diff --git a/.github/allowed-actions.js b/.github/allowed-actions.js
index f93815e33b..fee52b34b5 100644
--- a/.github/allowed-actions.js
+++ b/.github/allowed-actions.js
@@ -33,7 +33,7 @@ module.exports = [
'repo-sync/github-sync@3832fe8e2be32372e1b3970bbae8e7079edeec88',
'repo-sync/pull-request@33777245b1aace1a58c87a29c90321aa7a74bd7d',
'someimportantcompany/github-actions-slack-message@0b470c14b39da4260ed9e3f9a4f1298a74ccdefd',
- 'tjenkinson/gh-action-auto-merge-dependency-updates@cee2ac0',
+ 'tjenkinson/gh-action-auto-merge-dependency-updates@4d7756c04d9d999c5968697a621b81c47f533d61',
'EndBug/add-and-commit@9358097a71ad9fb9e2f9624c6098c89193d83575',
'dorny/paths-filter@eb75a1edc117d3756a18ef89958ee59f9500ba58'
]
diff --git a/.github/workflows/automerge-dependencies.yml b/.github/workflows/automerge-dependencies.yml
index 80f79447ef..fd09a91dee 100644
--- a/.github/workflows/automerge-dependencies.yml
+++ b/.github/workflows/automerge-dependencies.yml
@@ -17,7 +17,7 @@ jobs:
if: github.repository == 'github/docs-internal' || github.repository == 'github/docs'
runs-on: ubuntu-latest
steps:
- - uses: tjenkinson/gh-action-auto-merge-dependency-updates@cee2ac0
+ - uses: tjenkinson/gh-action-auto-merge-dependency-updates@4d7756c04d9d999c5968697a621b81c47f533d61
with:
repo-token: ${{ secrets.GITHUB_TOKEN }}
allowed-actors: dependabot[bot]
diff --git a/assets/images/help/organizations/github-pages-creation-checkboxes.png b/assets/images/help/organizations/github-pages-creation-checkboxes.png
new file mode 100644
index 0000000000..c7337e9a00
Binary files /dev/null and b/assets/images/help/organizations/github-pages-creation-checkboxes.png differ
diff --git a/assets/images/help/pages/403-file-name.png b/assets/images/help/pages/403-file-name.png
new file mode 100644
index 0000000000..37e51a7b7c
Binary files /dev/null and b/assets/images/help/pages/403-file-name.png differ
diff --git a/assets/images/help/pages/click-private-pages-url-to-preview.png b/assets/images/help/pages/click-private-pages-url-to-preview.png
new file mode 100644
index 0000000000..eb285a2fd0
Binary files /dev/null and b/assets/images/help/pages/click-private-pages-url-to-preview.png differ
diff --git a/assets/images/help/pages/public-or-private-visibility.png b/assets/images/help/pages/public-or-private-visibility.png
new file mode 100644
index 0000000000..212e8d577b
Binary files /dev/null and b/assets/images/help/pages/public-or-private-visibility.png differ
diff --git a/content/actions/creating-actions/about-actions.md b/content/actions/creating-actions/about-actions.md
index 740b23b443..5f7e2bd249 100644
--- a/content/actions/creating-actions/about-actions.md
+++ b/content/actions/creating-actions/about-actions.md
@@ -122,7 +122,7 @@ steps:
#### Using a commit's SHA for release management
-Each Git commit receives a calculated SHA value, which is unique and immutable. Your action's users might prefer to rely on a commit's SHA value, as this approach can be more reliable than specifying a tag, which could be deleted or moved. However, this means that users will not receive further updates made to the action. Using a commit's full SHA value instead of the abbreviated value can help prevent people from using a malicious commit that uses the same abbreviation.
+Each Git commit receives a calculated SHA value, which is unique and immutable. Your action's users might prefer to rely on a commit's SHA value, as this approach can be more reliable than specifying a tag, which could be deleted or moved. However, this means that users will not receive further updates made to the action. {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@3.0" %}You must use a commit's full SHA value, and not an abbreviated value.{% else %}Using a commit's full SHA value instead of the abbreviated value can help prevent people from using a malicious commit that uses the same abbreviation.{% endif %}
```yaml
steps:
diff --git a/content/actions/learn-github-actions/finding-and-customizing-actions.md b/content/actions/learn-github-actions/finding-and-customizing-actions.md
index 97dfcb35b8..c3d0c6b444 100644
--- a/content/actions/learn-github-actions/finding-and-customizing-actions.md
+++ b/content/actions/learn-github-actions/finding-and-customizing-actions.md
@@ -71,7 +71,7 @@ steps:
#### Using SHAs
-If you need more reliable versioning, you should use the SHA value associated with the version of the action. SHAs are immutable and therefore more reliable than tags or branches. However this approach means you will not automatically receive updates for an action, including important bug fixes and security updates. This example targets an action's SHA:
+If you need more reliable versioning, you should use the SHA value associated with the version of the action. SHAs are immutable and therefore more reliable than tags or branches. However this approach means you will not automatically receive updates for an action, including important bug fixes and security updates. {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@3.0" %}You must use a commit's full SHA value, and not an abbreviated value. {% endif %}This example targets an action's SHA:
```yaml
steps:
diff --git a/content/actions/learn-github-actions/security-hardening-for-github-actions.md b/content/actions/learn-github-actions/security-hardening-for-github-actions.md
index deb87de4f2..56b4aab9ca 100644
--- a/content/actions/learn-github-actions/security-hardening-for-github-actions.md
+++ b/content/actions/learn-github-actions/security-hardening-for-github-actions.md
@@ -54,11 +54,13 @@ This means that a compromise of a single action within a workflow can be very si
Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps mitigate the risk of a bad actor adding a backdoor to the action's repository, as they would need to generate a SHA-1 collision for a valid Git object payload.
