Merge branch 'main' into secret-scanning-many-matches

.github/workflows/check-all-english-links.yml

@@ -1,6 +1,7 @@
 name: Check all English links
 
 on:
+  workflow_dispatch:
   schedule:
     - cron:  "40 19 * * *" # once a day at 19:40 UTC / 11:40 PST
 
@@ -16,17 +17,12 @@ jobs:
     - name: npm run build
       run: npm run build
     - name: Run script
-      run: script/check-external-links en > broken_links.md
-    - name: Check if any broken links
+      run: script/check-english-links.js > broken_links.md
+    - if: ${{ failure() }} 
+      name: Get title for issue
       id: check
-      run: |
-        if [ "$(grep 'All links are good' broken_links.md)" ]; then
-          echo ::set-output name=continue::no
-        else
-          echo "::set-output name=continue::yes"
-          echo "::set-output name=title::$(grep 'found on help.github.com' broken_links.md)"
-        fi
-    - if: ${{ steps.check.outputs.continue == 'yes' }}
+      run: echo "::set-output name=title::$(head -1 broken_links.md)"
+    - if: ${{ failure() }}
       name: Create issue from file
       uses: peter-evans/create-issue-from-file@35e304e2a12caac08c568247a2cb46ecd0c3ecc5
       with:

.github/workflows/repo-freeze-check.yml

@@ -0,0 +1,27 @@
+name: Repo Freeze Check
+
+on:
+  pull_request:
+    types:
+      - opened
+      - reopened
+      - synchronize
+      - ready_for_review
+      - unlocked
+    branches:
+      - main
+
+env:
+  FREEZE: ${{ secrets.FREEZE }}
+
+jobs:
+  check-freezer:
+    name: Prevent merging during deployment freezes
+    runs-on: ubuntu-latest
+    steps:
+
+    - name: Fail if repo merges are paused
+      if: ${{ env.FREEZE == 'true' }}
+      run: |
+        echo 'Merges into the "main" branch on this repo are currently paused!'
+        exit 1

.gitignore

@@ -4,8 +4,6 @@
 node_modules
 npm-debug.log
 coverage
-
-# blc: broken link checker
-blc_output.log
-blc_output_internal.log
-dist
+.linkinator
+broken_links.md
+dist

CONTRIBUTING.md

@@ -114,7 +114,8 @@ You can browse existing issues to find something that needs help!
 
 ### Labels
 Labels can help you find an issue you'd like to help with.
-- The [`good-first-issue` label](https://github.com/github/docs/issues?q=is%3Aopen+is%3Aissue+label%3Agood-first-issue) is for problems or updates we think are ideal for beginners.
+- The [`help wanted` label](https://github.com/github/docs/issues?q=is%3Aopen+is%3Aissue+label%3A%22help+wanted%22) is for problems or updates that anyone in the community can start working on.
+- The [`good first issue` label](https://github.com/github/docs/issues?q=is%3Aopen+is%3Aissue+label%3A%22good+first+issue%22) is for problems or updates we think are ideal for beginners.
 - The [`content` label](https://github.com/github/docs/issues?q=is%3Aopen+is%3Aissue+label%3Acontent) is for problems or updates in the content on docs.github.com. These will usually require some knowledge of Markdown.
 - The [`engineering` label](https://github.com/github/docs/issues?q=is%3Aopen+is%3Aissue+label%3Aengineering) is for problems or updates in the docs.github.com website. These will usually require some knowledge of JavaScript/Node.js or YAML to fix.
 

content/actions/guides/building-and-testing-powershell.md

@@ -5,6 +5,8 @@ product: '{% data reusables.gated-features.actions %}'
 versions:
   free-pro-team: '*'
   enterprise-server: '>=2.22'
+authors:
+  - potatoqualitee
 ---
 
 {% data reusables.actions.enterprise-beta %}

content/actions/guides/publishing-nodejs-packages.md

@@ -8,6 +8,8 @@ redirect_from:
 versions:
   free-pro-team: '*'
   enterprise-server: '>=2.22'
+authors:
+  - GitHub
 ---
 
 {% data reusables.actions.enterprise-beta %}

content/actions/guides/setting-up-continuous-integration-using-workflow-templates.md

@@ -11,6 +11,8 @@ redirect_from:
 versions:
   free-pro-team: '*'
   enterprise-server: '>=2.22'
+authors:
+  - GitHub
 ---
 
 {% data reusables.actions.enterprise-beta %}

content/actions/index.md

@@ -7,27 +7,37 @@ introLinks:
   reference: /actions/reference
 featuredLinks:
   guides:
-    - /actions/guides/setting-up-continuous-integration-using-workflow-templates
+    - /actions/learn-github-actions
+    - /actions/guides/about-continuous-integration
     - /actions/guides/about-packaging-with-github-actions
   gettingStarted:
     - /actions/managing-workflow-runs
     - /actions/hosting-your-own-runners
+  guideCards:
+    - /actions/guides/setting-up-continuous-integration-using-workflow-templates
+    - /actions/guides/publishing-nodejs-packages
+    - /actions/guides/building-and-testing-powershell
   popular:
     - /actions/reference/workflow-syntax-for-github-actions
     - /actions/reference/events-that-trigger-workflows
+    - /actions/learn-github-actions
+    - /actions/reference/context-and-expression-syntax-for-github-actions
+    - /actions/reference/workflow-commands-for-github-actions
+    - /actions/reference/environment-variables
 changelog:
+  - title: Removing set-env and add-path commands on November 16
+    date: '2020-11-09'
+    href: https://github.blog/changelog/2020-10-01-github-actions-deprecating-set-env-and-add-path-commands/
+  - title: Ubuntu-latest workflows will use Ubuntu-20.04
+    date: '2020-10-29'
+    href: https://github.blog/changelog/2020-10-29-github-actions-ubuntu-latest-workflows-will-use-ubuntu-20-04
+  - title: MacOS Big Sur Preview
+    date: '2020-10-29'
+    href: https://github.blog/changelog/2020-10-29-github-actions-macos-big-sur-preview
   - title: Self-Hosted Runner Group Access Changes
     date: '2020-10-16'
     href: https://github.blog/changelog/2020-10-16-github-actions-self-hosted-runner-group-access-changes/
-  - title: Ability to change retention days for artifacts and logs
-    date: '2020-10-08'
-    href: https://github.blog/changelog/2020-10-08-github-actions-ability-to-change-retention-days-for-artifacts-and-logs
-  - title: Deprecating set-env and add-path commands
-    date: '2020-10-01'
-    href: https://github.blog/changelog/2020-10-01-github-actions-deprecating-set-env-and-add-path-commands
-  - title: Fine-tune access to external actions
-    date: '2020-10-01'
-    href: https://github.blog/changelog/2020-10-01-github-actions-fine-tune-access-to-external-actions
+  
 redirect_from:
   - /articles/automating-your-workflow-with-github-actions/
   - /articles/customizing-your-project-with-github-actions/
@@ -50,107 +60,26 @@ versions:
 <!-- {% link_with_intro /reference %} -->
 
 <!-- Code examples -->
+{% assign actionsCodeExamples = site.data.variables.action_code_examples %}
+{% if actionsCodeExamples %}
 <div class="my-6 pt-6">
-  <h2 class="mb-2">More guides</h2>
+  <h2 class="mb-2 font-mktg h1">Code examples</h2>
 
-  <div class="d-flex flex-wrap gutter">
-    <div class="col-12 col-lg-4 mb-4">
-      <a class="Box d-block hover-grow no-underline text-gray-dark" href="/actions/guides/building-and-testing-nodejs">
-        <div class="p-4">
-          <h4>Building and testing Node.js</h4>
-          <p class="mt-2 mb-4">Use GitHub Actions to power CI in your Node.js application.</p>
-          <div class="d-flex">
-            <span class="IssueLabel text-white bg-blue mr-2">JavaScript/TypeScript</span>
-            <span class="IssueLabel text-white bg-blue mr-2">CI</span>
-          </div>
-        </div>
-        <footer class="border-top p-4 text-gray d-flex flex-items-center">
-          {% octicon "workflow" class="flex-shrink-0" %}
-          <span class="ml-2">/guides/building-and-testing-nodejs</span>
-        </footer>
-      </a>
-    </div>
-    <div class="col-12 col-lg-4 mb-4">
-      <a class="Box d-block hover-grow no-underline text-gray-dark" href="/actions/guides/building-and-testing-python">
-        <div class="p-4">
-          <h4>Building and testing Python</h4>
-          <p class="mt-2 mb-4">Use GitHub Actions to power CI in your Python application.</p>
-          <div class="d-flex">
-            <span class="IssueLabel text-white bg-blue mr-2">Python</span>
-            <span class="IssueLabel text-white bg-blue mr-2">CI</span>
-          </div>
-        </div>
-        <footer class="border-top p-4 text-gray d-flex flex-items-center">
-          {% octicon "workflow" class="flex-shrink-0" %}
-          <span class="ml-2">/guides/building-and-testing-python</span>
-        </footer>
-      </a>
-    </div>
-    <div class="col-12 col-lg-4 mb-4">
-      <a class="Box d-block hover-grow no-underline text-gray-dark" href="/actions/guides/building-and-testing-java-with-maven">
-        <div class="p-4">
-          <h4>Building and testing Java with Maven</h4>
-          <p class="mt-2 mb-4">Use GitHub Actions to power CI in your Java project with Maven.</p>
-          <div class="d-flex">
-            <span class="IssueLabel text-white bg-blue mr-2">Java</span>
-            <span class="IssueLabel text-white bg-blue mr-2">CI</span>
-          </div>
-        </div>
-        <footer class="border-top p-4 text-gray d-flex flex-items-center">
-          {% octicon "workflow" class="flex-shrink-0" %}
-          <span class="ml-2">/guides/building-and-testing-java-with-maven</span>
-        </footer>
-      </a>
-    </div>
-    <div class="col-12 col-lg-4 mb-4">
-      <a class="Box d-block hover-grow no-underline text-gray-dark" href="/actions/guides/building-and-testing-java-with-gradle">
-        <div class="p-4">
-          <h4>Building and testing Java with Gradle</h4>
-          <p class="mt-2 mb-4">Use GitHub Actions to power CI in your Java project with Gradle.</p>
-          <div class="d-flex">
-            <span class="IssueLabel text-white bg-blue mr-2">Java</span>
-            <span class="IssueLabel text-white bg-blue mr-2">CI</span>
-          </div>
-        </div>
-        <footer class="border-top p-4 text-gray d-flex flex-items-center">
-          {% octicon "workflow" class="flex-shrink-0" %}
-          <span class="ml-2">/guides/building-and-testing-java-with-gradle</span>
-        </footer>
-      </a>
-    </div>
-    <div class="col-12 col-lg-4 mb-4">
-      <a class="Box d-block hover-grow no-underline text-gray-dark" href="/actions/guides/building-and-testing-java-with-ant">
-        <div class="p-4">
-          <h4>Building and testing Java with Ant</h4>
-          <p class="mt-2 mb-4">Use GitHub Actions to power CI in your Java project with Ant.</p>
-          <div class="d-flex">
-            <span class="IssueLabel text-white bg-blue mr-2">Java</span>
-            <span class="IssueLabel text-white bg-blue mr-2">CI</span>
-          </div>
-        </div>
-        <footer class="border-top p-4 text-gray d-flex flex-items-center">
-          {% octicon "workflow" class="flex-shrink-0" %}
-          <span class="ml-2">/guides/building-and-testing-java-with-ant</span>
-        </footer>
-      </a>
-    </div>
-    <div class="col-12 col-lg-4 mb-4">
-      <a class="Box d-block hover-grow no-underline text-gray-dark" href="/actions/guides/publishing-nodejs-packages">
-        <div class="p-4">
-          <h4>Publishing Node.js packages</h4>
-          <p class="mt-2 mb-4">Use GitHub Actions to push your Node.js package to GitHub Packages or npm.</p>
-          <div class="d-flex">
-            <span class="IssueLabel text-white bg-blue mr-2">JavaScript/TypeScript</span>
-            <span class="IssueLabel text-white bg-blue mr-2">CI</span>
-          </div>
-        </div>
-        <footer class="border-top p-4 text-gray d-flex flex-items-center">
-          {% octicon "workflow" class="flex-shrink-0" %}
-          <span class="ml-2">/guides/publishing-nodejs-packages</span>
-        </footer>
-      </a>
-    </div>
+  <div class="pr-lg-3 mb-5 mt-3">
+    <input class="js-code-example-filter input-lg py-2 px-3 col-12 col-lg-8 form-control" placeholder="Search code examples" type="text" autocomplete="off" />
   </div>
 
-  <a href="/actions/guides" class="btn btn-outline mt-4">Show all guides {% octicon "arrow-right" %}</a>
+  <div class="d-flex flex-wrap gutter">
+    {% render 'code-example-card' for actionsCodeExamples as example %}
+  </div>
+
+  <button class="js-code-example-show-more btn btn-outline float-right">Show more {% octicon "arrow-right" %}</button>
+
+  <div class="js-code-example-no-results d-none py-4 text-center text-gray font-mktg">
+    <div class="mb-3">{% octicon "search" width="24" %}</div>
+    <h3 class="text-normal">Sorry, there is no result for <strong class="js-code-example-filter-value"></strong></h3>
+    <p class="my-3 f4">It looks like we don't have an example that fits your filter.<br>Try another filter or add your code example</p>
+    <a href="https://github.com/github/docs/blob/HEAD/data/variables/action_code_examples.yml">Learn how to add a code example {% octicon "arrow-right" %}</a>
+  </div>
 </div>
+{% endif %}

content/actions/learn-github-actions/introduction-to-github-actions.md

@@ -42,7 +42,7 @@ A job is a set of steps that execute on the same runner. By default, a workflow
 
 #### Steps
 
-A step is an individual task that can run commands (known as _actions_). Each step in a job executes on the same runner, allowing the actions in that job to share data with each other.
+A step is an individual task that can run commands in a job. A step can be either an _action_ or a shell command. Each step in a job executes on the same runner, allowing the actions in that job to share data with each other.
 
 #### Actions
 
@@ -50,7 +50,7 @@ _Actions_ are standalone commands that are combined into _steps_ to create a _jo
 
 #### Runners
 
-A runner is a server that has the {% data variables.product.prodname_actions %} runner application installed. You can use a runner hosted by {% data variables.product.prodname_dotcom %}, or you can host your own. A runner listens for available jobs, runs one job at a time, and reports the progress, logs, and results back to {% data variables.product.prodname_dotcom %}. For {% data variables.product.prodname_dotcom %}-hosted runners, each job in a workflow runs in a fresh virtual environment.
+A runner is a server that has the [{% data variables.product.prodname_actions %} runner application](https://github.com/actions/runner) installed. You can use a runner hosted by {% data variables.product.prodname_dotcom %}, or you can host your own. A runner listens for available jobs, runs one job at a time, and reports the progress, logs, and results back to {% data variables.product.prodname_dotcom %}. For {% data variables.product.prodname_dotcom %}-hosted runners, each job in a workflow runs in a fresh virtual environment.
 
 {% data variables.product.prodname_dotcom %}-hosted runners are based on Ubuntu Linux, Microsoft Windows, and macOS. For information on {% data variables.product.prodname_dotcom %}-hosted runners, see "[Virtual environments for {% data variables.product.prodname_dotcom %}-hosted runners](/actions/reference/virtual-environments-for-github-hosted-runners)." If you need a different operating system or require a specific hardware configuration, you can host your own runners. For information on self-hosted runners, see "[Hosting your own runners](/actions/hosting-your-own-runners)."
 
@@ -197,7 +197,7 @@ To help you understand how YAML syntax is used to create a workflow file, this s
 
 #### Visualizing the workflow file
 
-In this diagram, you can see the workflow file you just created and how the {% data variables.product.prodname_actions %} components are organized in a hierarchy. Each step executes a single action. Steps 1 and 2 use prebuilt community actions. To find more prebuilt actions for your workflows, see "[Finding and customizing actions](/actions/learn-github-actions/finding-and-customizing-actions)."
+In this diagram, you can see the workflow file you just created and how the {% data variables.product.prodname_actions %} components are organized in a hierarchy. Each step executes a single action or shell command. Steps 1 and 2 use prebuilt community actions. Steps 3 and 4 run shell commands directly on the runner. To find more prebuilt actions for your workflows, see "[Finding and customizing actions](/actions/learn-github-actions/finding-and-customizing-actions)."
 
