7 @@
 title: Immutable releases
 intro: Learn about immutable releases and how they can help you maintain the integrity of your software supply chain.
 versions:
-  fpt: '*'
-  ghec: '*'
+  feature: immutable-releases
 topics:
   - Code Security
   - Vulnerabilities