+ {% if currentVersion ver_lt "enterprise-server@3.1" %}
{% warning %}
**Warning:** The short version of the commit SHA is insecure and should never be used for specifying an action's Git reference. Because of how repository networks work, any user can fork the repository and push a crafted commit to it that collides with the short SHA. This causes subsequent clones at that SHA to fail because it becomes an ambiguous commit. As a result, any workflows that use the shortened SHA will immediately fail.
{% endwarning %}
+ {% endif %}
* **Audit the source code of the action**
diff --git a/content/actions/reference/workflow-syntax-for-github-actions.md b/content/actions/reference/workflow-syntax-for-github-actions.md
index 4030b05950..190adf244c 100644
--- a/content/actions/reference/workflow-syntax-for-github-actions.md
+++ b/content/actions/reference/workflow-syntax-for-github-actions.md
@@ -518,7 +518,7 @@ Actions are either JavaScript files or Docker containers. If the action you're u
```yaml
steps:
# Reference a specific commit
- - uses: actions/setup-node@74bc508
+ - uses: actions/setup-node@c46424eee26de4078d34105d3de3cc4992202b1e
# Reference the major version of a release
- uses: actions/setup-node@v1
# Reference a minor version of a release
diff --git a/content/github/getting-started-with-github/githubs-products.md b/content/github/getting-started-with-github/githubs-products.md
index becafddba7..4f14fddd35 100644
--- a/content/github/getting-started-with-github/githubs-products.md
+++ b/content/github/getting-started-with-github/githubs-products.md
@@ -85,6 +85,7 @@ In addition to the features available with {% data variables.product.prodname_te
- {% data variables.contact.enterprise_support %}. For more information, see "{% data variables.product.prodname_ghe_cloud %} support" and "{% data variables.product.prodname_ghe_cloud %} Addendum."
- 50,000 {% data variables.product.prodname_actions %} minutes
- 50GB {% data variables.product.prodname_registry %} storage
+- Access control for {% data variables.product.prodname_pages %} sites. For more information, see Changing the visibility of your {% data variables.product.prodname_pages %} site"
- A service level agreement for 99.9% monthly uptime
- The option to centrally manage policy and billing for multiple {% data variables.product.prodname_dotcom_the_website %} organizations with an enterprise account. For more information, see "About enterprise accounts."
diff --git a/content/github/setting-up-and-managing-organizations-and-teams/disabling-publication-of-github-pages-sites-for-your-organization.md b/content/github/setting-up-and-managing-organizations-and-teams/disabling-publication-of-github-pages-sites-for-your-organization.md
deleted file mode 100644
index 02818ad3ab..0000000000
--- a/content/github/setting-up-and-managing-organizations-and-teams/disabling-publication-of-github-pages-sites-for-your-organization.md
+++ /dev/null
@@ -1,29 +0,0 @@
----
-title: Disabling publication of GitHub Pages sites for your organization
-intro: 'You can prevent members of your organization from publishing {% data variables.product.prodname_pages %} sites from repositories in the organization.'
-permissions: 'Organization owners can disable publication of {% data variables.product.prodname_pages %} sites from repositories in the organization.'
-product: '{% data reusables.gated-features.pages %}'
-versions:
- free-pro-team: '*'
- enterprise-server: '>2.22'
- github-ae: '*'
----
-
-### About restrictions on publication of {% data variables.product.prodname_pages %} sites
-
-You can control whether members of your organization can publish websites from repositories in your organization using {% data variables.product.prodname_pages %}. For more information about {% data variables.product.prodname_pages %}, see "[About {% data variables.product.prodname_pages %}](/github/working-with-github-pages/about-github-pages)."
-
-{% if enterpriseServerVersions contains currentVersion or currentVersion == "github-ae@latest" %}If your site administrator has enabled Public Pages, {% endif %}{% data variables.product.prodname_pages %} sites are publicly available on the internet, even if the repository for the site is private{% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.19" or currentVersion == "github-ae@latest" %} or internal{% endif %}. For more information, see{% if enterpriseServerVersions contains currentVersion or currentVersion == "github-ae@latest" %} "[Configuring {% data variables.product.prodname_pages %} for your enterprise](/admin/configuration/configuring-github-pages-for-your-enterprise#enabling-public-sites-for-github-pages)" and{% endif %} "[About repository visibility](/github/creating-cloning-and-archiving-repositories/about-repository-visibility)."
-
-### Disabling publication of {% data variables.product.prodname_pages %} sites
-
-After you disable publication of {% data variables.product.prodname_pages %} sites, any published site will remain published. You can manually unpublish the site. For more information, see "[Unpublishing a {% data variables.product.prodname_pages %} site](/github/working-with-github-pages/unpublishing-a-github-pages-site)."
-
-{% data reusables.profile.access_profile %}
-{% data reusables.profile.access_org %}
-{% data reusables.organizations.org_settings %}
-{% data reusables.organizations.member-privileges %}
-1. Under "Pages creation", unselect **Allow members to publish sites**.