 ![Workflow overview](/assets/images/help/images/overview-actions-event.png)
 

content/actions/managing-workflow-runs/re-running-a-workflow.md

@@ -10,7 +10,7 @@ versions:
 {% data reusables.actions.enterprise-beta %}
 {% data reusables.actions.enterprise-github-hosted-runners %}
 
-{% data reusables.repositories.permissions-statement-read %}
+{% data reusables.repositories.permissions-statement-write %}
 
 {% data reusables.repositories.navigate-to-repo %}
 {% data reusables.repositories.actions-tab %}

content/actions/quickstart.md

@@ -75,3 +75,69 @@ The super-linter workflow you just added runs any time code is pushed to your re
 - "[Learn {% data variables.product.prodname_actions %}](/actions/learn-github-actions)" for an in-depth tutorial
 - "[Guides](/actions/guides)" for specific uses cases and examples
 - [github/super-linter](https://github.com/github/super-linter) for more details about configuring the Super-Linter action
+
+<div id="quickstart-treatment" hidden>
+
+### Introduction
+
+Printing "Hello, World!" is a great way to explore the basic set up and syntax of a new programming language. In this guide, you'll use GitHub Actions to print "Hello, World!" within your {% data variables.product.prodname_dotcom %} repository's workflow logs. All you need to get started is a {% data variables.product.prodname_dotcom %} repository where you feel comfortable creating and running a sample {% data variables.product.prodname_actions %} workflow. Feel free to create a new repository for this Quickstart, you can use it to test this and future {% data variables.product.prodname_actions %} workflows.
+
+### Creating your first workflow
+
+1. From your repository on {% data variables.product.prodname_dotcom %}, create a new file in the `.github/workflows` directory named `hello-world.yml`. For more information, see "[Creating new files](/github/managing-files-in-a-repository/creating-new-files)."
+2. Copy the following YAML contents into the `hello-world.yml` file.
+    {% raw %}
+    ```yaml{:copy}
+    name: Say hello!
+
+    # GitHub Actions Workflows are automatically triggered by GitHub events
+    on:
+      # For this workflow, we're using the workflow_dispatch event which is triggered when the user clicks Run workflow in the GitHub Actions UI
+      workflow_dispatch:
+        # The workflow_dispatch event accepts optional inputs so you can customize the behavior of the workflow
+        inputs:
+          name:
+            description: 'Person to greet'
+            required: true
+            default: 'World'
+    # When the event is triggered, GitHub Actions will run the jobs indicated
+    jobs:
+      say_hello:
+        # Uses a ubuntu-lates runner to complete the requested steps
+        runs-on: ubuntu-latest
+        steps:
+        - run: |
+            echo "Hello ${{ github.event.inputs.name }}!"
+    ```
+    {% endraw %}
+3. Scroll to the bottom of the page and select **Create a new branch for this commit and start a pull request**. Then, to create a pull request, click **Propose new file**.
+    ![Commit workflow file](/assets/images/help/repository/commit-hello-world-file.png)
+4. Once the pull request has been merged, you'll be ready to move on to "Trigger your workflow".
+
+### Trigger your workflow
+
+{% data reusables.repositories.navigate-to-repo %}
+{% data reusables.repositories.actions-tab %}
+1. In the left sidebar, click the workfow you want to run.
+   ![Select say hello job](/assets/images/help/repository/say-hello-job.png)
+1. On the right, click the **Run workflow** drop-down and click **Run workflow**. Optionally, you can enter a custom message into the "Person to greet" input before running the workflow.
+   ![Trigger the manual workflow](/assets/images/help/repository/manual-workflow-trigger.png)
+1. The workflow run will appear at the top of the list of "Say hello!" workflow runs. Click "Say hello!" to see the result of the workflow run.
+   ![Workflow run result listing](/assets/images/help/repository/workflow-run-listing.png)
+1. In the left sidebar, click the "say_hello" job.
+   ![Workflow job listing](/assets/images/help/repository/workflow-job-listing.png)
+1. In the workflow logs, expand the 'Run echo "Hello World!"' section.
+   ![Workflow detail](/assets/images/help/repository/workflow-log-listing.png)
+
+### More starter workflows
+
+{% data variables.product.prodname_dotcom %} provides preconfigured workflow templates that you can start from to automate or create a continuous integration workflows. You can browse the full list of workflow templates in the {% if currentVersion == "free-pro-team@latest" %}[actions/starter-workflows](https://github.com/actions/starter-workflows) repository{% else %} `actions/starter-workflows` repository on {% data variables.product.product_location %}{% endif %}.
+
+### Next steps
+
+The hello-world workflow you just added is a simple example of a manually triggered workflow. This is only the beginning of what you can do with {% data variables.product.prodname_actions %}. Your repository can contain multiple workflows that trigger different jobs based on different events. {% data variables.product.prodname_actions %} can help you automate nearly every aspect of your application development processes. Ready to get started? Here are some helpful resources for taking your next steps with {% data variables.product.prodname_actions %}:
+
+- "[Learn {% data variables.product.prodname_actions %}](/actions/learn-github-actions)" for an in-depth tutorial
+- "[Guides](/actions/guides)" for specific uses cases and examples
+
+</div>

content/actions/reference/events-that-trigger-workflows.md

@@ -327,6 +327,7 @@ The `issue_comment` event occurs for comments on both issues and pull requests.
 
 For example, you can choose to run the `pr_commented` job when comment events occur in a pull request, and the `issue_commented` job when comment events occur in an issue.
 
+{% raw %}
 ```yaml
 on: issue_comment
 
@@ -349,6 +350,7 @@ jobs:
       - run: |
           echo "Comment on issue #${{ github.event.issue.number }}"
 ```
+{% endraw %}
 
 #### `issues`
 

content/actions/reference/specifications-for-github-hosted-runners.md

@@ -31,7 +31,7 @@ You can specify the runner type for each job in a workflow. Each job in a workfl
 
 {% data variables.product.prodname_dotcom %} hosts Linux and Windows runners on Standard_DS2_v2 virtual machines in Microsoft Azure with the {% data variables.product.prodname_actions %} runner application installed. The {% data variables.product.prodname_dotcom %}-hosted runner application is a fork of the Azure Pipelines Agent. Inbound ICMP packets are blocked for all Azure virtual machines, so ping or traceroute commands might not work. For more information about the Standard_DS2_v2 machine resources, see "[Dv2 and DSv2-series](https://docs.microsoft.com/azure/virtual-machines/dv2-dsv2-series#dsv2-series)" in the Microsoft Azure documentation.
 
-{% data variables.product.prodname_dotcom %} uses [MacStadium](https://www.macstadium.com/) to host the macOS runners.
+{% data variables.product.prodname_dotcom %} hosts macOS runners in {% data variables.product.prodname_dotcom %}'s own macOS Cloud.
 
 #### Administrative privileges of {% data variables.product.prodname_dotcom %}-hosted runners
 

content/actions/reference/workflow-syntax-for-github-actions.md

@@ -446,7 +446,7 @@ steps:
     uses: monacorp/action-name@main
   - name: My backup step
     if: {% raw %}${{ failure() }}{% endraw %}
-    uses: actions/heroku@master
+    uses: actions/heroku@1.0.0
 ```
 
 #### **`jobs.<job_id>.steps.name`**
@@ -492,7 +492,7 @@ jobs:
     steps:
       - name: My first step
         # Uses the default branch of a public repository
-        uses: actions/heroku@master
+        uses: actions/heroku@1.0.0
       - name: My second step
         # Uses a specific version tag of a public repository
         uses: actions/aws@v2.0.1
@@ -659,7 +659,7 @@ For built-in shell keywords, we provide the following defaults that are executed
 
 - `cmd`
   - There doesn't seem to be a way to fully opt into fail-fast behavior other than writing your script to check each error code and respond accordingly. Because we can't actually provide that behavior by default, you need to write this behavior into your script.
-  - `cmd.exe` will exit with the error level of the last program it executed, and it will and return the error code to the runner. This behavior is internally consistent with the previous `sh` and `pwsh` default behavior and is the `cmd.exe` default, so this behavior remains intact.
+  - `cmd.exe` will exit with the error level of the last program it executed, and it will return the error code to the runner. This behavior is internally consistent with the previous `sh` and `pwsh` default behavior and is the `cmd.exe` default, so this behavior remains intact.
 
 #### **`jobs.<job_id>.steps.with`**
 
@@ -718,7 +718,7 @@ steps:
       entrypoint: /a/different/executable
 ```
 
-The `entrypoint` keyword is meant to use with Docker container actions, but you can also use it with JavaScript actions that don't define any inputs.
+The `entrypoint` keyword is meant to be used with Docker container actions, but you can also use it with JavaScript actions that don't define any inputs.
 
 #### **`jobs.<job_id>.steps.env`**
 

content/admin/authentication/configuring-authentication-and-provisioning-for-your-enterprise-using-azure-ad.md

@@ -28,13 +28,7 @@ To configure authentication and user provisioning for {% data variables.product.
 
 {% if currentVersion == "github-ae@latest" %}
 
-1. In Azure AD, add {% data variables.product.ae_azure_ad_app_link %} to your tenant and configure single sign-on.
-
-    | Value in Azure AD | Value from {% data variables.product.prodname_ghe_managed %} |
-    | :- | :- |
-    | Identifier (Entity ID) | <code>https://<em>YOUR-GITHUB-AE-HOSTNAME</em><code> |
-    | Reply URL | <code>https://<em>YOUR-GITHUB-AE-HOSTNAME</em>/saml/consume</code> |
-    | Sign on URL | <code>https://<em>YOUR-GITHUB-AE-HOSTNAME</em>/sso</code> |
+1. In Azure AD, add {% data variables.product.ae_azure_ad_app_link %} to your tenant and configure single sign-on. For more information, see [Tutorial: Azure Active Directory single sign-on (SSO) integration with {% data variables.product.prodname_ghe_managed %}](https://docs.microsoft.com/azure/active-directory/saas-apps/github-ae-tutorial) in the Microsoft Docs.
 
 1. In {% data variables.product.prodname_ghe_managed %}, enter the details for your Azure AD tenant.
 

content/admin/authentication/configuring-saml-single-sign-on-for-your-enterprise.md

@@ -38,6 +38,12 @@ After a user successfully authenticates on your IdP, the user's SAML session for
 
 {% data reusables.saml.ae-enable-saml-sso-during-bootstrapping %}
 
+The following IdPs provide documentation about configuring SAML SSO for {% data variables.product.product_name %}. If your IdP isn't listed, please contact your IdP to request support for {% data variables.product.product_name %}.
+
+ | IdP | More information |
+ | :- | :- |
+ | Azure AD | [Tutorial: Azure Active Directory single sign-on (SSO) integration with {% data variables.product.prodname_ghe_managed %}](https://docs.microsoft.com/azure/active-directory/saas-apps/github-ae-tutorial) in the Microsoft Docs |
+
 During initialization for {% data variables.product.product_name %}, you must configure {% data variables.product.product_name %} as a SAML Service Provider (SP) on your IdP. You must enter several unique values on your IdP to configure {% data variables.product.product_name %} as a valid SP.
 
 | Value | Other names | Description | Example |

content/admin/authentication/configuring-user-provisioning-for-your-enterprise.md

@@ -62,7 +62,15 @@ You must have administrative access on your IdP to configure the application for
   ![Checkbox for "Require SCIM user provisioning" within enterprise security settings](/assets/images/help/enterprises/settings-require-scim-user-provisioning.png)
 1. Click **Save**.
   ![Save button under "Require SCIM user provisioning" within enterprise security settings](/assets/images/help/enterprises/settings-scim-save.png)
-1. Configure user provisioning in the application for {% data variables.product.product_name %} on your IdP. The application on your IdP requires two values to provision or deprovision user accounts on {% data variables.product.product_location %}.
+1. Configure user provisioning in the application for {% data variables.product.product_name %} on your IdP.
+
+  The following IdPs provide documentation about configuring provisioning for {% data variables.product.product_name %}. If your IdP isn't listed, please contact your IdP to request support for {% data variables.product.product_name %}.
+
+  | IdP | More information |
+  | :- | :- |
+  | Azure AD | [Tutorial: Configure {% data variables.product.prodname_ghe_managed %} for automatic user provisioning](https://docs.microsoft.com/azure/active-directory/saas-apps/github-ae-provisioning-tutorial) in the Microsoft Docs |
+
+  The application on your IdP requires two values to provision or deprovision user accounts on {% data variables.product.product_location %}.
 
   | Value | Other names | Description | Example |
   | :- | :- | :- | :- |

content/developers/apps/rate-limits-for-github-apps.md

@@ -34,8 +34,6 @@ Different server-to-server request rate limits apply to {% data variables.produc
 
 ### User-to-server requests
 
-{% data reusables.apps.deprecating_password_auth %}
-
 {% data variables.product.prodname_github_app %}s can also act [on behalf of a user](/apps/building-github-apps/identifying-and-authorizing-users-for-github-apps/#identifying-and-authorizing-users-for-github-apps), making user-to-server requests.
 
 {% if currentVersion == "free-pro-team@latest" %}
@@ -52,7 +50,7 @@ User-to-server requests are rate limited at 5,000 requests per hour and per auth
 
 #### {% data variables.product.prodname_ghe_cloud %} user-to-server rate limits
 
-When a user belongs to a {% data variables.product.prodname_ghe_cloud %} account, user-to-server requests to resources owned by the same {% data variables.product.prodname_ghe_cloud %} account are rate limited at 15,000 requests per hour and per authenticated user. All OAuth applications authorized by that user, personal access tokens owned by that user, and requests authenticated with that user's username and password share the same quota of 5,000 requests per hour for that user.
+When a user belongs to a {% data variables.product.prodname_ghe_cloud %} account, user-to-server requests to resources owned by the same {% data variables.product.prodname_ghe_cloud %} account are rate limited at 15,000 requests per hour and per authenticated user. All OAuth applications authorized by that user, personal access tokens owned by that user, and {% data variables.product.prodname_ghe_cloud %} requests authenticated with that user's username and password share the same quota of 5,000 requests per hour for that user.
 
 {% endif %}
 

content/developers/overview/managing-deploy-keys.md

@@ -83,6 +83,32 @@ See [our guide on Git automation with tokens][git-automation].
 7. Select **Allow write access** if you want this key to have write access to the repository. A deploy key with write access lets a deployment push to the repository.
 8. Click **Add key**.
 
+##### Using multiple repositories on one server
+
+If you use multiple repositories on one server, you will need to generate a dedicated key pair for each one. You can't reuse a deploy key for multiple repositories.
+
+In the server's SSH configuration file (usually `~/.ssh/config`), add an alias entry for each repository. For example:
+
+```bash
+Host {% if currentVersion == "free-pro-team@latest" %}github.com{% else %}my-GHE-hostname.com{% endif %}-repo-0
+        Hostname {% if currentVersion == "free-pro-team@latest" %}github.com{% else %}my-GHE-hostname.com{% endif %}
+        IdentityFile=/home/user/.ssh/repo-0_deploy_key
+
+Host {% if currentVersion == "free-pro-team@latest" %}github.com{% else %}my-GHE-hostname.com{% endif %}-repo-1
+        Hostname {% if currentVersion == "free-pro-team@latest" %}github.com{% else %}my-GHE-hostname.com{% endif %}
+        IdentityFile=/home/user/.ssh/repo-1_deploy_key
+```
+
+* `Host {% if currentVersion == "free-pro-team@latest" %}github.com{% else %}my-GHE-hostname.com{% endif %}-repo-0` - The repository's alias.
+* `Hostname {% if currentVersion == "free-pro-team@latest" %}github.com{% else %}my-GHE-hostname.com{% endif %}` - Configures the hostname to use with the alias.
+* `IdentityFile=/home/user/.ssh/repo-0_deploy_key` - Assigns a private key to the alias.
+
+You can then use the hostname's alias to interact with the repository using SSH, which will use the unique deploy key assigned to that alias. For example:
+
+```bash
+$ git clone git@{% if currentVersion == "free-pro-team@latest" %}github.com{% else %}my-GHE-hostname.com{% endif %}-repo-1:OWNER/repo-1.git
+```
+
 ### Machine users
 
 If your server needs to access multiple repositories, you can create a new {% data variables.product.product_name %} account and attach an SSH key that will be used exclusively for automation. Since this {% data variables.product.product_name %} account won't be used by a human, it's called a _machine user_. You can add the machine user as a [collaborator][collaborator] on a personal repository (granting read and write access), as an [outside collaborator][outside-collaborator] on an organization repository (granting read, write, or admin access), or to a [team][team] with access to the repositories it needs to automate (granting the permissions of the team).

content/github/administering-a-repository/about-secret-scanning.md

@@ -1,6 +1,7 @@
 ---
 title: About secret scanning
 intro: '{% data variables.product.product_name %} scans repositories for known types of secrets, to prevent fraudulent use of secrets that were committed accidentally.'
+product: '{% data reusables.gated-features.secret-scanning %}'
 redirect_from:
   - /github/administering-a-repository/about-token-scanning
   - /articles/about-token-scanning

content/github/administering-a-repository/configuring-secret-scanning-for-private-repositories.md

@@ -1,6 +1,7 @@
 ---
 title: Configuring secret scanning for private repositories
 intro: 'You can configure how {% data variables.product.product_name %} scans your private repositories for secrets.'
+product: '{% data reusables.gated-features.secret-scanning %}'
 permissions: 'People with admin permissions to a private repository can enable {% data variables.product.prodname_secret_scanning %} for the repository.'
 versions:
   free-pro-team: '*'

content/github/administering-a-repository/managing-alerts-from-secret-scanning.md

@@ -1,6 +1,7 @@
 ---
 title: Managing alerts from secret scanning
 intro: You can view and close alerts for secrets checked in to your repository.
+product: '{% data reusables.gated-features.secret-scanning %}'
 versions:
   free-pro-team: '*'
 ---

content/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-codeql-code-scanning-in-your-ci-system.md

@@ -97,7 +97,7 @@ If the `autobuild` command can't build your code, you can run the build steps yo
 
 By default, the {% data variables.product.prodname_codeql_runner %} uploads results from {% data variables.product.prodname_code_scanning %} when you run the `analyze` command. You can also upload SARIF files separately, by using the `upload` command.
 
-Once you've uploaded the data, {% data variables.product.prodname_dotcom %} displays the alerts in your repository. For more information, see "[Managing {% data variables.product.prodname_code_scanning %} alerts for your repository](/github/finding-security-vulnerabilities-and-errors-in-your-code/managing-code-scanning-alerts-for-your-repository#viewing-an-alert)."
+Once you've uploaded the data, {% data variables.product.prodname_dotcom %} displays the alerts in your repository. For more information, see "[Managing {% data variables.product.prodname_code_scanning %} alerts for your repository](/github/finding-security-vulnerabilities-and-errors-in-your-code/managing-code-scanning-alerts-for-your-repository#viewing-the-alerts-for-a-repository)."
 