- 
-1. Click **Save**.
- 
diff --git a/content/github/setting-up-and-managing-organizations-and-teams/index.md b/content/github/setting-up-and-managing-organizations-and-teams/index.md
index a3ee6b1216..a51df67c98 100644
--- a/content/github/setting-up-and-managing-organizations-and-teams/index.md
+++ b/content/github/setting-up-and-managing-organizations-and-teams/index.md
@@ -93,7 +93,7 @@ versions:
{% link_in_list /changing-the-visibility-of-your-organizations-dependency-insights %}
{% link_in_list /managing-the-display-of-member-names-in-your-organization %}
{% link_in_list /managing-updates-from-accounts-your-organization-sponsors %}
- {% link_in_list /disabling-publication-of-github-pages-sites-for-your-organization %}
+ {% link_in_list /managing-the-publication-of-github-pages-sites-for-your-organization %}
{% link_in_list /deleting-an-organization-account %}
{% link_in_list /converting-an-organization-into-a-user %}
{% link_in_list /integrating-jira-with-your-organization-project-board %}
diff --git a/content/github/setting-up-and-managing-organizations-and-teams/managing-the-publication-of-github-pages-sites-for-your-organization.md b/content/github/setting-up-and-managing-organizations-and-teams/managing-the-publication-of-github-pages-sites-for-your-organization.md
new file mode 100644
index 0000000000..de5cf7a93d
--- /dev/null
+++ b/content/github/setting-up-and-managing-organizations-and-teams/managing-the-publication-of-github-pages-sites-for-your-organization.md
@@ -0,0 +1,31 @@
+---
+title: Managing the publication of GitHub Pages sites for your organization
+intro: 'You can control whether organization members can publish {% data variables.product.prodname_pages %} sites from repositories in the organization{% if currentVersion == "free-pro-team@latest" %} and restrict the visibilities that members can choose for the sites{% endif %}.'
+permissions: 'Organization owners can manage the publication of {% data variables.product.prodname_pages %} sites from repositories in the organization.'
+product: '{% data reusables.gated-features.pages %}'
+versions:
+ free-pro-team: '*'
+ enterprise-server: '>3.0'
+redirect_from:
+ - /github/setting-up-and-managing-organizations-and-teams/disabling-the-publication-of-github-pages-sites-for-your-organization
+---
+
+{% if currentVersion == "free-pro-team@latest" %}
+If your organization uses {% data variables.product.prodname_ghe_cloud %}, you can choose to allow organization members to create publicly published sites, privately published sites, both, or neither. Otherwise, you can choose to allow or disallow public publishing. For more information about access control for {% data variables.product.prodname_pages %} sites, see "[Changing the visibility of your {% data variables.product.prodname_pages %} site](/github/working-with-github-pages/changing-the-visibility-of-your-github-pages-site)."
+{% endif %}
+
+If you disallow publication of {% data variables.product.prodname_pages %} sites, any sites that are already published will remain published. You can manually unpublish the site. For more information, see "[Unpublishing a {% data variables.product.prodname_pages %} site](/github/working-with-github-pages/unpublishing-a-github-pages-site)."
+
+{% data reusables.profile.access_profile %}
+{% data reusables.profile.access_org %}
+{% data reusables.organizations.org_settings %}
+{% data reusables.organizations.member-privileges %}{% if currentVersion == "free-pro-team@latest" %}
+1. Under "Pages creation", select the visibilities you want to allow and deselect the visibilities you want to disallow.
+ {% else %}
+1. Under "Pages creation", select or deselect **Allow members to publish sites**.
+ {% endif %}
+1. Click **Save**.
+
+### Further reading
+
+- "[About {% data variables.product.prodname_pages %}](/github/working-with-github-pages/about-github-pages)"
diff --git a/content/github/setting-up-and-managing-organizations-and-teams/permission-levels-for-an-organization.md b/content/github/setting-up-and-managing-organizations-and-teams/permission-levels-for-an-organization.md
index d2c499bde3..0b69ba8926 100644
--- a/content/github/setting-up-and-managing-organizations-and-teams/permission-levels-for-an-organization.md
+++ b/content/github/setting-up-and-managing-organizations-and-teams/permission-levels-for-an-organization.md
@@ -53,22 +53,22 @@ Organization members can have *owner*{% if currentVersion == "free-pro-team@late
| View and post private team discussions to **all teams** (see "[About team discussions](/articles/about-team-discussions)" for details) | **X** | | |
| Edit and delete team discussions in **all teams** (see "[Managing disruptive comments](/articles/managing-disruptive-comments)" for details) | **X** | | |
| Hide comments on commits, pull requests, and issues (see "[Managing disruptive comments](/articles/managing-disruptive-comments/#hiding-a-comment)" for details) | **X** | **X** | |
-| Disable team discussions for an organization (see "[Disabling team discussions for your organization](/articles/disabling-team-discussions-for-your-organization)" for details) | **X** | | |{% if currentVersion == "free-pro-team@latest" %}
-| Manage viewing of organization dependency insights (see "[Changing the visibility of your organization's dependency insights](/articles/changing-the-visibility-of-your-organizations-dependency-insights)" for details) | **X** | | |{% endif %}
+| Disable team discussions for an organization (see "[Disabling team discussions for your organization](/articles/disabling-team-discussions-for-your-organization)" for details) | **X** | | |
+| Manage viewing of organization dependency insights (see "[Changing the visibility of your organization's dependency insights](/articles/changing-the-visibility-of-your-organizations-dependency-insights)" for details) | **X** | | |
| Set a team profile picture in **all teams** (see "[Setting your team's profile picture](/articles/setting-your-team-s-profile-picture)" for details) | **X** | | |
| Sponsor accounts and manage the organization's sponsorships (see "[Sponsoring open-source contributors](/github/supporting-the-open-source-community-with-github-sponsors/sponsoring-open-source-contributors)" for details) | **X** | **X** | |
| Manage email updates from sponsored accounts (see "[Managing updates from accounts your organization's sponsors](/github/setting-up-and-managing-organizations-and-teams/managing-updates-from-accounts-your-organization-sponsors)" for details) | **X** | | |
| Attribute your sponsorships to another organization (see "[Attributing sponsorships to your organization](/github/supporting-the-open-source-community-with-github-sponsors/attributing-sponsorships-to-your-organization)" for details ) | **X** | | |
-| Disable publication of {% data variables.product.prodname_pages %} sites from repositories in the organization (see "[Disabling publication of {% data variables.product.prodname_pages %} sites for your organization](/github/setting-up-and-managing-organizations-and-teams/disabling-publication-of-github-pages-sites-for-your-organization)" for details) | **X** | | |
+| Manage the publication of {% data variables.product.prodname_pages %} sites from repositories in the organization (see "[Managing the publication of {% data variables.product.prodname_pages %} sites for your organization](/github/setting-up-and-managing-organizations-and-teams/managing-the-publication-of-github-pages-sites-for-your-organization)" for details) | **X** | | |
| Manage security and analysis settings (see "[Managing security and analysis settings for your organization](/github/setting-up-and-managing-organizations-and-teams/managing-security-and-analysis-settings-for-your-organization)" for details) | **X** | | |
| Enable and enforce [SAML single sign-on](/articles/about-identity-and-access-management-with-saml-single-sign-on) | **X** | | |
| [Manage a user's SAML access to your organization](/github/setting-up-and-managing-organizations-and-teams/viewing-and-managing-a-members-saml-access-to-your-organization) | **X** | | |
| Manage an organization's SSH certificate authorities (see "[Managing your organization's SSH certificate authorities](/articles/managing-your-organizations-ssh-certificate-authorities)" for details) | **X** | | |
| Transfer repositories | **X** | | |
| Purchase, install, manage billing for, and cancel {% data variables.product.prodname_marketplace %} apps | **X** | | |
-| List apps in {% data variables.product.prodname_marketplace %} | **X** | | |{% if currentVersion != "github-ae@latest" %}
+| List apps in {% data variables.product.prodname_marketplace %} | **X** | | |
| Receive [{% data variables.product.prodname_dependabot_alerts %} about vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies) for all of an organization's repositories | **X** | | |
-| Manage {% data variables.product.prodname_dependabot_security_updates %} (see "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)") | **X** | | |{% endif %}
+| Manage {% data variables.product.prodname_dependabot_security_updates %} (see "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)") | **X** | | |
| [Manage the forking policy](/github/setting-up-and-managing-organizations-and-teams/managing-the-forking-policy-for-your-organization) | **X** | | |
| [Limit activity in public repositories in an organization](/articles/limiting-interactions-in-your-organization) | **X** | | |
| Pull (read), push (write), and clone (copy) *all repositories* in the organization | **X** | | |
@@ -105,11 +105,11 @@ Organization members can have *owner*{% if currentVersion == "free-pro-team@late
| Create project boards (see "[Project board permissions for an organization](/articles/project-board-permissions-for-an-organization)" for details) | **X** | **X** | |
| View and post public team discussions to **all teams** (see "[About team discussions](/articles/about-team-discussions)" for details) | **X** | **X** | |
| View and post private team discussions to **all teams** (see "[About team discussions](/articles/about-team-discussions)" for details) | **X** | | |
-| Edit and delete team discussions in **all teams** (for more information, see "[Managing disruptive comments](/articles/managing-disruptive-comments) | **X** | | |
+| Edit and delete team discussions in **all teams** (for more information, see "[Managing disruptive comments](/articles/managing-disruptive-comments)) | **X** | | |
| Hide comments on commits, pull requests, and issues (see "[Managing disruptive comments](/articles/managing-disruptive-comments/#hiding-a-comment)" for details) | **X** | **X** | **X** |
| Disable team discussions for an organization (see "[Disabling team discussions for your organization](/articles/disabling-team-discussions-for-your-organization)" for details) | **X** | | |
-| Set a team profile picture in **all teams** (see "[Setting your team's profile picture](/articles/setting-your-team-s-profile-picture)" for details) | **X** | | |{% if currentVersion ver_gt "enterprise-server@2.22" or currentVersion == "github-ae@latest" %}
-| Disable publication of {% data variables.product.prodname_pages %} sites from repositories in the organization (see "[Disabling publication of {% data variables.product.prodname_pages %} sites for your organization](/github/setting-up-and-managing-organizations-and-teams/disabling-publication-of-github-pages-sites-for-your-organization)" for details) | **X** | | |{% endif %}