 ### {% data variables.product.prodname_codeql_runner %} command reference
 

content/github/finding-security-vulnerabilities-and-errors-in-your-code/enabling-code-scanning-for-a-repository.md

@@ -62,7 +62,7 @@ After enabling {% data variables.product.prodname_code_scanning %} for your repo
 
 1. Review the logging output from the actions in this workflow as they run.
 
-1. Once all jobs are complete, you can view the details of any {% data variables.product.prodname_code_scanning %} alerts that were identified. For more information, see "[Managing {% data variables.product.prodname_code_scanning %} alerts for your repository](/github/finding-security-vulnerabilities-and-errors-in-your-code/managing-code-scanning-alerts-for-your-repository#viewing-an-alert)."
+1. Once all jobs are complete, you can view the details of any {% data variables.product.prodname_code_scanning %} alerts that were identified. For more information, see "[Managing {% data variables.product.prodname_code_scanning %} alerts for your repository](/github/finding-security-vulnerabilities-and-errors-in-your-code/managing-code-scanning-alerts-for-your-repository#viewing-the-alerts-for-a-repository)."
 
 {% note %}
 

content/github/finding-security-vulnerabilities-and-errors-in-your-code/managing-code-scanning-alerts-for-your-repository.md

@@ -1,7 +1,7 @@
 ---
 title: Managing code scanning alerts for your repository
 shortTitle: Managing alerts
-intro: 'You can view, fix, {% if currentVersion == "enterprise-server@2.22" %}or close{% else %}dismiss, or delete{% endif %} alerts for potential vulnerabilities or errors in your project''s code.'
+intro: 'From the security view, you can view, fix, {% if currentVersion == "enterprise-server@2.22" %}or close{% else %}dismiss, or delete{% endif %} alerts for potential vulnerabilities or errors in your project''s code.'
 product: '{% data reusables.gated-features.code-scanning %}'
 permissions: 'If you have write permission to a repository you can manage {% data variables.product.prodname_code_scanning %} alerts for that repository.'
 versions:
@@ -30,9 +30,11 @@ If you enable {% data variables.product.prodname_code_scanning %} using {% data
 
 When {% data variables.product.prodname_code_scanning %} reports data-flow alerts, {% data variables.product.prodname_dotcom %} shows you how data moves through the code. {% data variables.product.prodname_code_scanning_capc %} allows you to identify the areas of your code that leak sensitive information, and that could be the entry point for attacks by malicious users.
 
-### Viewing an alert
+### Viewing the alerts for a repository
 
-Anyone with read permission for a repository can see {% data variables.product.prodname_code_scanning %} alerts on pull requests. However, you need write permission to view a summary of alerts for repository on the **Security** tab. By default, alerts are shown for the default branch.
+Anyone with read permission for a repository can see {% data variables.product.prodname_code_scanning %} annotations on pull requests. For more information, see "[Triaging {% data variables.product.prodname_code_scanning %} alerts in pull requests](/github/finding-security-vulnerabilities-and-errors-in-your-code/triaging-code-scanning-alerts-in-pull-requests)."
+
+You need write permission to view a summary of all the alerts for a repository on the **Security** tab. By default, alerts are shown for the default branch.
 
 {% data reusables.repositories.navigate-to-repo %}
 {% data reusables.repositories.sidebar-security %}
@@ -48,7 +50,7 @@ Anyone with read permission for a repository can see {% data variables.product.p
 
 Anyone with write permission for a repository can fix an alert by committing a correction to the code. If the repository has {% data variables.product.prodname_code_scanning %} scheduled to run on pull requests, it's best to raise a pull request with your correction. This will trigger {% data variables.product.prodname_code_scanning %} analysis of the changes and test that your fix doesn't introduce any new problems. For more information, see "[Configuring {% data variables.product.prodname_code_scanning %}](/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning)" and "[Triaging {% data variables.product.prodname_code_scanning %} alerts in pull requests](/github/finding-security-vulnerabilities-and-errors-in-your-code/triaging-code-scanning-alerts-in-pull-requests)."
 
-If you have write permission for a repository, you can view fixed alerts by viewing the summary of alerts and clicking **Closed**. For more information, see "[Viewing an alert](#viewing-an-alert)." The "Closed" list shows fixed alerts and alerts that users have {% if currentVersion == "enterprise-server@2.22" %}closed{% else %}dismissed{% endif %}.
+If you have write permission for a repository, you can view fixed alerts by viewing the summary of alerts and clicking **Closed**. For more information, see "[Viewing the alerts for a repository](#viewing-the-alerts-for-a-repository)." The "Closed" list shows fixed alerts and alerts that users have {% if currentVersion == "enterprise-server@2.22" %}closed{% else %}dismissed{% endif %}.
 
 Alerts may be fixed in one branch but not in another. You can use the "Branch" drop-down menu, on the summary of alerts, to check whether an alert is fixed in a particular branch.
 

content/github/finding-security-vulnerabilities-and-errors-in-your-code/triaging-code-scanning-alerts-in-pull-requests.md

@@ -3,7 +3,7 @@ title: Triaging code scanning alerts in pull requests
 shortTitle: Triaging alerts in pull requests
 intro: 'When {% data variables.product.prodname_code_scanning %} identifies a problem in a pull request, you can review the highlighted code and resolve the alert.'
 product: '{% data reusables.gated-features.code-scanning %}'
-permissions: 'If you have write permission to a repository, you can resolve {% data variables.product.prodname_code_scanning %} alerts for that repository.'
+permissions: 'If you have read permission for a repository, you can see annotations on pull requests. With write permission, you can see detailed information and resolve {% data variables.product.prodname_code_scanning %} alerts for that repository.'
 versions:
   free-pro-team: '*'
   enterprise-server: '>=2.22'
@@ -31,9 +31,9 @@ When you look at the **Files changed** tab for a pull request, you see annotatio
 
 ![Alert annotation within a pull request diff](/assets/images/help/repository/code-scanning-pr-annotation.png)
 
-Some annotations contain links with extra context for the alert. In the example above, from {% data variables.product.prodname_codeql %} analysis, you can click **user-provided value** to see where the untrusted data enters the data flow (this is referred to as the source). In this case you can view the full path from the source to the code that uses the data (the sink) by clicking **Show paths**. This makes it easy to check whether the data is untrusted or if the analysis failed to recognize a data sanitization step between the source and the sink. For information about analyzing data flow using {% data variables.product.prodname_codeql %}, see "[About data flow analysis](https://help.semmle.com/QL/learn-ql/intro-to-data-flow.html)."
+If you have write permission for the repository, some annotations contain links with extra context for the alert. In the example above, from {% data variables.product.prodname_codeql %} analysis, you can click **user-provided value** to see where the untrusted data enters the data flow (this is referred to as the source). In this case you can also view the full path from the source to the code that uses the data (the sink) by clicking **Show paths**. This makes it easy to check whether the data is untrusted or if the analysis failed to recognize a data sanitization step between the source and the sink. For information about analyzing data flow using {% data variables.product.prodname_codeql %}, see "[About data flow analysis](https://help.semmle.com/QL/learn-ql/intro-to-data-flow.html)."
 
-For more information about an alert, click **Show more details** on the annotation. This allows you to see all of the context and metadata provided by the tool in an alert view. In the example below, you can see tags showing the severity, type, and relevant common weakness enumerations (CWEs) for the problem. The view also shows which commit introduced the problem.
+To see more information about an alert, users with write permission can click the **Show more details** link shown in the annotation. This allows you to see all of the context and metadata provided by the tool in an alert view. In the example below, you can see tags showing the severity, type, and relevant common weakness enumerations (CWEs) for the problem. The view also shows which commit introduced the problem.
 
 In the detailed view for an alert, some {% data variables.product.prodname_code_scanning %} tools, like {% data variables.product.prodname_codeql %} analysis, also include a description of the problem and a **Show more** link for guidance on how to fix your code.
 
@@ -41,11 +41,11 @@ In the detailed view for an alert, some {% data variables.product.prodname_code_
 
 ### {% if currentVersion == "enterprise-server@2.22" %}Resolving{% else %}Fixing{% endif %} an alert on your pull request
 
-Anyone with write permission for a repository can fix a {% data variables.product.prodname_code_scanning %} alert that's identified on a pull request. If you commit changes to the pull request this triggers a new run of the pull request checks. If your changes fix the problem, the alert is closed and the annotation removed.
+Anyone with push access to a pull request can fix a {% data variables.product.prodname_code_scanning %} alert that's identified on that pull request. If you commit changes to the pull request this triggers a new run of the pull request checks. If your changes fix the problem, the alert is closed and the annotation removed.
 
 {% if currentVersion == "enterprise-server@2.22" %}
 
-If you don't think that an alert needs to be fixed, you can close the alert manually. {% data reusables.code-scanning.close-alert-examples %} The **Close** button is available in annotations and in the alerts view if you have write permission for the repository.
+If you don't think that an alert needs to be fixed, users with write permission can close the alert manually. {% data reusables.code-scanning.close-alert-examples %} The **Close** button is available in annotations and in the alerts view if you have write permission for the repository.
 
 {% data reusables.code-scanning.false-positive-fix-codeql %}
 
@@ -63,4 +63,4 @@ An alternative way of closing an alert is to dismiss it. You can dismiss an aler
 
 For more information about dismissing alerts, see "[Managing {% data variables.product.prodname_code_scanning %} alerts for your repository](/github/finding-security-vulnerabilities-and-errors-in-your-code/managing-code-scanning-alerts-for-your-repository#dismissing-or-deleting-alerts)." 
 
-{% endif %}
+{% endif %}

content/github/setting-up-and-managing-organizations-and-teams/managing-secret-scanning-for-your-organization.md

@@ -1,6 +1,7 @@
 ---
 title: Managing secret scanning for your organization
 intro: 'You can control which repositories in your organization {% data variables.product.product_name %} will scan for secrets.'
+product: '{% data reusables.gated-features.secret-scanning %}'
 permissions: 'Organization owners can manage {% data variables.product.prodname_secret_scanning %} for repositories in the organization.'
 versions:
   free-pro-team: '*'

content/github/setting-up-and-managing-organizations-and-teams/repository-permission-levels-for-an-organization.md

@@ -104,7 +104,10 @@ In addition to managing organization-level settings, organization owners have ad
 | Receive [{% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies) in a repository | | | | | **X** |
 | [Dismiss {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository) | | | | | **X** |
 | [Designate additional people or teams to receive {% data variables.product.prodname_dependabot_alerts %}](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository) for vulnerable dependencies | | | | | **X** |
-| [Manage data use settings for your private repository](/github/understanding-how-github-uses-and-protects-your-data/managing-data-use-settings-for-your-private-repository) | | | | | **X** |{% endif %}{% if currentVersion == "free-pro-team@latest" %}| Create [security advisories](/github/managing-security-vulnerabilities/about-github-security-advisories) | | | | | **X** | {% endif %}
+| [Manage data use settings for your private repository](/github/understanding-how-github-uses-and-protects-your-data/managing-data-use-settings-for-your-private-repository) | | | | | **X** |
+| Create [security advisories](/github/managing-security-vulnerabilities/about-github-security-advisories) | | | | | **X** | {% endif %}{% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.21" %}
+| [View {% data variables.product.prodname_code_scanning %} alerts on pull requests](/github/finding-security-vulnerabilities-and-errors-in-your-code/triaging-code-scanning-alerts-in-pull-requests) | **X** | **X** | **X** | **X** | **X** |
+| [List, dismiss, and delete {% data variables.product.prodname_code_scanning %} alerts](/github/finding-security-vulnerabilities-and-errors-in-your-code/managing-code-scanning-alerts-for-your-repository) | | | **X** | **X** | **X** |{% endif %}
 | [Manage the forking policy for a repository](/github/administering-a-repository/managing-the-forking-policy-for-your-repository) | | | | | **X** |
 | [Transfer repositories into the organization](/articles/restricting-repository-creation-in-your-organization) | | | | | **X** |
 | [Delete or transfer repositories out of the organization](/articles/setting-permissions-for-deleting-or-transferring-repositories) | | | | | **X** |

content/github/site-policy/github-additional-product-terms.md

@@ -4,7 +4,7 @@ versions:
   free-pro-team: '*'
 ---
 
-Version Effective Date: November 1, 2020
+Version Effective Date: November 13, 2020
 
 When you create an Account, you're given access to lots of different features and products that are all a part of the Service. Because many of these features and products offer different functionality, they may require additional terms and conditions specific to that feature or product. Below, we've listed those features and products, along with the corresponding additional terms that apply to your use of them.
 
@@ -89,7 +89,7 @@ In order to become a Sponsored Developer, you must agree to the [GitHub Sponsors
 
 ### 9. GitHub Advanced Security
 
-GitHub Advanced Security enables you to identify security vulnerabilities through customizable and automated semantic code analysis. GitHub Advanced Security is licensed on a per User basis. If you are using GitHub Advanced Security as part of GitHub Enterprise Cloud, many features of GitHub Advanced Security, including automated code scanning of private repositories, also require the use of GitHub Actions. Billing for usage of GitHub Actions is usage-based and is subject to the [GitHub Actions terms](/github/site-policy/github-additional-product-terms#c-payment-and-billing-for-actions-and-packages).
+GitHub Advanced Security is licensed on a "Unique Committer" basis. A "Unique Committer" is a licensed user of GitHub Enterprise, GitHub Enterprise Cloud, GitHub Enterprise Server, or GitHub AE, who has made a code commit in the last 90 days to any repository with any GitHub Advanced Security functionality activated. You must acquire a GitHub Advanced Security User license for each of your Unique Committers. You may only use GitHub Advanced Security on codebases that are developed by or for you. If you are using GitHub Advanced Security as part of GitHub Enterprise Cloud, many features of GitHub Advanced Security, including automated code scanning of private repositories, also require the use of GitHub Actions. 
 
 ### 10. Dependabot Preview
 
@@ -108,4 +108,3 @@ We need the legal right to submit your contributions to the GitHub Advisory Data
 #### b. License to the GitHub Advisory Database
 
 The GitHub Advisory Database is licensed under the [Creative Commons Attribution 4.0 license](https://creativecommons.org/licenses/by/4.0/). The attribution term may be fulfilled by linking to the GitHub Advisory Database at <https://github.com/advisories> or to individual GitHub Advisory Database records used, prefixed by <https://github.com/advisories>.
-

content/github/writing-on-github/autolinked-references-and-urls.md

@@ -43,10 +43,10 @@ References to a commit's SHA hash are automatically converted into shortened lin
 
 | Reference type | Raw reference | Short link |
 | --- | --- | --- |
-| Commit URL | https://github.com/jlord/sheetsee.js/commit/a5c3785ed8d6a35868bc169f07e40e889087fd2e | [a5c3785](https://github.com/jlord/sheetsee.js/commit/a5c3785ed8d6a35868bc169f07e40e889087fd2e) |
+| Commit URL | [`https://github.com/jlord/sheetsee.js/commit/a5c3785ed8d6a35868bc169f07e40e889087fd2e`](https://github.com/jlord/sheetsee.js/commit/a5c3785ed8d6a35868bc169f07e40e889087fd2e) | [a5c3785](https://github.com/jlord/sheetsee.js/commit/a5c3785ed8d6a35868bc169f07e40e889087fd2e) |
 | SHA | a5c3785ed8d6a35868bc169f07e40e889087fd2e | [a5c3785](https://github.com/jlord/sheetsee.js/commit/a5c3785ed8d6a35868bc169f07e40e889087fd2e) |
 | User@SHA | jlord@a5c3785ed8d6a35868bc169f07e40e889087fd2e | [jlord@a5c3785](https://github.com/jlord/sheetsee.js/commit/a5c3785ed8d6a35868bc169f07e40e889087fd2e)
-| Username/Repository@SHA | jlord/sheetsee.js@a5c3785ed8d6a35868bc169f07e40e889087fd2e | [jlord/sheetsee.js@a5c3785](https://github.com/jlord/sheetsee.js/commit/a5c3785ed8d6a35868bc169f07e40e889087fd2e) |
+| `Username/Repository@SHA` | `jlord/sheetsee.js@a5c3785ed8d6a35868bc169f07e40e889087fd2e` | [`jlord/sheetsee.js@a5c3785`](https://github.com/jlord/sheetsee.js/commit/a5c3785ed8d6a35868bc169f07e40e889087fd2e) |
 
 ### Custom autolinks to external resources
 

content/packages/getting-started-with-github-container-registry/about-github-container-registry.md

@@ -8,19 +8,24 @@ versions:
 
 {% note %}
 
-**Note:** {% data variables.product.prodname_github_container_registry %} is currently in public beta and subject to change. Currently, {% data variables.product.prodname_github_container_registry %} only supports Docker image formats. During the beta, storage and bandwidth is free.
+**Note:** {% data variables.product.prodname_github_container_registry %} is currently in public beta and subject to change. During the beta, storage and bandwidth are free.
 
 {% endnote %}
 
-
 {% data reusables.package_registry.container-registry-feature-highlights %}
 
 To share context about your package's use, you can link a repository to your container image on {% data variables.product.prodname_dotcom %}. For more information, see "[Connecting a repository to a container image](/packages/managing-container-images-with-github-container-registry/connecting-a-repository-to-a-container-image)."
 
 ### Supported formats
 
-The {% data variables.product.prodname_container_registry %} currently only supports Docker images.
+The {% data variables.product.prodname_container_registry %} currently supports the following container image formats:
 
+* [Docker Image Manifest V2, Schema 2](https://docs.docker.com/registry/spec/manifest-v2-2/)
+* [Open Container Initiative (OCI) Specifications](https://github.com/opencontainers/image-spec)
+
+#### Manifest Lists/Image Indexes
+
+{% data variables.product.prodname_github_container_registry %} also supports [Docker Manifest List](https://docs.docker.com/registry/spec/manifest-v2-2/#manifest-list)/[OCI Image Index](https://github.com/opencontainers/image-spec/blob/79b036d80240ae530a8de15e1d21c7ab9292c693/image-index.md) formats which are defined in the Docker V2, Schema 2 and OCI image specifications.
 
 ### Visibility and access permissions for container images
 

content/packages/managing-container-images-with-github-container-registry/deleting-a-container-image.md

@@ -16,8 +16,6 @@ To delete a container image, you must have admin permissions to the container im
 
 When deleting public packages, be aware that you may break projects that depend on your package.
 
-
-
 ### Reserved package versions and names
 
 {% data reusables.package_registry.package-immutability %}

content/rest/overview/other-authentication-methods.md

@@ -46,11 +46,19 @@ $ curl -u <em>username</em>:<em>token</em> {% data variables.product.api_url_pre
 
 This approach is useful if your tools only support Basic Authentication but you want to take advantage of OAuth access token security features.
 
-{% if enterpriseServerVersions contains currentVersion %}
 #### Via username and password
 
-{% data reusables.apps.deprecating_password_auth %}
+{% if currentVersion == "free-pro-team@latest" %}
 
+{% note %}
+
+**Note:** {% data variables.product.prodname_dotcom %} has discontinued password authentication to the API starting on November 13, 2020 for all {% data variables.product.prodname_dotcom_the_website %} accounts, including those on a {% data variables.product.prodname_free_user %}, {% data variables.product.prodname_pro %}, {% data variables.product.prodname_team %}, or {% data variables.product.prodname_ghe_cloud %} plan. You must now authenticate to the {% data variables.product.prodname_dotcom %} API with an API token, such as an OAuth access token, GitHub App installation access token, or personal access token, depending on what you need to do with the token. For more information, see "[Troubleshooting](/rest/overview/troubleshooting#basic-authentication-errors)."
+ 
+{% endnote %}
+
+{% endif %}
+
+{% if enterpriseServerVersions contains currentVersion %}
 To use Basic Authentication with the {% data variables.product.product_name %} API, simply send the username and
 password associated with the account.
 
@@ -100,14 +108,13 @@ The value `organizations` is a comma-separated list of organization IDs for orga
 {% if currentVersion == "free-pro-team@latest" or enterpriseServerVersions contains currentVersion %}
 ### Working with two-factor authentication
 
-{% data reusables.apps.deprecating_password_auth %}
-
-When you have two-factor authentication enabled, [Basic Authentication](#basic-authentication) for _most_ endpoints in the REST API requires that you use a personal access token or OAuth token instead of your username and password.
-
-You can generate a new personal access token {% if currentVersion == "free-pro-team@latest" %}with [{% data variables.product.product_name %} developer settings](https://github.com/settings/tokens/new){% endif %} or use the "[Create a new authorization][create-access]" endpoint in the OAuth Authorizations API to generate a new OAuth token. For more information, see "[Creating a personal access token for the command line](/github/authenticating-to-github/creating-a-personal-access-token-for-the-command-line)". Then you would use these tokens to [authenticate using OAuth token][oauth-auth] with the GitHub API. The only time you need to authenticate with your username and password is when you create your OAuth token or use the OAuth Authorizations API.
+When you have two-factor authentication enabled, [Basic Authentication](#basic-authentication) for _most_ endpoints in the REST API requires that you use a personal access token{% if enterpriseServerVersions contains currentVersion %} or OAuth token instead of your username and password{% endif %}.
 
+You can generate a new personal access token {% if currentVersion == "free-pro-team@latest" %}using [{% data variables.product.product_name %} developer settings](https://github.com/settings/tokens/new){% endif %}{% if enterpriseServerVersions contains currentVersion %} or with the "[Create a new authorization][/rest/reference/oauth-authorizations#create-a-new-authorization]" endpoint in the OAuth Authorizations API to generate a new OAuth token{% endif %}. For more information, see "[Creating a personal access token for the command line](/github/authenticating-to-github/creating-a-personal-access-token-for-the-command-line)". Then you would use these tokens to [authenticate using OAuth token][oauth-auth] with the {% data variables.product.prodname_dotcom %} API.{% if enterpriseServerVersions contains currentVersion %} The only time you need to authenticate with your username and password is when you create your OAuth token or use the OAuth Authorizations API.{% endif %}
 
+{% endif %}
 
+{% if enterpriseServerVersions contains currentVersion %}
 #### Using the OAuth Authorizations API with two-factor authentication
 
 When you make calls to the OAuth Authorizations API, Basic Authentication requires that you use a one-time password (OTP) and your username and password instead of tokens. When you attempt to authenticate with the OAuth Authorizations API, the server will respond with a `401 Unauthorized` and one of these headers to let you know that you need a two-factor authentication code:
@@ -126,7 +133,6 @@ $ curl --request POST \
 ```
 {% endif %}
 
-[create-access]: /v3/oauth_authorizations/#create-a-new-authorization
 [curl]: http://curl.haxx.se/
 [oauth-auth]: /v3/#authentication
 [personal-access-tokens]: /articles/creating-a-personal-access-token-for-the-command-line

content/rest/overview/resources-in-the-rest-api.md

@@ -150,9 +150,9 @@ the API will temporarily reject all authentication attempts for that user
 (including ones with valid credentials) with `403 Forbidden`:
 
 ```shell
-$ curl -i {% data variables.product.api_url_pre %} -u valid_username:valid_password
+$ curl -i {% data variables.product.api_url_pre %} -u {% if currentVersion == "free-pro-team@latest" or currentVersion == "github-ae@latest" %}
+-u <em>valid_username</em>:<em>valid_token</em> {% endif %}{% if enterpriseServerVersions contains currentVersion %}-u <em>valid_username</em>:<em>valid_password</em> {% endif %}
 > HTTP/1.1 403 Forbidden
-
 > {
 >   "message": "Maximum number of login attempts exceeded. Please try again later.",
 >   "documentation_url": "{% data variables.product.doc_url_pre %}/v3"
@@ -185,19 +185,10 @@ $ curl -i -u username -d '{"scopes":["public_repo"]}' {% data variables.product.
 You can issue a `GET` request to the root endpoint to get all the endpoint categories that the REST API supports:
 
 ```shell
-$ curl {% if currentVersion == "github-ae@latest" %}-u <em>username</em>:<em>token</em> {% endif %}{% if currentVersion == "free-pro-team@latest" or enterpriseServerVersions contains currentVersion %}-u <em>username</em>:<em>password</em> {% endif %}{% data variables.product.api_url_pre %}
+$ curl {% if currentVersion == "free-pro-team@latest" or currentVersion == "github-ae@latest" %}
+-u <em>username</em>:<em>token</em> {% endif %}{% if enterpriseServerVersions contains currentVersion %}-u <em>username</em>:<em>password</em> {% endif %}{% data variables.product.api_url_pre %}
 ```
 
-{% if currentVersion == "free-pro-team@latest" or enterpriseServerVersions contains currentVersion %}
-
-{% note %}
-
-**Note:** For {% data variables.product.prodname_ghe_server %}, [as with all other endpoints](/v3/enterprise-admin/#endpoint-urls), you'll need to pass your username and password.
-
-{% endnote %}
-
-{% endif %}
-
 ### GraphQL global node IDs
 
 See the guide on "[Using Global Node IDs](/v4/guides/using-global-node-ids)" for detailed information about how to find `node_id`s via the REST API and use them in GraphQL operations.

content/rest/overview/troubleshooting.md

@@ -14,7 +14,7 @@ versions:
 If you're encountering some oddities in the API, here's a list of resolutions to
 some of the problems you may be experiencing.
 
-### Why am I getting a `404` error on a repository that exists?
+### `404` error for an existing repository
 
 Typically, we send a `404` error when your client isn't properly authenticated.
 You might expect to see a `403 Forbidden` in these cases. However, since we don't
@@ -23,7 +23,7 @@ want to provide _any_ information about private repositories, the API returns a
 
 To troubleshoot, ensure [you're authenticating correctly](/guides/getting-started/), [your OAuth access token has the required scopes](/apps/building-oauth-apps/understanding-scopes-for-oauth-apps/), and [third-party application restrictions][oap-guide] are not blocking access.
 
-### Why am I not seeing all my results?
+### Not all results returned
 
 Most API calls accessing a list of resources (_e.g._, users, issues, _etc._) support
 pagination. If you're making requests and receiving an incomplete set of results, you're
@@ -35,3 +35,40 @@ API call uses the same structure. Instead, extract the pagination information fr
 [the Link Header](/v3/#pagination), which is sent with every request.
 
 [oap-guide]: https://developer.github.com/changes/2015-01-19-an-integrators-guide-to-organization-application-policies/
+
+{% if currentVersion == "free-pro-team@latest" %}
+### Basic authentication errors
+
+On November 13, 2020 username and password authentication to the REST API and the OAuth Authorizations API were deprecated and no longer work.
+
+#### Using `username`/`password` for basic authentication
+
+If you're using `username` and `password` for API calls, then they are no longer able to authenticate. For example:
+
+```bash
+curl -u my_user:my_password https://api.github.com/user/repos
+```
+
+Instead, use a [personal access token](/github/authenticating-to-github/creating-a-personal-access-token-for-the-command-line) when testing endpoints or doing local development:
+
+```bash
+curl -H 'Authorization: token my_access_token' https://api.github.com/user/repos
+```
+
+For OAuth Apps, you should use the [web application flow](/apps/building-oauth-apps/authorizing-oauth-apps/#web-application-flow) to generate an OAuth token to use in the API call's header:
+
+```bash
+curl -H 'Authorization: token my-oauth-token' https://api.github.com/user/repos
+```
+
+#### Calls to OAuth Authorizations API
+
+If you're making [OAuth Authorization API](/enterprise-server@2.22/rest/reference/oauth-authorizations) calls to manage your OAuth app's authorizations or to generate access tokens, similar to this example:
+
+```bash
+curl -u my_username:my_password -X POST "https://api.github.com/authorizations" -d '{"scopes":["public_repo"], "note":"my token", "client_id":"my_client_id", "client_secret":"my_client_secret"}'
+```
+
+Then you must switch to the [web application flow](/apps/building-oauth-apps/authorizing-oauth-apps/#web-application-flow) to generate access tokens.
+
+{% endif %}

content/rest/reference/interactions.md

@@ -6,7 +6,7 @@ versions:
   free-pro-team: '*'
 ---
 
-Users interact with repositories by commenting, opening issues, and creating pull requests. The Interactions APIs allow people with owner or admin access to temporarily restrict certain users from interacting with public repositories.
+Users interact with repositories by commenting, opening issues, and creating pull requests. The Interactions APIs allow people with owner or admin access to temporarily restrict interaction with public repositories to a certain type of user.
 
 {% for operation in currentRestOperations %}
   {% unless operation.subcategory %}{% include rest_operation %}{% endunless %}
@@ -14,24 +14,42 @@ Users interact with repositories by commenting, opening issues, and creating pul
 
 ## Organization
 
-The Organization Interactions API allows organization owners to temporarily restrict which users can comment, open issues, or create pull requests in the organization's public repositories. {% data reusables.interactions.interactions-detail %} Here's more about the groups of {% data variables.product.product_name %} users:
+The Organization Interactions API allows organization owners to temporarily restrict which type of user can comment, open issues, or create pull requests in the organization's public repositories. {% data reusables.interactions.interactions-detail %} Here's more about the types of {% data variables.product.product_name %} users:
 
 * {% data reusables.interactions.existing-user-limit-definition %} in the organization.
 * {% data reusables.interactions.contributor-user-limit-definition %} in the organization.
 * {% data reusables.interactions.collaborator-user-limit-definition %} in the organization.
 
+Setting the interaction limit at the organization level will overwrite any interaction limits that are set for individual repositories owned by the organization. To set different interaction limits for individual repositories owned by the organization, use the [Repository](#repository) interactions endpoints instead.
+
 {% for operation in currentRestOperations %}
   {% if operation.subcategory == 'orgs' %}{% include rest_operation %}{% endif %}
 {% endfor %}
 
 ## Repository
 
-The Repository Interactions API allows people with owner or admin access to temporarily restrict which users can comment, open issues, or create pull requests in a public repository. {% data reusables.interactions.interactions-detail %} Here's more about the groups of {% data variables.product.product_name %} users:
+The Repository Interactions API allows people with owner or admin access to temporarily restrict which type of user can comment, open issues, or create pull requests in a public repository. {% data reusables.interactions.interactions-detail %} Here's more about the types of {% data variables.product.product_name %} users:
 
 * {% data reusables.interactions.existing-user-limit-definition %} in the repository.
 * {% data reusables.interactions.contributor-user-limit-definition %} in the repository.
 * {% data reusables.interactions.collaborator-user-limit-definition %} in the repository.
 
+If an interaction limit is enabled for the user or organization that owns the repository, the limit cannot be changed for the individual repository. Instead, use the [User](#user) or [Organization](#organization) interactions endpoints to change the interaction limit.
+
 {% for operation in currentRestOperations %}
   {% if operation.subcategory == 'repos' %}{% include rest_operation %}{% endif %}
 {% endfor %}
+
+## User
+
+The User Interactions API allows you to temporarily restrict which type of user can comment, open issues, or create pull requests on your public repositories. {% data reusables.interactions.interactions-detail %} Here's more about the types of {% data variables.product.product_name %} users:
+
+* {% data reusables.interactions.existing-user-limit-definition %} from interacting with your repositories.
+* {% data reusables.interactions.contributor-user-limit-definition %} from interacting with your repositories.
+* {% data reusables.interactions.collaborator-user-limit-definition %} from interacting with your repositories.
+
+Setting the interaction limit at the user level will overwrite any interaction limits that are set for individual repositories owned by the user. To set different interaction limits for individual repositories owned by the user, use the [Repository](#repository) interactions endpoints instead.
+
+{% for operation in currentRestOperations %}
+  {% if operation.subcategory == 'user' %}{% include rest_operation %}{% endif %}
+{% endfor %}

content/rest/reference/oauth-authorizations.md

@@ -4,13 +4,9 @@ redirect_from:
   - /v3/oauth_authorizations
   - /v3/oauth-authorizations
 versions:
-  free-pro-team: '*'
   enterprise-server: '*'
 ---
 
-{% data reusables.apps.deprecating_token_oauth_authorizations %}
-{% data reusables.apps.deprecating_password_auth %}
-
 You can use this API to manage the access OAuth applications have to your account. You can only access this API via [Basic Authentication](/rest/overview/other-authentication-methods#basic-authentication) using your username and password, not tokens.
 
 If you or your users have two-factor authentication enabled, make sure you understand how to [work with two-factor authentication](/rest/overview/other-authentication-methods#working-with-two-factor-authentication).

contributing/content-style-guide.md

@@ -193,8 +193,8 @@ Introduce links consistently using a standard format that clearly indicates wher
 Links should be meaningful and provide high value to the user’s journey - link out carefully. Move links that are helpful but not necessary to an article’s further reading section. Do not repeat the same link more than once in the same article or under the same H3 header.
 
 For accessibility and readability, avoid inline or midsentence links.
-- **Use:** OAuth2 tokens can be acquired programmatically for applications that are not websites. For more information, see "[Setting up and registering OAuth Apps](https://developer.github.com/apps/building-integrations/setting-up-and-registering-oauth-apps/)" and "[Create a new authorization](https://developer.github.com/v3/oauth_authorizations/#create-a-new-authorization)."
-- **Avoid:** Read [more about OAuth2.](https://developer.github.com/apps/building-integrations/setting-up-and-registering-oauth-apps/) Note that OAuth2 tokens can be [acquired programmatically](https://developer.github.com/v3/oauth_authorizations/#create-a-new-authorization), for applications that are not websites.     
+- **Use:** OAuth2 tokens can be acquired programmatically for applications that are not websites. For more information, see "[Setting up and registering OAuth Apps](https://developer.github.com/apps/building-integrations/setting-up-and-registering-oauth-apps/)" and "[Create a new authorization](https://docs.github.com/en/enterprise-server@2.22/rest/reference/oauth-authorizations/#create-a-new-authorization)."
+- **Avoid:** Read [more about OAuth2.](https://developer.github.com/apps/building-integrations/setting-up-and-registering-oauth-apps/) Note that OAuth2 tokens can be [acquired programmatically](https://docs.github.com/en/enterprise-server@2.22/rest/reference/oauth-authorizations/#create-a-new-authorization), for applications that are not websites.     
 
 For more information on links and accessibility, see “[Links](https://readabilityguidelines.co.uk/content-design/links/)” in the Readability Guidelines project.
 

contributing/localization-checklist.md

@@ -1,6 +1,6 @@
 # Localization Prep Checklist
 
-Use the following checklist to help make your files more translation-friendly. For additional information, refer to the [style guide](contribution/content-style-guide.md).
+Use the following checklist to help make your files more translation-friendly. For additional information, refer to the [style guide](content-style-guide.md).
 