+| Set a team profile picture in **all teams** (see "[Setting your team's profile picture](/articles/setting-your-team-s-profile-picture)" for details) | **X** | | |{% if currentVersion ver_gt "enterprise-server@3.0" %}
+| Manage the publication of {% data variables.product.prodname_pages %} sites from repositories in the organization (see "[Managing the publication of {% data variables.product.prodname_pages %} sites for your organization](/github/setting-up-and-managing-organizations-and-teams/managing-the-publication-of-github-pages-sites-for-your-organization)" for details) | **X** | |{% endif %}
| [Move teams in an organization's hierarchy](/articles/moving-a-team-in-your-organization-s-hierarchy) | **X** | | |
| Pull (read), push (write), and clone (copy) *all repositories* in the organization | **X** | |
| Convert organization members to [outside collaborators](#outside-collaborators) | **X** | |
diff --git a/content/github/setting-up-and-managing-organizations-and-teams/reviewing-the-audit-log-for-your-organization.md b/content/github/setting-up-and-managing-organizations-and-teams/reviewing-the-audit-log-for-your-organization.md
index 393d943e37..d50ba94204 100644
--- a/content/github/setting-up-and-managing-organizations-and-teams/reviewing-the-audit-log-for-your-organization.md
+++ b/content/github/setting-up-and-managing-organizations-and-teams/reviewing-the-audit-log-for-your-organization.md
@@ -44,8 +44,8 @@ To search for specific events, use the `action` qualifier in your query. Actions
| [`integration_installation_request`](#integration_installation_request-category-actions) | Contains all activities related to organization member requests for owners to approve integrations for use in the organization. |
| [`issue`](#issue-category-actions) | Contains activities related to deleting an issue. {% if currentVersion == "free-pro-team@latest" %}
| [`marketplace_agreement_signature`](#marketplace_agreement_signature-category-actions) | Contains all activities related to signing the {% data variables.product.prodname_marketplace %} Developer Agreement.
-| [`marketplace_listing`](#marketplace_listing-category-actions) | Contains all activities related to listing apps in {% data variables.product.prodname_marketplace %}.{% endif %}{% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.22" or currentVersion == "github-ae@latest" %}
-| [`members_can_create_pages`](#members_can_create_pages-category-actions) | Contains all activities related to disabling the publication of {% data variables.product.prodname_pages %} sites for repositories in the organization. For more information, see "[Restricting publication of {% data variables.product.prodname_pages %} sites for your organization](/github/setting-up-and-managing-organizations-and-teams/disabling-publication-of-github-pages-sites-for-your-organization)." | {% endif %}
+| [`marketplace_listing`](#marketplace_listing-category-actions) | Contains all activities related to listing apps in {% data variables.product.prodname_marketplace %}.{% endif %}{% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@3.0" %}
+| [`members_can_create_pages`](#members_can_create_pages-category-actions) | Contains all activities related to managing the publication of {% data variables.product.prodname_pages %} sites for repositories in the organization. For more information, see "[Managing the publication of {% data variables.product.prodname_pages %} sites for your organization](/github/setting-up-and-managing-organizations-and-teams/managing-the-publication-of-github-pages-sites-for-your-organization)." | {% endif %}
| [`org`](#org-category-actions) | Contains activities related to organization membership.{% if currentVersion == "free-pro-team@latest" %}
| [`org_credential_authorization`](#org_credential_authorization-category-actions) | Contains all activities related to authorizing credentials for use with SAML single sign-on.{% endif %}{% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.19" or currentVersion == "github-ae@latest" %}
| [`organization_label`](#organization_label-category-actions) | Contains all activities related to default labels for repositories in your organization.{% endif %}
@@ -307,11 +307,11 @@ For more information about the audit log REST API, see "[Organizations](/rest/re
{% endif %}
-{% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.22" or currentVersion == "github-ae@latest" %}
+{% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@3.0" %}
#### `members_can_create_pages` category actions
-For more information, see "[Restricting publication of {% data variables.product.prodname_pages %} sites for your organization](/github/setting-up-and-managing-organizations-and-teams/disabling-publication-of-github-pages-sites-for-your-organization)."
+For more information, see "[Managing the publication of {% data variables.product.prodname_pages %} sites for your organization](/github/setting-up-and-managing-organizations-and-teams/managing-the-publication-of-github-pages-sites-for-your-organization)."
| Action | Description |
| :- | :- |
diff --git a/content/github/site-policy/github-subprocessors-and-cookies.md b/content/github/site-policy/github-subprocessors-and-cookies.md
index ab7352efb4..11db20ca84 100644
--- a/content/github/site-policy/github-subprocessors-and-cookies.md
+++ b/content/github/site-policy/github-subprocessors-and-cookies.md
@@ -10,7 +10,7 @@ versions:
free-pro-team: '*'
---
-Effective date: **January 6, 2021**
+Effective date: **January 21, 2021**
GitHub provides a great deal of transparency regarding how we use your data, how we collect your data, and with whom we share your data. To that end, we provide this page, which details [our subprocessors](#github-subprocessors), and how we use [cookies](#cookies-on-github).