 - [ ] Use examples that are generic and can be understood by most people.
 - [ ] Avoid controversial examples or culturally specific to a group.
@@ -32,4 +32,4 @@ Use the following checklist to help make your files more translation-friendly. F
 | Avoid using ambiguous modal auxiliary verbs. | May, might, ought, could, used to, etc. | Be more clear when writing to avoid ambiguity. |
 | Avoid prepositional phrases. | "According to the repository log..." or "After trying many times..." | Write the sentence more directly. |
 | Avoid vague nouns and pronouns. | "Maintainers and contributors have access to files and comments. In the pull request they make changes to it." In this example it is not clear if the changes are being made to the file or to the comments. Another example “After saving the file in the folder, the user deleted it.” In this sentence it is not clear what was deleted (file or folder). | If a pronoun seems to refer to more than one antecedent, either reword the sentence to make the antecedent clear or replace the pronoun by a noun to eliminate ambiguity. |
-| Keep inline links to a minimum. | Read [more about OAuth2.](https://developer.github.com/apps/building-integrations/setting-up-and-registering-oauth-apps/) Note that OAuth2 tokens can be [acquired programmatically](https://developer.github.com/v3/oauth_authorizations/#create-a-new-authorization), for applications that are not websites. | OAuth2 tokens can be acquired programmatically for applications that are not websites. For more information, see "[Setting up and registering OAuth Apps](https://developer.github.com/apps/building-integrations/setting-up-and-registering-oauth-apps/)" and "[Create a new authorization](https://developer.github.com/v3/oauth_authorizations/#create-a-new-authorization)." |
+| Keep inline links to a minimum. | Read [more about OAuth2.](https://developer.github.com/apps/building-integrations/setting-up-and-registering-oauth-apps/) Note that OAuth2 tokens can be [acquired programmatically](https://docs.github.com/en/enterprise-server@2.22/rest/reference/oauth-authorizations/#create-a-new-authorization), for applications that are not websites. | OAuth2 tokens can be acquired programmatically for applications that are not websites. For more information, see "[Setting up and registering OAuth Apps](https://developer.github.com/apps/building-integrations/setting-up-and-registering-oauth-apps/)" and "[Create a new authorization](https://docs.github.com/en/enterprise-server@2.22/rest/reference/oauth-authorizations/#create-a-new-authorization)." |

data/reusables/apps/deprecating_password_auth.md

@@ -1,9 +0,0 @@
-{% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.19" or currentVersion == "github-ae@latest" %}
-{% warning %}
-
-**Deprecation Notice:** {% data variables.product.prodname_dotcom %} will discontinue password authentication to the API.  You must now authenticate to the {% data variables.product.prodname_dotcom %} API with an API token, such as an OAuth access token, GitHub App installation access token, or personal access token, depending on what you need to do with the token.{% if currentVersion == "free-pro-team@latest" %} Password authentication to the API will be removed on November 13, 2020.{% endif %} For more information,{% if currentVersion == "free-pro-team@latest" %} including scheduled brownouts,{% endif %} see the [blog post](https://developer.github.com/changes/2020-02-14-deprecating-password-auth/).
-
-{% if enterpriseServerVersions contains currentVersion or currentVersion == "github-ae@latest" %} Authenticating to the API using a password is currently available and not yet deprecated in {% data variables.product.product_name %}. {% data variables.product.prodname_dotcom %} will announce the deprecation and provide advanced notice before removing support for this feature.{% endif %}
-
-{% endwarning %}
-{% endif %}

data/reusables/gated-features/secret-scanning.md

@@ -0,0 +1 @@
+{% data variables.product.prodname_secret_scanning_caps %} is available in public repositories, and in private repositories owned by organizations with an {% data variables.product.prodname_advanced_security %} license. {% data reusables.gated-features.more-info %}

data/reusables/interactions/interactions-detail.md

@@ -1 +1 @@
-When restrictions are enabled, only the specified group of {% data variables.product.product_name %} users will be able to participate in interactions. Restrictions expire 24 hours from the time they are set.
+When restrictions are enabled, only the specified type of {% data variables.product.product_name %} user will be able to participate in interactions. Restrictions automatically expire after a defined duration.

data/reusables/package_registry/container-registry-beta.md

@@ -1,5 +1,5 @@
 {% note %}
 
-**Note:** {% data variables.product.prodname_github_container_registry %} is currently in public beta and subject to change. Currently, {% data variables.product.prodname_github_container_registry %} only supports Docker image formats. During the beta, storage and bandwidth is free. For more information, see "[About {% data variables.product.prodname_github_container_registry %}](/packages/getting-started-with-github-container-registry/about-github-container-registry)."
+**Note:** {% data variables.product.prodname_github_container_registry %} is currently in public beta and subject to change. During the beta, storage and bandwidth are free. For more information, see "[About {% data variables.product.prodname_github_container_registry %}](/packages/getting-started-with-github-container-registry/about-github-container-registry)."
 
 {% endnote %}

data/reusables/secret-scanning/beta.md

@@ -1,5 +1,5 @@
 {% note %}
 
-**Note:** {% data variables.product.prodname_secret_scanning_caps %} for private repositories is currently in beta and subject to change. To request access to the beta, [join the waitlist](https://github.com/features/security/advanced-security/signup).
+**Note:** {% data variables.product.prodname_secret_scanning_caps %} for private repositories is currently in beta and subject to change.
 
 {% endnote %}

data/ui.yml

@@ -4,6 +4,9 @@ header:
   notices:
     ghae_silent_launch:
       GitHub AE is currently under limited release. Please <a href="https://enterprise.github.com/contact">contact our Sales Team</a> to find out more.
+    release_candidate:
+      # The version name is rendered before the below text via includes/header-notification.html
+      ' is currently under limited release as a release candidate.'
     localization_complete:
       We publish frequent updates to our documentation, and translation of this page may still be in progress.
       For the most current information, please visit the
@@ -15,9 +18,6 @@ header:
       still in translation. For the most up-to-date and accurate information,
       please visit our
       <a id="to-english-doc" href="/en">English documentation</a>.
-    product_in_progress:
-      👋 Hello, explorer! This page is under active development. For the
-      most up-to-date and accurate information, please visit our <a href="https://developer.github.com">developer documentation</a>.
 search:
   need_help: Need help?
   placeholder: Search topics, products...
@@ -132,4 +132,4 @@ footer:
       shop: Shop
 product_landing:
   quick_start: Quickstart
-  reference_guides: Reference guides
+  reference_guides: Reference guides

data/variables/action_code_examples.yml

@@ -0,0 +1,131 @@
+- title: Starter workflows
+  description: Workflow files for helping people get started with GitHub Actions
+  languages: TypeScript
+  href: actions/starter-workflows
+  tags:
+    - official
+    - workflows
+- title: Example services
+  description: Example workflows using service containers
+  languages: JavaScript
+  href: actions/example-services
+  tags:
+    - service containers
+- title: Declaratively setup GitHub Labels
+  description: GitHub Action to declaratively setup labels across repos
+  languages: JavaScript
+  href: lannonbr/issue-label-manager-action
+  tags:
+    - issues
+    - labels
+- title: Declaratively sync GitHub lables
+  description: GitHub Action to sync GitHub labels in the declarative way
+  languages: 'Go, Dockerfile'
+  href: micnncim/action-label-syncer
+  tags:
+    - issues
+    - labels
+- title: Add releases to GitHub
+  description: Publish Github releases in an action
+  languages: 'Dockerfile, Shell'
+  href: elgohr/Github-Release-Action
+  tags:
+    - releases
+    - publishing
+- title: Publish a docker image to Dockerhub
+  description: A Github Action used to build and publish Docker images
+  languages: 'Dockerfile, Shell'
+  href: elgohr/Publish-Docker-Github-Action
+  tags:
+    - docker
+    - publishing
+    - build
+- title: Create an issue using content from a file
+  description: A GitHub action to create an issue using content from a file
+  languages: 'JavaScript, Python'
+  href: peter-evans/create-issue-from-file
+  tags:
+    - issues
+- title: Publish GitHub Releases with Assets
+  description: GitHub Action for creating GitHub Releases
+  languages: 'TypeScript, Shell, JavaScript'
+  href: softprops/action-gh-release
+  tags:
+    - releases
+    - publishing
+- title: GitHub Project Automation+
+  description: Automate GitHub Project cards with any webhook event.
+  languages: JavaScript
+  href: alex-page/github-project-automation-plus
+  tags:
+    - projects
+    - automation
+    - issues
+    - pull requests
+- title: Run GitHub Actions Locally with a web interface
+  description: Runs GitHub Actions workflows locally (local)
+  languages: 'JavaScript, HTML, Dockerfile, CSS'
+  href: phishy/wflow
+  tags:
+    - local-development
+    - devops
+    - docker
+- title: Run your GitHub Actions locally
+  description: Run GitHub Actions Locally in Terminal
+  languages: 'Go, Shell'
+  href: nektos/act
+  tags:
+    - local-development
+    - devops
+    - docker
+- title: Build and Publish Android debug APK
+  description: Build and release debug APK from your Android project
+  languages: 'Shell, Dockerfile'
+  href: ShaunLWM/action-release-debugapk
+  tags:
+    - android
+    - build
+- title: Generate sequential build numbers for GitHub Actions
+  description: GitHub action for generating sequential build numbers.
+  languages: JavaScript
+  href: einaregilsson/build-number
+  tags:
+    - build
+    - automation
+- title: GitHub actions to push back to repository
+  description: Push Git changes to GitHub repository without authentication difficulties
+  languages: 'JavaScript, Shell'
+  href: ad-m/github-push-action
+  tags:
+    - publishing
+- title: Generate release notes based on your events
+  description: Action to auto generate a release note based on your events
+  languages: 'Shell, Dockerfile'
+  href: Decathlon/release-notes-generator-action
+  tags:
+    - releases
+    - publishing
+- title: Create a GitHub wiki page based on the provided markdown file
+  description: Create a GitHub wiki page based on the provided markdown file
+  languages: 'Shell, Dockerfile'
+  href: Decathlon/wiki-page-creator-action
+  tags:
+    - wiki
+    - publishing
+- title: Label your Pull Requests auto-magically (using committed files)
+  description: >-
+    Github action to label your pull requests auto-magically (using committed
+    files)
+  languages: 'TypeScript, Dockerfile, JavaScript'
+  href: Decathlon/pull-request-labeler-action
+  tags:
+    - projects
+    - issues
+    - labels
+- title: Add Label to your Pull Requests based on the author team name
+  description: Github action to label your pull requests based on the author name
+  languages: 'TypeScript, JavaScript'
+  href: JulienKode/team-labeler-action
+  tags:
+    - pull request
+    - labels

data/variables/release_candidate.yml

@@ -0,0 +1 @@
+version: ''

includes/all-articles.html

@@ -0,0 +1,47 @@
+{% assign product = siteTree[currentLanguage][currentVersion].products[currentProduct] %}
+{% assign maxArticles = 10 %}
+
+<div class="py-6">
+  <h2 class="font-mktg mb-4">All {{ product.title }} docs</h2>
+
+  <div class="d-flex gutter flex-wrap">
+    {% for category in product.categories %}
+      {% unless category[1].standalone %}
+        <div class="col-12 col-lg-4 mb-6 height-full">
+          <h4 class="mb-3"><a href="/{{ currentLanguage }}{{ category[1].href }}">{{ category[1].title }}</a></h4>
+
+          {% if category[1].maptopics %}
+            <ul class="list-style-none">
+              {% for maptopic in category[1].maptopics %}
+                {% unless maptopic[1].hidden %}
+                  {% assign numArticles = maptopic[1].articles | obj_size %}
+                  <li>
+                    <a class="text-gray-dark" href="/{{ currentLanguage }}{{ maptopic[1].href }}">{{ maptopic[1].title }}</a>
+                    <ul class="sidebar-articles my-2">
+                      {% for article in maptopic[1].articles %}
+                        <li class="mb-3 {% if forloop.index > maxArticles %}d-none{% endif %}"><a href="/{{ currentLanguage }}{{ article[1].href }}">{{ article[1].title }}</a></li>
+                      {% endfor %}
+                    </ul>
+                    {% if numArticles > maxArticles %}
+                      <button class="js-all-articles-show-more btn-link link-gray">Show {{ numArticles | minus: maxArticles }} more {% octicon "chevron-up" class="v-align-text-bottom" %}</button>
+                    {% endif %}
+                  </li>
+                {% endunless %}
+              {% endfor %}
+            </ul>
+          {% else %}
+            <ul class="list-style-none">
+              {% assign numArticles = category[1].articles | obj_size %}
+              {% for article in category[1].articles %}
+                <li class="mb-3 {% if forloop.index > maxArticles %}d-none{% endif %}"><a href="/{{ currentLanguage }}{{ article[1].href }}">{{ article[1].title }}</a></li>
+              {% endfor %}
+            </ul>
+            {% if numArticles > maxArticles %}
+              <button class="js-all-articles-show-more btn-link link-gray">Show {{ numArticles | minus: maxArticles }} more {% octicon "chevron-up" class="v-align-text-bottom" %}</button>
+            {% endif %}
+          {% endif %}
+        </div>
+      {% endunless %}
+    {% endfor %}
+  </div>
+</div>

includes/code-example-card.html

@@ -0,0 +1,20 @@
+<div class="col-12 col-xl-4 col-lg-6 mb-4 js-code-example-card {% if forloop.index0 > 5 %}d-none{% endif %}" data-tags="{{ example.tags | join: ', ' }}" data-title="{{ example.title }}" data-description="{{ example.description }}">
+  <a
+    class="Box d-flex flex-column flex-justify-between height-full box-shadow-medium hover-shadow-large no-underline text-gray-dark"
+    href="https://github.com/{{ example.href }}"
+  >
+    <div class="p-4">
+      <h4>{{ example.title }}</h4>
+      <p class="mt-2 mb-4 text-gray-light">{{ example.description }}</p>
+      <div class="d-flex flex-wrap">
+        {% for tag in example.tags %}
+          <span class="IssueLabel text-white bg-blue mr-2 mb-1">{{ tag }}</span>
+        {% endfor %}
+      </div>
+    </div>
+    <footer class="border-top p-4 text-gray d-flex flex-items-center">
+      {% octicon "repo" class="flex-shrink-0" %}
+      <span class="ml-2 text-mono text-small text-blue">{{ example.href }}</span>
+    </footer>
+  </a>
+</div>

includes/guide-card.html

@@ -0,0 +1,37 @@
+{% assign authorsString = guide.page.authors | join: ", @" %}
+
+<div class="col-lg-4 col-12 mb-3">
+  <a class="Box box-shadow-medium height-full d-block hover-shadow-large no-underline text-gray-dark p-5" href="{{ guide.href }}">
+    <h2>{{ guide.title }}</h2>
+    <p class="mt-2 mb-4 text-gray-light">{{ guide.intro }}</p>
+
+    {% if guide.page.authors and guide.page.authors.length > 0 %}
+      <footer class="d-flex">
+        <div class="mr-1">
+          {% if guide.page.authors.length == 1 %}
+            <img class="avatar avatar-2 circle mr-1" src="https://github.com/{{ guide.page.authors[0] }}.png" alt="@{{ guide.page.authors[0] }}" />
+          {% else %}
+            <div class="AvatarStack AvatarStack--three-plus">
+              <div
+                class="AvatarStack-body tooltipped tooltipped-se tooltipped-align-left-1"
+                aria-label="@{{ authorsString }}"
+              >
+                {% for author in guide.page.authors %}
+                  <img
+                    class="avatar circle"
+                    alt="@{{ author }}"
+                    src="https://github.com/{{ author }}.png"
+                  />
+                {% endfor %}
+              </div>
+            </div>
+          {% endif %}
+        </div>
+
+        <div>
+          @{{ authorsString }}
+        </div>
+      </footer>
+    {% endif %}
+  </a>
+</div>

includes/header-notification.html

@@ -1,11 +1,42 @@
+<!-- START TRANSLATIONS NOTICES -->
+<!-- Site policy translations notice -->
+{% if currentLanguage != 'en' and page.relativePath contains '/site-policy/' %}
+  {% assign translation_notification_type = "true" %}
+  {% assign translation_notification = site.data.reusables.policies.translation %}
+
+<!-- Completed translations notice -->
+{% elsif currentLanguage != 'en' && !languages[currentLanguage].wip %}
+  {% assign translation_notification_type = "true" %}
+  {% assign translation_notification = site.data.ui.header.notices.localization_complete %}
+
+<!-- In-progress translations notice -->
+{% elsif currentLanguage != 'en' && languages[currentLanguage].wip %}
+  {% assign translation_notification_type = "true" %}
+  {% assign translation_notification = site.data.ui.header.notices.localization_in_progress %}
+{% endif %}
+<!-- END TRANSLATIONS NOTICES -->
+
+<!-- START RELEASE NOTICES -->
+<!-- Custom GitHub AE notice -->
 {% if currentVersion == "github-ae@latest" %}
-  <div class="header-notifications text-center f5 bg-blue-1 text-gray-dark py-4 px-6 limited_release {% if header_notification %}border-bottom{% endif %}">
-    {% data ui.header.notices.ghae_silent_launch %}
+  {% assign release_notification_type = "true" %}
+  {% assign release_notification = site.data.ui.header.notices.ghae_silent_launch %}
+
+<!-- Release candidate notice -->
+{% elsif currentVersion == site.data.variables.release_candidate.version %}
+  {% assign release_notification_type = "true" %}
+  {% assign release_notification = allVersions[currentVersion].versionTitle | append: site.data.ui.header.notices.release_candidate %}
+{% endif %}
+<!-- END RELEASE NOTICES -->
+
+{% if translation_notification_type %}
+  <div class="header-notifications text-center f5 bg-blue-1 text-gray-dark py-4 px-6 translation_notice{% if release_notification_type %} border-bottom border-black-fade{% endif %}">
+    {{ translation_notification }}
   </div>
 {% endif %}
 