@@ -34,10 +34,9 @@ When we share your information with third party subprocessors, such as our vendo
| Monday.com | Team collaboration and project management platform | United States | Israel |
| Nexmo | SMS notification provider | United States | United States |
| Salesforce.com | Customer relations management | United States | United States |
-| Sendgrid | Transactional mail services provider | United States | United States |
| Sentry.io | Application monitoring provider | United States | United States |
| Stripe | Payment provider | United States | United States |
-| Twilio | SMS notification provider | United States | United States |
+| Twilio & Twilio Sendgrid | SMS notification provider & transactional mail service provider | United States | United States |
| Zendesk | Customer support ticketing system | United States | United States |
| Zuora | Corporate billing system | United States | United States |
diff --git a/content/github/working-with-github-pages/about-github-pages.md b/content/github/working-with-github-pages/about-github-pages.md
index 0add2b3391..6c89a3e6fa 100644
--- a/content/github/working-with-github-pages/about-github-pages.md
+++ b/content/github/working-with-github-pages/about-github-pages.md
@@ -24,10 +24,14 @@ versions:
You can host your site on {% data variables.product.prodname_dotcom %}'s `github.io` domain or your own custom domain. For more information, see "[Using a custom domain with {% data variables.product.prodname_pages %}](/articles/using-a-custom-domain-with-github-pages)."
{% endif %}
+{% if currentVersion == "free-pro-team@latest" %}
+{% data reusables.pages.about-private-publishing %} For more information, see "[Changing the visibility of your {% data variables.product.prodname_pages %} site](/github/working-with-github-pages/changing-the-visibility-of-your-github-pages-site)."
+{% endif %}
+
To get started, see "[Creating a {% data variables.product.prodname_pages %} site](/articles/creating-a-github-pages-site)."
-{% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.22" or currentVersion == "github-ae@latest" %}
-Organization owners can disable the publication of {% data variables.product.prodname_pages %} sites from the organization's repositories. For more information, see "[Disabling publication of {% data variables.product.prodname_pages %} sites for your organization](/github/setting-up-and-managing-organizations-and-teams/disabling-publication-of-github-pages-sites-for-your-organization)."
+{% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@3.0" %}
+Organization owners can disable the publication of {% data variables.product.prodname_pages %} sites from the organization's repositories. For more information, see "[Managing the publication of {% data variables.product.prodname_pages %} sites for your organization](/github/setting-up-and-managing-organizations-and-teams/managing-the-publication-of-github-pages-sites-for-your-organization)."
{% endif %}
### Types of {% data variables.product.prodname_pages %} sites
@@ -38,6 +42,10 @@ To publish a user site, you must create a repository owned by your user account
The source files for a project site are stored in the same repository as their project. {% if currentVersion == "free-pro-team@latest" %}Unless you're using a custom domain, project sites are available at `http(s)://.github.io/` or `http(s)://.github.io/`.{% elsif currentVersion == "github-ae@latest" %}Project sites are available at `http(s)://pages.///` or `http(s)://pages.///`.{% endif %}
+{% if currentVersion == "free-pro-team@latest" %}
+If you publish your site privately, the URL for your site will be different. For more information, see "[Changing the visibility of your {% data variables.product.prodname_pages %} site](/github/working-with-github-pages/changing-the-visibility-of-your-github-pages-site)."
+{% endif %}
+
{% if currentVersion == "free-pro-team@latest" %}
For more information about how custom domains affect the URL for your site, see "[About custom domains and {% data variables.product.prodname_pages %}](/articles/about-custom-domains-and-github-pages)."
{% endif %}
@@ -87,9 +95,9 @@ The default publishing source for a project site is the `gh-pages` branch. If th
Project sites can also be published from the `master` branch or a `/docs` folder on the `master` branch. To publish your site from one of these sources, you must configure a different publishing source. For more information, see "[Configuring a publishing source for your {% data variables.product.prodname_pages %} site](/articles/configuring-a-publishing-source-for-your-github-pages-site#choosing-a-publishing-source)."
- If you choose the `/docs` folder of the `master` branch as your publishing source, {% data variables.product.prodname_pages %} will read everything to publish your site{% if currentVersion == "free-pro-team@latest" %}, including the _CNAME_ file,{% endif %} from the `/docs` folder.{% if currentVersion == "free-pro-team@latest" %} For example, when you edit your custom domain through the {% data variables.product.prodname_pages %} settings, the custom domain will write to `/docs/CNAME`. For more information about _CNAME_ files, see "[Managing a custom domain for your {% data variables.product.prodname_pages %} site](/articles/managing-a-custom-domain-for-your-github-pages-site)."{% endif %}
+If you choose the `/docs` folder of the `master` branch as your publishing source, {% data variables.product.prodname_pages %} will read everything to publish your site{% if currentVersion == "free-pro-team@latest" %}, including the _CNAME_ file,{% endif %} from the `/docs` folder.{% if currentVersion == "free-pro-team@latest" %} For example, when you edit your custom domain through the {% data variables.product.prodname_pages %} settings, the custom domain will write to `/docs/CNAME`. For more information about _CNAME_ files, see "[Managing a custom domain for your {% data variables.product.prodname_pages %} site](/articles/managing-a-custom-domain-for-your-github-pages-site)."{% endif %}
- You cannot publish your project site from any other branch, even if the default branch is not `master` or `gh-pages`.
+You cannot publish your project site from any other branch, even if the default branch is not `master` or `gh-pages`.
{% endif %}
diff --git a/content/github/working-with-github-pages/changing-the-visibility-of-your-github-pages-site.md b/content/github/working-with-github-pages/changing-the-visibility-of-your-github-pages-site.md
new file mode 100644
index 0000000000..8f5f5a099d
--- /dev/null
+++ b/content/github/working-with-github-pages/changing-the-visibility-of-your-github-pages-site.md
@@ -0,0 +1,29 @@
+---
+title: Changing the visibility of your GitHub Pages site
+intro: 'You can manage access control for your project site by publishing the site publicly or privately.'