-{% if header_notification %}
-  <div class="header-notifications text-center f5 bg-blue-1 text-gray-dark py-4 px-6 {{ header_notification_type }}">
-    {{ header_notification }}
+{% if release_notification_type %}
+  <div class="header-notifications text-center f5 bg-blue-1 text-gray-dark py-4 px-6 release_notice">
+    {{ release_notification }}
   </div>
 {% endif %}

includes/header.html

@@ -1,22 +1,4 @@
 <div class="border-bottom border-gray-light no-print">
-
-  {% if currentLanguage != 'en' and page.relativePath contains '/site-policy/' %}
-    {% assign header_notification_type = "translation_policy" %}
-    {% assign header_notification = site.data.reusables.policies.translation %}
-
-  {% elsif site.data.ui.header.notices.flags.localization_complete == true %}
-    {% assign header_notification_type = "localization_complete" %}
-    {% assign header_notification = site.data.ui.header.notices.localization_complete %}
-
-  {% elsif site.data.ui.header.notices.flags.localization_in_progress == true %}
-    {% assign header_notification_type = "localization_in_progress" %}
-    {% assign header_notification = site.data.ui.header.notices.localization_in_progress %}
-
-  {% elsif currentLanguage == 'en' and site.data.ui.header.notices.flags.product_in_progress == true %}
-    {% assign header_notification_type = "product_in_progress" %}
-    {% assign header_notification = site.data.ui.header.notices.product_in_progress %}
-  {% endif %}
-
   {% include header-notification %}
 
   <header class="container-xl px-3 px-md-6 pt-3 pb-2 position-relative d-flex flex-justify-between width-full {% if error == '404' %} d-md-none {% endif %}">

javascripts/all-articles.js

@@ -0,0 +1,18 @@
+/**
+ * Handles the client-side events for `includes/all-articles.html`.
+ */
+export default function allArticles () {
+  const buttons = document.querySelectorAll('button.js-all-articles-show-more')
+
+  for (const btn of buttons) {
+    btn.addEventListener('click', evt => {
+      // Show all hidden links
+      const hiddenLinks = evt.currentTarget.parentElement.querySelectorAll('li.d-none')
+      for (const link of hiddenLinks) {
+        link.classList.remove('d-none')
+      }
+      // Remove the button, since we don't need it anymore
+      evt.currentTarget.parentElement.removeChild(evt.currentTarget)
+    })
+  }
+}

javascripts/experiment.js

@@ -41,4 +41,21 @@ export default function () {
   // const xbucket = bucket(testName)
   // if (xbucket === TREATMENT) { ... }
   // x.addEventListener('click', evt => evt.preventDefault(); await sendSuccess(testName); evt())
+
+  const treatment = document.getElementById('quickstart-treatment')
+  if (!treatment) return
+
+  const testName = 'quickstart-hello'
+  const xbucket = bucket(testName)
+
+  if (xbucket === TREATMENT) {
+    Array.from(
+      document.querySelectorAll('#article-contents > *')
+    ).forEach(el => { el.hidden = true })
+    treatment.hidden = false
+  }
+
+  document.documentElement.addEventListener('copy', () => {
+    sendSuccess(testName)
+  })
 }

javascripts/filter-code-examples.js

@@ -0,0 +1,92 @@
+function filterCards (cards, value) {
+  const noResults = document.querySelector('.js-code-example-no-results')
+  const matchReg = new RegExp(value, 'i')
+
+  // Track whether or not we had at least one match
+  let hasMatches = false
+
+  for (let index = 0; index < cards.length; index++) {
+    const card = cards[index]
+
+    // Filter was emptied
+    if (!value) {
+      // Make sure we don't show the "No results" blurb
+      hasMatches = true
+
+      // Hide all but the first 6
+      if (index > 5) {
+        card.classList.add('d-none')
+      } else {
+        card.classList.remove('d-none')
+      }
+
+      continue
+    }
+
+    // Check if this card matches
+    const { title, description, tags } = card.dataset
+    const cardMatches = (
+      matchReg.test(title) ||
+      matchReg.test(description) ||
+      matchReg.test(tags)
+    )
+
+    if (cardMatches) {
+      card.classList.remove('d-none')
+      hasMatches = true
+    } else {
+      card.classList.add('d-none')
+    }
+  }
+
+  // If there wasn't at least one match, show the "no results" text
+  if (!hasMatches) {
+    document.querySelector('.js-code-example-filter-value').textContent = value
+    noResults.classList.remove('d-none')
+  } else {
+    noResults.classList.add('d-none')
+  }
+}
+
+export default function filterCodeExamples () {
+  const filter = document.querySelector('.js-code-example-filter')
+  if (!filter) return
+
+  const cards = Array.from(document.querySelectorAll('.js-code-example-card'))
+  const showMoreButton = document.querySelector('.js-code-example-show-more')
+
+  filter.addEventListener('keyup', evt => {
+    const value = evt.currentTarget.value
+
+    // Show or hide the "Show more" button if there is a value
+    if (value) showMoreButton.classList.add('d-none')
+    else showMoreButton.classList.remove('d-none')
+
+    filterCards(cards, value)
+  })
+
+  showMoreButton.addEventListener('click', evt => {
+    // Number of cards that are currently visible
+    const numShown = cards.filter(card => !card.classList.contains('d-none')).length
+    // We want to show 6 more
+    const totalToShow = numShown + 6
+
+    for (let index = numShown; index < cards.length; index++) {
+      const card = cards[index]
+
+      // If the card we're at is less than the total number of cards
+      // we should show, show this one
+      if (index < totalToShow) {
+        card.classList.remove('d-none')
+      } else {
+        // Otherwise, we've shown the ones we intend to so exit the loop
+        break
+      }
+    }
+
+    // They're all shown now, we should hide the button
+    if (totalToShow === cards.length) {
+      evt.currentTarget.style.display = 'none'
+    }
+  })
+}

javascripts/index.js

@@ -15,6 +15,8 @@ import experiment from './experiment'
 import copyCode from './copy-code'
 import { fillCsrf } from './get-csrf'
 import initializeEvents from './events'
+import filterCodeExamples from './filter-code-examples'
+import allArticles from './all-articles'
 
 document.addEventListener('DOMContentLoaded', async () => {
   displayPlatformSpecificContent()
@@ -32,4 +34,6 @@ document.addEventListener('DOMContentLoaded', async () => {
   experiment()
   copyCode()
   initializeEvents()
+  filterCodeExamples()
+  allArticles()
 })

layouts/product-landing.html

@@ -28,41 +28,51 @@
         <!-- Article links -->
         <div class="d-lg-flex gutter my-6 py-6">
           <div class="col-12 col-lg-4 mb-4 mb-lg-0">
-            <div class="featured-links-heading pb-3 mb-4 border-bottom">
-              <h3 class="f5 text-normal text-mono text-uppercase color-gray-5">{% data ui.toc.guides %}</h3>
+            <div class="featured-links-heading mb-4 d-flex flex-items-baseline">
+              <h3 class="f4 text-normal text-mono text-uppercase color-gray-5">{% data ui.toc.guides %}</h3>
+              <a href="{{ currentPath }}/guides" class="ml-4">View all {% octicon "arrow-right" height="14" class="v-align-middle" %}</a>
             </div>
             <ul class="list-style-none">
               {% for link in featuredLinks.guides %}
-                <li class="Box px-3 py-1 mb-2">
-                  {% include featured-link %}
+                <li class="border-top">
+                  <a class="link-with-intro Bump-link--hover no-underline d-block py-3" href="{{ link.href }}">
+                    <h4 class="link-with-intro-title mb-1">{{ link.title }}<span class="Bump-link-symbol">→</span></h4>
+                    <p class="link-with-intro-intro color-gray-5 mb-0">{{ link.intro | truncatewords: 12 }}</p>
+                  </a>
                 </li>
               {% endfor %}
             </ul>
           </div>
 
           <div class="col-12 col-lg-4 mb-4 mb-lg-0">
-            <div class="featured-links-heading pb-3 mb-4 border-bottom">
-              <h3 class="f5 text-normal text-mono text-uppercase color-gray-5">{% data ui.toc.popular_articles %}</h3>
+            <div class="featured-links-heading mb-4 d-flex flex-items-baseline">
+              <h3 class="f4 text-normal text-mono text-uppercase color-gray-5">{% data ui.toc.popular_articles %}</h3>
             </div>
             <ul class="list-style-none">
               {% for link in featuredLinks.popular %}
-                <li class="Box px-3 py-1 mb-2">
-                  {% include featured-link %}
+                <li class="border-top">
+                  <a class="link-with-intro Bump-link--hover no-underline d-block py-3" href="{{ link.href }}">
+                    <h4 class="link-with-intro-title">{{ link.title }}<span class="Bump-link-symbol">→</span></h4>
+                  </a>
                 </li>
               {% endfor %}
             </ul>
           </div>
 
           <div class="col-12 col-lg-4 mb-4 mb-lg-0">
-            <div class="featured-links-heading pb-3 mb-4 border-bottom">
-              <h3 class="f5 text-normal text-mono text-uppercase color-gray-5">{% data ui.toc.whats_new %}</h3>
+            <div class="featured-links-heading mb-4 d-flex flex-items-baseline">
+              <h3 class="f4 text-normal text-mono text-uppercase color-gray-5">{% data ui.toc.whats_new %}</h3>
+              <a href="https://github.blog/changelog/" class="ml-4">View all {% octicon "arrow-right" height="14" class="v-align-middle" %}</a>
             </div>
             <ul class="list-style-none">
               {% for link in page.changelog %}
-                <li class="mb-2">
-                  <a href="{{ link.href }}" class="Box text-gray-dark Bump-link--hover p-3 d-flex flex-justify-between flex-items-center no-underline">
+                <li class="border-top">
+                  <a href="{{ link.href }}" class="d-block text-gray-dark Bump-link--hover py-3 no-underline">
                     <h4>{{ link.title }} <span class="Bump-link-symbol">→</span></h4>
-                    <span class="text-gray-light text-mono ml-2" style="white-space: nowrap">{{ link.date | date: "%B %d, %Y" }}</span>
+                    <time
+                      class="tooltipped tooltipped-n text-gray-light text-mono mt-1"
+                      aria-label="{{ link.date | date: '%B %d, %Y' }}"
+                    >{{ link.date | date: "%B %d" }}</time>
                   </a>
                 </li>
               {% endfor %}
@@ -73,6 +83,25 @@
         {{ renderedPage }}
       </div>
 
+      {% if featuredLinks.guideCards %}
+        <div class="bg-guides-gradient py-6">
+          <div class="container-xl px-3 px-md-6 my-6">
+            <h2 class="font-mktg h1 mb-2">Guides</h2>
+
+            <div class="d-lg-flex gutter-lg flex-items-stretch">
+              {% assign guideCards = featuredLinks.guideCards %}
+              {% render "guide-card" for guideCards as guide %}
+            </div>
+
+            <a href="{{ currentPath }}/guides" class="btn btn-outline float-right">Explore guides {% octicon "arrow-right" %}</a>
+          </div>
+        </div>
+      {% endif %}
+
+      <div class="container-xl px-3 px-md-6 mt-6">
+        {% include all-articles %}
+      </div>
+
       <div class="border-top">
         {% include small-footer %}
       </div>

lib/excluded-links.js

@@ -1,28 +1,20 @@
+// Linkinator treats the following as regex.
 module.exports = [
-  //  GitHub search links fail with "429 Too Many Requests"
-  'https://github.com/search?*',
+  // Skip GitHub search links.
+  'https://github.com/search?.*',
   'https://github.com/github/gitignore/search?',
 
-  // LinkedIn links fail due to bug: https://github.com/stevenvachon/broken-link-checker/issues/91
-  'https://www.linkedin.com/*',
-
-  // blc returns "BLC_UNKNOWN"  on this link, even though cURL returns "302 Found"
-  'https://www.ilo.org/dyn/normlex/en/f?p=NORMLEXPUB:12100:0::NO::P12100_ILO_CODE:P029',
-
-  // the codercat link works but blc reports a false 404
-  'https://github.com/Codertocat/hello-world-npm/packages/10696?version=1.0.1',
-
-  // this URL started returning 403 to blc and cURL even though it works in a browser; see docs-internal #10124
-  'https://haveibeenpwned.com/',
-  'https://haveibeenpwned.com/*',
-
-  // this is a private repo customers are given access to when they purchase Insights; see docs-internal #12037
+  // These links require auth.
+  'https://github.com/settings/profile',
+  'https://github.com/github/docs/edit',
   'https://github.com/github/insights-releases/releases/latest',
 
-  // developer content uses these for examples; they should not be checked
-  'http://localhost:1234/*',
+  // Developer content uses these for examples; they should not be checked.
+  'http://localhost:1234',
   'localhost:3000',
 
-  // this URL works but blc reports a false 404
+  // Oneoff links that link checkers think are broken but are not.
+  'https://haveibeenpwned.com/',
+  'https://www.ilo.org/dyn/normlex/en/f?p=NORMLEXPUB:12100:0::NO::P12100_ILO_CODE:P029',
   'http://www.w3.org/wiki/LinkHeader/'
 ]

lib/frontmatter.js

@@ -62,6 +62,12 @@ const schema = {
         reference: { type: 'string' }
       }
     },
+    authors: {
+      type: 'array',
+      items: {
+        type: 'string'
+      }
+    },
     featuredLinks: {
       type: 'object',
       additionalProperties: false,

lib/page.js

@@ -19,6 +19,7 @@ const renderContent = require('./render-content')
 const frontmatter = require('./frontmatter')
 const products = require('./all-products')
 const slash = require('slash')
+const statsd = require('./statsd')
 
 class Page {
   constructor (opts) {
@@ -84,6 +85,10 @@ class Page {
         : true
     }
 
+    // Instrument the `_render` method, so externally we call #render
+    // but it's wrapped in a timer that reports to Datadog
+    this.render = statsd.asyncTimer(this._render.bind(this), 'page.render')
+
     return this
   }
 
@@ -116,7 +121,7 @@ class Page {
       : this.renderProp('title', context, opts)
   }
 
-  async render (context) {
+  async _render (context) {
     this.intro = await renderContent(this.rawIntro, context)
     this.introPlainText = await renderContent(this.rawIntro, context, { textOnly: true })
     this.title = await renderContent(this.rawTitle, context, { textOnly: true, encodeEntities: true })

lib/redirects/get-docs-path-from-developer-path.js

@@ -18,6 +18,12 @@ module.exports = function getDocsPathFromDeveloperPath (oldDeveloperPath, allRed
     newPath = newPath.replace(v3OrgPreReceiveHooks, '/v3/enterprise-admin/org_pre_receive_hooks')
   }
 
+  // oneoff redirect for a dotcom developer path to Enterprise-only path on docs.github.com
+  const oauthAuthorizations = '/v3/oauth_authorizations'
+  if (newPath.endsWith(oauthAuthorizations)) {
+    newPath = newPath.replace(oauthAuthorizations, '/enterprise-server/v3/oauth_authorizations')
+  }
+
   // Change /v4/foo/bar to /v4/foo#bar
   // Change /v3/foo/bar to /v3/foo#bar
   // Then we can look up the hashless path in the redirect object,

lib/render-content.js

@@ -18,4 +18,15 @@ for (const tag in tags) {
   renderContent.liquid.registerTag(tag, ExtendedMarkdown)
 }
 
+renderContent.liquid.registerFilters({
+  /**
+   * Like the `size` filter, but specifically for
+   * getting the number of keys in an object
+   */
+  obj_size: (input) => {
+    if (!input) return 0
+    return Object.keys(input).length
+  }
+})
+
 module.exports = renderContent

lib/statsd.js

@@ -0,0 +1,14 @@
+const StatsD = require('hot-shots')
+
+const mock = Boolean(process.env.NODE_ENV === 'test' || !process.env.DATADOG_API_KEY)
+
+/**
+ * @type {import('hot-shots').StatsD}
+ */
+module.exports = new StatsD({
+  prefix: 'docs.',
+  mock,
+  globalTags: {
+    app: 'docs'
+  }
+})

middleware/csp.js

@@ -21,7 +21,9 @@ module.exports = contentSecurityPolicy({
       'github.githubassets.com',
       'github-images.s3.amazonaws.com',
       'octodex.github.com',
-      'placehold.it'
+      'placehold.it',
+      '*.githubusercontent.com',
+      'github.com'
     ],
     objectSrc: [
       "'self'"

middleware/featured-links.js

@@ -43,7 +43,8 @@ async function getLinkData (rawLinks, context) {
     links.push({
       href,
       title: await linkedPage.renderTitle(context, opts),
-      intro: await linkedPage.renderProp('intro', context, opts)
+      intro: await linkedPage.renderProp('intro', context, opts),
+      page: linkedPage
     })
   }
 

middleware/index.js

@@ -42,7 +42,6 @@ module.exports = function (app) {
   app.use(require('./early-access-paths'))
   app.use(require('./early-access-proxy'))
   app.use(require('./find-page'))
-  app.use(require('./notices'))
   app.use(require('./archived-enterprise-versions'))
   app.use(require('./archived-enterprise-versions-assets'))
   app.use('/assets', express.static('assets'))

middleware/notices.js

@@ -1,38 +0,0 @@
-const { set } = require('lodash')
-const patterns = require('../lib/patterns')
-const languages = require('../lib/languages')
-
-module.exports = (req, res, next) => {
-  // Skip asset paths
-  if (patterns.assetPaths.test(req.path)) return next()
-
-  const language = languages[req.language]
-
-  // Set flag that enables `localization_complete` message for no-longer-WIP languages
-  set(
-    req.context,
-    'site.data.ui.header.notices.flags.localization_complete',
-    language.code !== 'en' && !language.wip
-  )
-
-  // Set flag that enables `localization_in_progress` message for WIP languages
-  set(
-    req.context,
-    'site.data.ui.header.notices.flags.localization_in_progress',
-    language.wip
-  )
-
-  const currentProduct = req.context.allProducts[req.context.currentProduct]
-
-  // if this is the homepage and no product is chosen yet, return early
-  if (!currentProduct) return next()
-
-  // Set flag that enables `product_in_progress` message for WIP products
-  set(
-    req.context,
-    'site.data.ui.header.notices.flags.product_in_progress',
-    currentProduct.wip
-  )
-
-  return next()
-}

middleware/render-page.js

@@ -5,6 +5,7 @@ const patterns = require('../lib/patterns')
 const layouts = require('../lib/layouts')
 const getMiniTocItems = require('../lib/get-mini-toc-items')
 const Page = require('../lib/page')
+const statsd = require('../lib/statsd')
 