+product: '{% data reusables.gated-features.private-pages %}'
+versions:
+ free-pro-team: '*'
+permissions: People with admin permissions for a repository can change the visibility of a {% data variables.product.prodname_pages %} site.
+---
+
+### About access control for {% data variables.product.prodname_pages %} sites
+
+If your project site is published from a private or internal repository that's owned by an organization using {% data variables.product.prodname_ghe_cloud %}, you can manage access control for the site. With access control, you can choose to publish the site publicly to anyone on the internet or privately to people with read access to your repository. A privately published site can be used to share your internal documentation or knowledge base with members of your enterprise. You cannot manage access control for an organization site. For more information about the types of {% data variables.product.prodname_pages %} sites, see "[About GitHub Pages](/github/working-with-github-pages/about-github-pages#types-of-github-pages-sites)."
+
+Privately published sites are available at a different subdomain than publicly published sites. You can see your site's URL in the repository settings. If you're using a static site generator configured to build the site with the repository name as a path, you may need to update the settings for the static site generator when changing the site to private. For more information, see "[Configuring Jekyll in your {% data variables.product.prodname_pages %} site](/github/working-with-github-pages/managing-a-custom-domain-for-your-github-pages-site#configuring-a-subdomain)" or the documentation for your static site generator.
+
+### Changing the visibility of your {% data variables.product.prodname_pages %} site
+
+{% data reusables.pages.navigate-site-repo %}
+{% data reusables.repositories.sidebar-settings %}
+3. Under "{% data variables.product.prodname_pages %}", select the **{% data variables.product.prodname_pages %} visibility** drop-down menu, then click a visibility.
+ 
+4. To see your published site, under "{% data variables.product.prodname_pages %}", click your site's URL.
+
+
+ {% note %}
+
+ {% data reusables.pages.twenty-minutes-to-publish %}
+
+ {% endnote %}
diff --git a/content/github/working-with-github-pages/creating-a-github-pages-site-with-jekyll.md b/content/github/working-with-github-pages/creating-a-github-pages-site-with-jekyll.md
index c02beb7e31..c75b0a636b 100644
--- a/content/github/working-with-github-pages/creating-a-github-pages-site-with-jekyll.md
+++ b/content/github/working-with-github-pages/creating-a-github-pages-site-with-jekyll.md
@@ -11,6 +11,8 @@ versions:
github-ae: '*'
---
+{% data reusables.pages.org-owners-can-restrict-pages-creation %}
+
### Prerequisites
Before you can use Jekyll to create a {% data variables.product.prodname_pages %} site, you must install Jekyll and Git. For more information, see [Installation](https://jekyllrb.com/docs/installation/) in the Jekyll documentation and "[Set up Git](/articles/set-up-git)."
@@ -96,7 +98,8 @@ $ git remote add origin https://HOSTNAME/USER/REPOSITORYCTRLc in your terminal window.
-Note that `npm run build` is a one-time step that create static assets.
+Note that `npm ci` and `npm run build` are steps that should typically only need to be run once each time you pull the latest for a branch.
+ - `npm ci` does a clean install of dependencies, without updating the `package-lock.json` file
+ - `npm run build` creates static assets, such as the `dist/index.js` and `dist/index.css` files
### Using GitHub Codespaces
diff --git a/data/reusables/gated-features/private-pages.md b/data/reusables/gated-features/private-pages.md
new file mode 100644
index 0000000000..3fb7f0a3a7
--- /dev/null
+++ b/data/reusables/gated-features/private-pages.md
@@ -0,0 +1 @@
+Access control for {% data variables.product.prodname_pages %} sites is available in private repositories with {% data variables.product.prodname_ghe_cloud %}.
diff --git a/data/reusables/pages/about-private-publishing.md b/data/reusables/pages/about-private-publishing.md
new file mode 100644
index 0000000000..f1f13531ce
--- /dev/null
+++ b/data/reusables/pages/about-private-publishing.md
@@ -0,0 +1 @@
+If your project site is published from a private or internal repository owned by an organization using {% data variables.product.prodname_ghe_cloud %}, you can manage access control for the site.
diff --git a/data/reusables/pages/choose-visibility.md b/data/reusables/pages/choose-visibility.md
new file mode 100644
index 0000000000..2f9e310e5e
--- /dev/null
+++ b/data/reusables/pages/choose-visibility.md
@@ -0,0 +1,2 @@
+1. Optionally, if you're publishing a project site from a private or internal repository owned by an organization using {% data variables.product.prodname_ghe_cloud %}, choose the visibility for your site. Under "{% data variables.product.prodname_pages %}", select the **{% data variables.product.prodname_pages %} visibility** drop-down menu, then click a visibility. For more information, see "[Changing the visibility of your {% data variables.product.prodname_pages %} site](/github/working-with-github-pages/changing-the-visibility-of-your-github-pages-site)".
+ 
\ No newline at end of file
diff --git a/data/reusables/pages/org-owners-can-restrict-pages-creation.md b/data/reusables/pages/org-owners-can-restrict-pages-creation.md
new file mode 100644
index 0000000000..fc98787aaa
--- /dev/null
+++ b/data/reusables/pages/org-owners-can-restrict-pages-creation.md
@@ -0,0 +1,7 @@
+{% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@3.0" %}
+{% note %}
+
+**Note:** Organization owners can restrict the publication of {% data variables.product.prodname_pages %} sites from repositories owned by the organization. For more information, see "[Managing the publication of {% data variables.product.prodname_pages %} sites](/github/setting-up-and-managing-organizations-and-teams/managing-the-publication-of-github-pages-sites-for-your-organization)."
+
+{% endnote %}
+{% endif %}
\ No newline at end of file
diff --git a/data/reusables/pages/private_pages_are_public_warning.md b/data/reusables/pages/private_pages_are_public_warning.md
index 7620878dbc..04d4ddeb1c 100644
--- a/data/reusables/pages/private_pages_are_public_warning.md
+++ b/data/reusables/pages/private_pages_are_public_warning.md
@@ -1,5 +1,5 @@
- {% warning %}
+{% warning %}
- **Warning**: {% if enterpriseServerVersions contains currentVersion or currentVersion == "github-ae@latest" %}If your site administrator has enabled Public Pages, {% endif %}{% data variables.product.prodname_pages %} sites are publicly available on the internet, even if the repository for the site is private{% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.19" or currentVersion == "github-ae@latest" %} or internal{% endif %}. If you have sensitive data in your site's repository, you may want to remove it before publishing. For more information, see{% if enterpriseServerVersions contains currentVersion or currentVersion == "github-ae@latest" %} "[Configuring {% data variables.product.prodname_pages %} for your enterprise](/admin/configuration/configuring-github-pages-for-your-enterprise#enabling-public-sites-for-github-pages)" and{% endif %} "[About repository visibility](/github/creating-cloning-and-archiving-repositories/about-repository-visibility)."
+**Warning**: {% if enterpriseServerVersions contains currentVersion or currentVersion == "github-ae@latest" %}If your site administrator has enabled Public Pages, {% endif %}{% data variables.product.prodname_pages %} sites are publicly available on the internet{% if currentVersion == "free-pro-team@latest" %} by default{% endif %}, even if the repository for the site is private or internal.{% if currentVersion == "free-pro-team@latest" %} {% data reusables.pages.about-private-publishing %} Otherwise, if{% else %} If{% endif %} you have sensitive data in your site's repository, you may want to remove the data before publishing. For more information, see{% if enterpriseServerVersions contains currentVersion or currentVersion == "github-ae@latest" %} "[Configuring {% data variables.product.prodname_pages %} for your enterprise](/admin/configuration/configuring-github-pages-for-your-enterprise#enabling-public-sites-for-github-pages)" and{% endif %} "[About repository visibility](/github/creating-cloning-and-archiving-repositories/about-repository-visibility){% if currentVersion == "free-pro-team@latest" %}" and "[Changing the visibility of your {% data variables.product.prodname_pages %} site](/github/working-with-github-pages/changing-the-visibility-of-your-github-pages-site)."{% else %}."{% endif %}
- {% endwarning %}
+{% endwarning %}
diff --git a/data/reusables/pages/twenty-minutes-to-publish.md b/data/reusables/pages/twenty-minutes-to-publish.md
new file mode 100644
index 0000000000..3e7a2fd5a4
--- /dev/null
+++ b/data/reusables/pages/twenty-minutes-to-publish.md
@@ -0,0 +1 @@
+**Note:** It can take up to 20 minutes for changes to your site to publish after you push the changes to {% data variables.product.product_name %}. If your don't see your changes reflected in your browser after an hour, see "[About Jekyll build errors for {% data variables.product.prodname_pages %} sites](/articles/about-jekyll-build-errors-for-github-pages-sites)."
\ No newline at end of file
diff --git a/data/reusables/pages/visit-site.md b/data/reusables/pages/visit-site.md
index 60a2178f86..1e94e6817b 100644
--- a/data/reusables/pages/visit-site.md
+++ b/data/reusables/pages/visit-site.md
@@ -3,6 +3,6 @@
{% note %}
- **Note:** It can take up to 20 minutes for changes to your site to publish after you push the changes to {% data variables.product.product_name %}. If your don't see your changes reflected in your browser after an hour, see "[About Jekyll build errors for {% data variables.product.prodname_pages %} sites](/articles/about-jekyll-build-errors-for-github-pages-sites)."
+ {% data reusables.pages.twenty-minutes-to-publish %}
{% endnote %}
diff --git a/javascripts/search.js b/javascripts/search.js
index f90c56a04d..fb9c10e7de 100644
--- a/javascripts/search.js
+++ b/javascripts/search.js
@@ -42,6 +42,8 @@ export default function search () {
searchWithYourKeyboard('#search-input-container input', '.ais-Hits-item')
toggleSearchDisplay()
+ $searchInputContainer.querySelector('form')
+ .addEventListener('submit', evt => evt.preventDefault())
$searchInput.addEventListener('keyup', debounce(onSearch))
}
@@ -261,6 +263,6 @@ function tmplSearchResult ({ url, breadcrumbs, heading, title, content }) {
function markify (text) {
const { mark } = tags
return text
- .split(/<\/?em>/g)
+ .split(/<\/?mark>/g)
.map((el, i) => i % 2 ? mark(el) : el)
}
diff --git a/layouts/release-notes.html b/layouts/release-notes.html
index 29b0529fa0..201163f591 100644
--- a/layouts/release-notes.html
+++ b/layouts/release-notes.html
@@ -7,12 +7,12 @@
{% include sidebar %}
-
+
{% include header %}
{% include deprecation-banner %}
-