 // We've got lots of memory, let's use it
 // We can eventually throw this into redis
@@ -18,6 +19,7 @@ module.exports = async function renderPage (req, res, next) {
   if (!process.env.CI && process.env.NODE_ENV !== 'test') {
     if (req.method === 'GET' && pageCache[originalUrl]) {
       console.log(`Serving from cached version of ${originalUrl}`)
+      statsd.increment('page.sent_from_cache')
       return res.send(pageCache[originalUrl])
     }
   }

package.json

@@ -16,7 +16,7 @@
     "@github-docs/data-directory": "^1.2.0",
     "@github-docs/frontmatter": "^1.3.1",
     "@github-docs/render-content": "^5.2.0",
-    "@github/rest-api-operations": "^3.6.2",
+    "@github/rest-api-operations": "^3.7.1",
     "@octokit/rest": "^16.38.1",
     "@primer/css": "^15.1.0",
     "@primer/octicons": "^11.0.0",
@@ -42,6 +42,7 @@
     "got": "^9.6.0",
     "gray-matter": "^4.0.1",
     "helmet": "^3.21.2",
+    "hot-shots": "^8.2.0",
     "html-entities": "^1.2.1",
     "html-truncate": "^1.2.2",
     "imurmurhash": "^0.1.4",
@@ -50,6 +51,7 @@
     "js-cookie": "^2.2.1",
     "js-yaml": "^3.14.0",
     "lil-env-thing": "^1.0.0",
+    "linkinator": "^2.2.2",
     "liquid": "^5.1.0",
     "lodash": "^4.17.19",
     "mini-css-extract-plugin": "^0.9.0",
@@ -79,7 +81,6 @@
     "await-sleep": "0.0.1",
     "aws-sdk": "^2.610.0",
     "babel-eslint": "^10.1.0",
-    "broken-link-checker": "^0.7.8",
     "chalk": "^4.0.0",
     "commander": "^6.2.0",
     "count-array-values": "^1.2.1",

script/README.md

@@ -368,6 +368,13 @@ An automated test checks for discrepancies between filenames and [autogenerated
 ---
 
 
+### [`release-banner.js`](release-banner.js)
+
+This script creates or removes a release candidate banner for a specified version.
+
+
+---
+
 ### [`remove-deprecated-enterprise-version-markup.js`](remove-deprecated-enterprise-version-markup.js)
 
 Run this script after an Enterprise deprecation to remove Liquid statements and frontmatter that contain the deprecated Enterprise version. See the Enterprise deprecation issue template for instructions.
@@ -487,4 +494,3 @@ Run this script to: [upload individual files to S3](https://github.com/github/pr
 
 ---
 
-

script/check-english-links.js

@@ -0,0 +1,95 @@
+#!/usr/bin/env node
+
+const path = require('path')
+const fs = require('fs')
+const linkinator = require('linkinator')
+const dedent = require('dedent')
+const program = require('commander')
+const { escapeRegExp } = require('lodash')
+const checker = new linkinator.LinkChecker()
+const rimraf = require('rimraf').sync
+const root = 'https://docs.github.com'
+const englishRoot = `${root}/en`
+const { deprecated } = require('../lib/enterprise-server-releases')
+
+// [start-readme]
+//
+// This script runs once per day via a scheduled GitHub Action to check all links in
+// English content, not including deprecated Enterprise Server content. It opens an issue
+// if it finds broken links. To exclude a link, add it to `lib/excluded-links.js`.
+//
+// [end-readme]
+
+program
+  .description('Check all links in the English docs.')
+  .option('-d, --dry-run', 'Turn off recursion to get a fast minimal report (useful for previewing output).')
+  .parse(process.argv)
+
+// Skip excluded links defined in separate file.
+const excludedLinks = require('../lib/excluded-links')
+  .map(link => escapeRegExp(link))
+
+// Skip non-English content.
+const languagesToSkip = Object.keys(require('../lib/languages'))
+  .filter(code => code !== 'en')
+  .map(code => `${root}/${code}`)
+
+// Skip deprecated Enterprise content.
+// Capture the old format https://docs.github.com/enterprise/2.1/
+// and the new format https://docs.github.com/enterprise-server@2.19/.
+const enterpriseReleasesToSkip = new RegExp(`${root}.+?[/@](${deprecated.join('|')})/`)
+
+const config = {
+  path: englishRoot,
+  concurrency: 300,
+  // If this is a dry run, turn off recursion.
+  recurse: !program.dryRun,
+  silent: true,
+  // The values in this array are treated as regexes.
+  linksToSkip: [
+    enterpriseReleasesToSkip,
+    ...languagesToSkip,
+    ...excludedLinks
+  ]
+}
+
+main()
+
+async function main () {
+  const startTime = new Date()
+
+  // Clear and recreate a directory for logs.
+  const logFile = path.join(__dirname, '../.linkinator/full.log')
+  rimraf(path.dirname(logFile))
+  fs.mkdirSync(path.dirname(logFile), { recursive: true })
+
+  // Update CLI output and append to logfile after each checked link.
+  checker.on('link', result => {
+    fs.appendFileSync(logFile, JSON.stringify(result) + '\n')
+  })
+
+  // Start the scan; events will be logged as they occur.
+  const result = await checker.check(config)
+
+  // Scan is complete! Display the results.
+  const endTime = new Date()
+  const skippedLinks = result.links.filter(x => x.state === 'SKIPPED')
+  const brokenLinks = result.links.filter(x => x.state === 'BROKEN')
+
+  console.log(dedent`
+    ${brokenLinks.length} broken links found on docs.github.com
+
+    Link scan completed in ${endTime - startTime}ms
+    Total links: ${result.links.length}
+    Skipped links: ${skippedLinks.length}
+    Broken links: ${brokenLinks.length}
+    For more details see ${path.relative(process.cwd(), logFile)}
+  `)
+
+  if (brokenLinks.length) {
+    console.log('\n\n' + JSON.stringify(brokenLinks, null, 2))
+    process.exit(1)
+  }
+
+  process.exit(0)
+}

script/check-external-links

@@ -1,134 +0,0 @@
-#!/usr/bin/env bash
-
-# [start-readme]
-# The script is run once per day via a scheduled GitHub Action to check all links in the site. It automatically opens an issue if it finds broken links.
-# To exclude a URL from the link check, add it to `lib/excluded-links.js`.
-#
-# For checking internal links, see `script/check-internal-links`.
-# [end-readme]
-
-internal=""
-while getopts "h?i" opt; do
-  case "${opt}" in
-    h|\?) echo "Usage:"
-          echo "    script/check-external-links [OPTIONS] [two-letter language code]"
-          echo ""
-          echo "    script/check-external-links -i              Check internal links. Without this flag, check all links."
-          echo "    script/check-external-links -h              Display this help message."
-          exit 0
-          ;;
-    i) internal=" --internalOnly"
-       ;;
-  esac
-done
-shift $((OPTIND -1))
-
-if [ -z "${1}" ]
-then
-  echo "error: must provide two-letter language code"
-  exit 1
-fi
-
-languageCode=${1}
-
-# Pass options to script to construct blc command
-blcCommand="$(./script/get-blc-command.js ${internal} --language ${languageCode})"
-
-# Exit if script returned an error
-if test $? -eq 1
-then
-	exit 1
-fi
-
-# Determine logfile name based on options
-logfile=""
-if [ -z "${internal}" ]
-then
-  logfile="blc_output.log"
-else
-  logfile="blc_output_internal.log"
-fi
-
-# Kill any server running in the background, then start the server
-killall node >/dev/null 2>&1
-node server.js >/dev/null &
-sleep 5
-
-host="http://localhost:4000"
-
-# Check whether localhost is accessible
-hostStatus=$(curl -I --silent "${host}" | head -1)
-isHostOK=$(echo "${hostStatus}" | grep "[2|3][0-9][0-9]")
-if [ -z "${isHostOK}" ]
-then
-  echo "Can't connect to ${host}!"
-  echo ${hostStatus}
-  echo ${isHostOK}
-  exit 1
-fi
-
-# Execute blc and save output
-${blcCommand[@]} > ${logfile}
-
-# We're done with the server now, so end the process
-# killall node will also terminate this script, so find and kill the specific pid
-pid=$(ps aux | grep "node server.js" | grep -v "grep" | awk '{ print $2 }'); kill -INT $pid >/dev/null 2>&1
-
-# Recheck "403 Forbidden" results due to a bug
-# https://github.com/stevenvachon/broken-link-checker/issues/58
-# Also recheck "429" GitHub results
-urlsToRecheck=$(egrep "HTTP_4(03|29)" ${logfile} | grep -o "http.* ")
-
-if [ ! -z "${urlsToRecheck}" ]
-then
-  for url in ${urlsToRecheck}
-  do
-    # Curl each URL and grep for 4xx or 5xx in status code response
-    status=$(curl -I --silent "${url}" | head -1 | grep "[4|5][0-9][0-9]")
-    if [ -z "${status}" ]
-    then
-      # If no 4/5xx found, the link is NOT really broken, so remove it from the list
-      # This command needs to work in all implementations of sed (Mac/GNU/etc)
-      sed -i'.bak' -e "s|^.*$url.*$||" ${logfile}
-      # Remove backup file
-      find . -name "${logfile}.bak" | xargs rm
-    fi
-  done
-fi
-
-# Count number of broken links in output
-# Ignore "308 Permanent Redirect" results, which are not actually broken
-numberOfBrokenLinks=$(grep "BROKEN" ${logfile} | grep -vc HTTP_308)
-brokenLinks=$(grep "BROKEN" ${logfile} | grep -v HTTP_308)
-
-# If broken links are found, exit with status 1 so the check run fails
-if [ ${numberOfBrokenLinks} -gt 0 ]
-then
-  # Print "links" or "link" in message depending on the number found
-  if [ ${numberOfBrokenLinks} -gt 1 ]
-  then
-    linkOrLinks="links"
-  else
-    linkOrLinks="link"
-  fi
-  echo -e "\n${numberOfBrokenLinks} broken ${linkOrLinks} found on help.github.com\n"
-  echo -e "Note: links that start with 'http://localhost:4000/' are internal links.\n"
-
-  # List broken links
-  echo "${brokenLinks}"
-
-  # Update final number of broken links
-  echo -e "\n$(tail -2 ${logfile})" | sed "s|. [0-9]* broken.|. ${numberOfBrokenLinks} broken.|"
-
-  # Exit without failure when checking all links so script/open-broken-links-issue can run
-  if [ -z "${internal}" ]
-  then
-    exit 0
-  else
-    exit 1
-  fi
-else
-  echo "All links are good!"
-  echo -e "\n$(tail -2 ${logfile})"
-  exit 0
-fi

script/check-internal-links

@@ -1,36 +0,0 @@
-#!/usr/bin/env bash
-
-# [start-readme]
-# This script wraps tests/links-and-images.js and provides an option to output results to a file.
-#
-# For more information, see `tests/README.md#broken-link-test`.
-# [end-readme]
-
-# check if npx is installed
-command -v npx >/dev/null 2>&1 || { echo -e "npx is not installed. Run:\n\n\$ npm install -g npx" >&2; exit 1; }
-
-while getopts "h?f:" opt; do
-  case "${opt}" in
-    h|\?) echo "Usage:"
-          echo "    script/check-internal-links [OPTIONS]"
-          echo ""
-          echo "    script/check-internal-links -f [FILENAME]  Output the results of tests/links-and-images to a file."
-          echo "    script/check-internal-links -h             Display this help message."
-          exit 0
-          ;;
-    f) FILENAME="${OPTARG}"
-       ;;
-  esac
-done
-shift $((OPTIND -1))
-
-if [ "${FILENAME}" = "" ]
-then
-  npx jest links-and-images
-else
-  echo -e "Running tests/links-and-images.js\n"
-
-  npx jest links-and-images --no-color > ${FILENAME} 2>&1
-
-  echo "Done! Results in ${FILENAME}."
-fi

script/content-migrations/README.md

@@ -0,0 +1,7 @@
+# Content migration scripts
+
+This directory stores scripts that modify content and/or data files. Because
+writers are updating content all the time, scripts in here require more
+cross-team coordination and planning before they are run. Make sure to consider
+whether a script added here also needs to be run on translation files or if we
+can wait for the changes to come in organically via Crowdin.

script/content-migrations/update-developer-site-links.js

@@ -0,0 +1,73 @@
+#!/usr/bin/env node
+
+const fs = require('fs')
+const path = require('path')
+const walk = require('walk-sync')
+const frontmatter = require('@github-docs/frontmatter')
+const loadPages = require('../../lib/pages')
+const patterns = require('../../lib/patterns')
+const loadRedirects = require('../../lib/redirects/precompile')
+const allVersions = Object.keys(require('../../lib/all-versions'))
+
+// get all content and data files
+const files = ['content', 'data'].map(dir => {
+  return walk(path.join(process.cwd(), dir), { includeBasePath: true, directories: false })
+    .filter(file => file.endsWith('.md') && !file.endsWith('README.md'))
+}).flat()
+
+// match [foo](/v3) and [bar](/v4) Markdown links
+const linkRegex = new RegExp('\\(/v[34].*?\\)', 'g')
+
+main()
+
+async function main () {
+  // we need to load the pages so we can get the redirects
+  const englishPages = (await loadPages()).filter(p => p.languageCode === 'en')
+  const redirects = await loadRedirects(englishPages)
+
+  for (const file of files) {
+    const { data, content } = frontmatter(fs.readFileSync(file, 'utf8'))
+
+    const links = content.match(linkRegex)
+    if (!links) continue
+
+    // remove parentheses: (/v3) -> /v3
+    // also remove trailing slash before closing parens if there is one
+    const devLinks = links
+      .map(link => link.replace('(', '').replace(/\/?\)/, ''))
+
+    let newContent = content
+
+    for (const devLink of devLinks) {
+      const [link, fragment] = devLink.split(/\/?#/)
+
+      let redirect = redirects[link]
+
+      if (!redirect) {
+        console.log(`no redirect found for ${devLink} in ${file}`)
+        continue
+      }
+
+      // do some cleanup
+      redirect = redirect
+        // remove language code segment
+        .replace(patterns.getLanguageCode, '')
+        // remove version segment
+        .replace(new RegExp(`/(${allVersions.join('|')})`), '')
+
+      // re-add the fragment
+      const newLink = fragment
+        ? redirect + '#' + fragment
+        : redirect
+
+      // first remove any trailing slashes from the old link,
+      // then replace with the new link
+      newContent = newContent
+        .replace(`${devLink}/`, devLink)
+        .replace(devLink, newLink)
+    }
+
+    fs.writeFileSync(file, frontmatter.stringify(newContent, data, { lineWidth: 10000 }))
+  }
+  console.log('Done!')
+}

script/get-blc-command.js

@@ -1,61 +0,0 @@
-#!/usr/bin/env node
-
-const supportedLanguages = Object.values(require('../lib/languages')).map(language => language.code)
-const excludedLinks = require('../lib/excluded-links')
-const program = require('commander')
-
-// [start-readme]
-//
-// This script parses options for `script/check-external-links`.
-//
-// [end-readme]
-
-program
-  .description('Construct a blc command to run in script/check-external-links')
-  .option('-L, --language <lang_code>', 'required language code')
-  .option('-i, --internalOnly', 'check internal links only')
-  .parse(process.argv)
-
-const languageCode = program.language
-
-if (!languageCode || !supportedLanguages.includes(languageCode)) {
-  console.error(`error: you must provide a currently supported language code: ${supportedLanguages.join(', ')}\n`)
-  process.exit(1)
-}
-
-// options for blc: https://github.com/stevenvachon/broken-link-checker#command-line-usage
-const blcPackage = './node_modules/broken-link-checker/bin/blc'
-const host = 'http://localhost:4000'
-const hostWithLanguage = `${host}/${languageCode}`
-const maintainOrder = '--ordered' // maintain order of links in html
-const recursive = '--recursive'
-const requestMethod = '--get'
-const filterLevel = '--filter-level 3' // level 3 checks the most assets
-const excludeExternal = program.internalOnly ? ' --exclude-external' : ''
-
-let command = `${blcPackage} ${hostWithLanguage} ${maintainOrder} ${recursive} ${requestMethod} ${filterLevel}${excludeExternal}`
-
-let excludeStrings = ''
-
-// blc can only except one string per --exclude option
-// so we need to construct multiple strings from exclusions array
-excludedLinks.forEach(excludedLink => {
-  excludeStrings = `${excludeStrings} --exclude ${excludedLink}`
-})
-
-// prevent link checker from crawling other languages
-// for example, if we're checking links on the English site
-// we need to exclude links on Japanese, Chinese, Spanish, etc.
-supportedLanguages.forEach(supportedLanguage => {
-  if (supportedLanguage === languageCode) return
-  const internalLink = `${host}/${supportedLanguage}/*`
-  const externalLink = `https://help.github.com/${supportedLanguage}/*`
-  excludeStrings = `${excludeStrings} --exclude ${internalLink}`
-  excludeStrings = `${excludeStrings} --exclude ${externalLink}`
-})
-
-// get final command
-command = command + excludeStrings
-
-// output final command
-console.log(command)

script/release-banner.js

@@ -0,0 +1,60 @@
+#!/usr/bin/env node
+
+const fs = require('fs')
+const path = require('path')
+const program = require('commander')
+const yaml = require('js-yaml')
+const allVersions = require('../lib/all-versions')
+const releaseCandidateFile = 'data/variables/release_candidate.yml'
+const releaseCandidateYaml = path.join(process.cwd(), releaseCandidateFile)
+
+const allowedActions = ['create', 'remove']
+
+// [start-readme]
+//
+// This script creates or removes a release candidate banner for a specified version.
+//
+// [end-readme]
+
+program
+  .description('Create or remove a release candidate banner for the provided docs version.')
+  // The following two settings let us use `version` as a flag without clashing with reserved opts
+  .storeOptionsAsProperties(false)
+  .passCommandToAction(false)
+  .option(`-a, --action <${allowedActions.join(' or ')}>`, 'Create or remove the banner.')
+  .option('-v, --version <version>', 'The version the banner applies to. Must be in <plan@release> format.')
+  .parse(process.argv)
+
+const options = program.opts()
+
+if (!allowedActions.includes(options.action)) {
+  console.log(`Error! You must specify --action <${allowedActions.join(' or ')}>.`)
+  process.exit(1)
+}
+
+if (!(Object.keys(allVersions).includes(options.version))) {
+  console.log('Error! You must specify --version with the full name of a supported version, e.g., enterprise-server@2.22.')
+  process.exit(1)
+}
+
+// Load the release candidate variable
+const releaseCandidateData = yaml.safeLoad(fs.readFileSync(releaseCandidateYaml, 'utf8'))
+
+// Create or remove the variable
+if (options.action === 'create') {
+  releaseCandidateData.version = options.version
+}
+
+if (options.action === 'remove') {
+  releaseCandidateData.version = ''
+}
+
+// Update the file
+fs.writeFileSync(releaseCandidateYaml, yaml.safeDump(releaseCandidateData))
+
+// Display next steps
+console.log(`\nDone! Commit the update to ${releaseCandidateFile}. This ${options.action}s the banner for ${options.version}.
+
+- To change the banner text, you can edit header.notices.release_candidate in data/ui.yml.
+- To change the banner styling, you can edit includes/header-notification.html.
+`)

stylesheets/index.scss

@@ -27,6 +27,7 @@
 @import "@primer/css/tooltips/index.scss";
 @import "@primer/css/truncate/index.scss";
 @import "@primer/css/utilities/index.scss";
+@import "@primer/css/avatars/index.scss";
 // END CUSTOM CORE IMPORT
 
 @import "@primer/css/markdown/index.scss";
@@ -52,3 +53,5 @@ $marketing-font-path: "/dist/fonts/";
 @import "tables.scss";
 @import "opacity.scss";
 @import "print.scss";
+@import "shadows.scss";
+@import "product-landing.scss";

stylesheets/product-landing.scss

@@ -0,0 +1,3 @@
+.bg-guides-gradient {
+  background: linear-gradient(0deg, rgba(33, 136, 255, 0.11) 0%, rgba(255, 255, 255, 0) 100%);
+}

stylesheets/shadows.scss

@@ -0,0 +1,33 @@
+.hover-shadow {
+  & {
+    transition: box-shadow 0.3s ease-in-out;
+
+    &:hover {
+      box-shadow: $box-shadow !important;
+    }
+  }
+  
+  &-medium {
+    transition: box-shadow 0.3s ease-in-out;
+
+    &:hover {
+      box-shadow: $box-shadow-medium !important;
+    }
+  }
+  
+  &-large {
+    transition: box-shadow 0.3s ease-in-out;
+
+    &:hover {
+      box-shadow: $box-shadow-large !important;
+    }
+  }
+  
+  &-extra-large {
+    transition: box-shadow 0.3s ease-in-out;
+
+    &:hover {
+      box-shadow: $box-shadow-extra-large !important;
+    }
+  }
+}

stylesheets/tables.scss

@@ -2,6 +2,7 @@
   border-collapse: collapse;
   position: relative;
   font-size: 90%;
+  width: 100%;
   /* We want to keep table-layout: auto so that column widths dynamically adjust;
   otherwise entries get needlessly smushed into narrow columns. As a workaround,
   we use javascripts/wrap-code-terms.js to prevent some reference table content
@@ -12,7 +13,6 @@
     font-size: 100%;
     background: none;
     padding: 0;
-    font-weight: bold;
   }
 
   thead tr {
@@ -57,7 +57,7 @@
   td.has-nested-table {
     width: 100%;
 
-    table.slim {
+    table {
       table-layout: auto;
     }
   }

tests/content/lint-files.js

@@ -267,6 +267,7 @@ describe('lint-files', () => {
         const matches = []
 
         for (const [key, content] of Object.entries(dictionary)) {
+          if (typeof content !== 'string') continue
           const valMatches = (content.match(relativeArticleLinkRegex) || [])
           if (valMatches.length > 0) {
             matches.push(...valMatches.map((match) => `Key "${key}": ${match}`))
@@ -281,6 +282,7 @@ describe('lint-files', () => {
         const matches = []
 
         for (const [key, content] of Object.entries(dictionary)) {
+          if (typeof content !== 'string') continue
           const valMatches = (content.match(languageLinkRegex) || [])
           if (valMatches.length > 0) {
             matches.push(...valMatches.map((match) => `Key "${key}": ${match}`))
@@ -295,6 +297,7 @@ describe('lint-files', () => {
         const matches = []
 
         for (const [key, content] of Object.entries(dictionary)) {
+          if (typeof content !== 'string') continue
           const valMatches = (content.match(versionLinkRegEx) || [])
           if (valMatches.length > 0) {
             matches.push(...valMatches.map((match) => `Key "${key}": ${match}`))
@@ -309,6 +312,7 @@ describe('lint-files', () => {
         const matches = []
 
         for (const [key, content] of Object.entries(dictionary)) {
+          if (typeof content !== 'string') continue
           const valMatches = (content.match(domainLinkRegex) || [])
           if (valMatches.length > 0) {
             matches.push(...valMatches.map((match) => `Key "${key}": ${match}`))
@@ -323,6 +327,7 @@ describe('lint-files', () => {
         const matches = []
 
         for (const [key, content] of Object.entries(dictionary)) {
+          if (typeof content !== 'string') continue
           const valMatches = (content.match(oldVariableRegex) || [])
           if (valMatches.length > 0) {
             matches.push(...valMatches.map((match) => {
@@ -341,6 +346,7 @@ describe('lint-files', () => {
         const matches = []
 
         for (const [key, content] of Object.entries(dictionary)) {
+          if (typeof content !== 'string') continue
           const valMatches = (content.match(oldOcticonRegex) || [])
           if (valMatches.length > 0) {
             matches.push(...valMatches.map((match) => `Key "${key}": ${match}`))
@@ -355,6 +361,7 @@ describe('lint-files', () => {
         const matches = []
 
         for (const [key, content] of Object.entries(dictionary)) {
+          if (typeof content !== 'string') continue
           const valMatches = (content.match(oldExtendedMarkdownRegex) || [])
           if (valMatches.length > 0) {
             matches.push(...valMatches.map((match) => `Key "${key}": ${match}`))

tests/content/liquid-line-breaks.js

@@ -81,6 +81,7 @@ describe('Liquid references', () => {
         const matches = []
 
         for (const [key, content] of Object.entries(dictionary)) {
+          if (typeof content !== 'string') continue
           const valMatches = (content.match(liquidRefsWithLinkBreaksRegex) || [])
           if (valMatches.length > 0) {
             matches.push(...valMatches.map((match) => `Key "${key}": ${match}`))

tests/fixtures/rest-redirects.json

@@ -451,7 +451,7 @@
   "/v3/migrations/orgs": "/en/free-pro-team@latest/rest/reference/migrations#orgs",
   "/v3/migrations/source_imports": "/en/free-pro-team@latest/rest/reference/migrations#source-imports",
   "/v3/migrations/users": "/en/free-pro-team@latest/rest/reference/migrations#users",
-  "/v3/oauth_authorizations": "/en/free-pro-team@latest/rest/reference/oauth-authorizations",
+  "/v3/oauth_authorizations": "/en/enterprise-server/rest/reference/oauth-authorizations",
   "/v3/orgs/blocking": "/en/free-pro-team@latest/rest/reference/orgs#blocking",
   "/v3/orgs/hooks": "/en/free-pro-team@latest/rest/reference/orgs#hooks",
   "/v3/orgs": "/en/free-pro-team@latest/rest/reference/orgs",

tests/rendering/header.js

@@ -42,15 +42,13 @@ describe('header', () => {
   describe('notices', () => {
     test('displays a "localization in progress" notice for WIP languages', async () => {
       const $ = await getDOM('/de')
-      expect($('.header-notifications.localization_in_progress').length).toBe(1)
-      expect($('.localization_complete').length).toBe(0)
+      expect($('.header-notifications.translation_notice').length).toBe(1)
       expect($('.header-notifications a[href="/en"]').length).toBe(1)
     })
 
     test('displays "complete" notice for non-WIP non-English languages', async () => {
       const $ = await getDOM('/ja')
-      expect($('.header-notifications.localization_complete').length).toBe(1)
-      expect($('.localization_in_progress').length).toBe(0)
+      expect($('.header-notifications.translation_notice').length).toBe(1)
       expect($('.header-notifications a[href="/en"]').length).toBe(1)
       expect($('.header-notifications a[href*="github.com/contact"]').length).toBe(1)
     })
@@ -62,7 +60,7 @@ describe('header', () => {
 
     test('displays translation disclaimer notice on localized site-policy pages', async () => {
       const $ = await getDOM('/ja/github/site-policy/github-logo-policy')
-      expect($('.header-notifications.translation_policy a[href="https://github.com/github/site-policy/issues"]').length).toBe(1)
+      expect($('.header-notifications.translation_notice a[href="https://github.com/github/site-policy/issues"]').length).toBe(1)
     })
   })
 

translations/de-DE/content/actions/guides/building-and-testing-powershell.md

@@ -0,0 +1,236 @@
+---
+title: Building and testing PowerShell
+intro: You can create a continuous integration (CI) workflow to build and test your PowerShell project.
+product: '{% data reusables.gated-features.actions %}'
+versions:
+  free-pro-team: '*'
+  enterprise-server: '>=2.22'
+---
+
+{% data reusables.actions.enterprise-beta %}
+{% data reusables.actions.enterprise-github-hosted-runners %}
+
+### Einführung
+
+This guide shows you how to use PowerShell for CI. It describes how to use Pester, install dependencies, test your module, and publish to the PowerShell Gallery.
+
+{% data variables.product.prodname_dotcom %}-hosted runners have a tools cache with pre-installed software, which includes PowerShell and Pester. For a full list of up-to-date software and the pre-installed versions of PowerShell and Pester, see "[Specifications for {% data variables.product.prodname_dotcom %}-hosted runners](/actions/reference/specifications-for-github-hosted-runners/#supported-software)".
+
+### Vorrausetzungen
+
+Du solltest mit YAML und der Syntax für {% data variables.product.prodname_actions %} vertraut sein. For more information, see "[Learn {% data variables.product.prodname_actions %}](/actions/learn-github-actions)."
+
+We recommend that you have a basic understanding of PowerShell and Pester. Weitere Informationen findest Du unter:
+- [Getting started with PowerShell](https://docs.microsoft.com/powershell/scripting/learn/ps101/01-getting-started)
+- [Pester](https://pester.dev)
+
+{% data reusables.actions.enterprise-setup-prereq %}
+
+### Adding a workflow for Pester
+
+To automate your testing with PowerShell and Pester, you can add a workflow that runs every time a change is pushed to your repository. In the following example, `Test-Path` is used to check that a file called `resultsfile.log` is present.
+
+This example workflow file must be added to your repository's `.github/workflows/` directory:
+
+{% raw %}
+```yaml
+name: Test PowerShell on Ubuntu
+on: push
+
+jobs:
+  pester-test:
+    name: Pester test
+    runs-on: ubuntu-latest
+    steps:
+    - name: Check out repository code
+      uses: actions/checkout@v2
+    - name: Perform a Pester test from the command-line
+      shell: pwsh
+      run: Test-Path resultsfile.log | Should -Be $true
+    - name: Perform a Pester test from the Tests.ps1 file
+      shell: pwsh
+      run: |
+        Invoke-Pester Unit.Tests.ps1 -Passthru
+```
+{% endraw %}
+
+* `shell: pwsh` - Configures the job to use PowerShell when running the `run` commands.
+* `run: Test-Path resultsfile.log` - Check whether a file called `resultsfile.log` is present in the repository's root directory.
+* `Should -Be $true` - Uses Pester to define an expected result. If the result is unexpected, then {% data variables.product.prodname_actions %} flags this as a failed test. Ein Beispiel:
+
+  ![Failed Pester test](/assets/images/help/repository/actions-failed-pester-test.png)
+
+* `Invoke-Pester Unit.Tests.ps1 -Passthru` - Uses Pester to execute tests defined in a file called `Unit.Tests.ps1`. For example, to perform the same test described above, the `Unit.Tests.ps1` will contain the following:
+  ```
+  Describe "Check results file is present" {
+      It "Check results file is present" {
+          Test-Path resultsfile.log | Should -Be $true
+      }
+  }
+  ```
+
+### PowerShell module locations
+
+The table below describes the locations for various PowerShell modules in each {% data variables.product.prodname_dotcom %}-hosted runner.
+
+|                               | Ubuntu                                           | macOS                                             | Windows                                                      |
+| ----------------------------- | ------------------------------------------------ | ------------------------------------------------- | ------------------------------------------------------------ |
+| **PowerShell system modules** | `/opt/microsoft/powershell/7/Modules/*`          | `/usr/local/microsoft/powershell/7/Modules/*`     | `C:\program files\powershell\7\Modules\*`              |
+| **PowerShell add-on modules** | `/usr/local/share/powershell/Modules/*`          | `/usr/local/share/powershell/Modules/*`           | `C:\Modules\*`                                            |
+| **User-installed modules**    | `/home/runner/.local/share/powershell/Modules/*` | `/Users/runner/.local/share/powershell/Modules/*` | `C:\Users\runneradmin\Documents\PowerShell\Modules\*` |
+
+### Abhängigkeiten installieren
+
+{% data variables.product.prodname_dotcom %}-hosted runners have PowerShell 7 and Pester installed. You can use `Install-Module` to install additional dependencies from the PowerShell Gallery before building and testing your code.
+
+{% note %}
+
+**Note:** The pre-installed packages (such as Pester) used by {% data variables.product.prodname_dotcom %}-hosted runners are regularly updated, and can introduce significant changes. As a result, it is recommended that you always specify the required package versions by using `Install-Module` with `-MaximumVersion`.
+
+{% endnote %}
+
+Du kannst Abhängigkeiten auch im Cache zwischenspeichern, um Deinen Workflow zu beschleunigen. Weitere Informationen findest Du unter „[Abhängigkeiten im Cache zwischenspeichern, um Deinen Workflow zu beschleunigen](/actions/automating-your-workflow-with-github-actions/caching-dependencies-to-speed-up-workflows)“.
+
+For example, the following job installs the `SqlServer` and `PSScriptAnalyzer` modules:
+
+{% raw %}
+```yaml
+jobs:
+  install-dependencies:
+    name: Install dependencies
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v2
+    - name: Install from PSGallery
+      shell: pwsh
+      run: |
+        Set-PSRepository PSGallery -InstallationPolicy Trusted
+        Install-Module SqlServer, PSScriptAnalyzer
+```
+{% endraw %}
+
+{% note %}
+
+**Note:** By default, no repositories are trusted by PowerShell. When installing modules from the PowerShell Gallery, you must explicitly set the installation policy for `PSGallery` to `Trusted`.
+
+{% endnote %}
+
+#### Abhängigkeiten „cachen“ (zwischenspeichern)
+
+You can cache PowerShell dependencies using a unique key, which allows you to restore the dependencies for future workflows with the [`cache`](https://github.com/marketplace/actions/cache) action. For more information, see "[Caching dependencies to speed up workflows](/actions/automating-your-workflow-with-github-actions/caching-dependencies-to-speed-up-workflows)."
+
+PowerShell caches its dependencies in different locations, depending on the runner's operating system. For example, the `path` location used in the following Ubuntu example will be different for a Windows operating system.
+
+{% raw %}
+```yaml
+steps:
+  - uses: actions/checkout@v2
+  - name: Setup PowerShell module cache
+    id: cacher
+    uses: actions/cache@v2
+    with:
+      path: "~/.local/share/powershell/Modules"
+      key: ${{ runner.os }}-SqlServer-PSScriptAnalyzer
+  - name: Install required PowerShell modules
+    if: steps.cacher.outputs.cache-hit != 'true'
+    shell: pwsh
+    run: |
+      Set-PSRepository PSGallery -InstallationPolicy Trusted
+      Install-Module SqlServer, PSScriptAnalyzer -ErrorAction Stop
+```
+{% endraw %}
+
+### Deinen Code testen
+
+Du kannst die gleichen Befehle verwenden, die Du auch lokal verwendest, um Deinen Code zu erstellen und zu testen.
+
+#### Using PSScriptAnalyzer to lint code
+
+The following example installs `PSScriptAnalyzer` and uses it to lint all `ps1` files in the repository. For more information, see [PSScriptAnalyzer on GitHub](https://github.com/PowerShell/PSScriptAnalyzer).
+
+{% raw %}
+```yaml
+  lint-with-PSScriptAnalyzer:
+    name: Install and run PSScriptAnalyzer
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v2
+    - name: Install PSScriptAnalyzer module
+      shell: pwsh
+      run: |
+            Set-PSRepository PSGallery -InstallationPolicy Trusted
+            Install-Module PSScriptAnalyzer -ErrorAction Stop
+    - name: Lint with PSScriptAnalyzer
+      shell: pwsh
+      run: |
+            Invoke-ScriptAnalyzer -Path *.ps1 -Recurse -Outvariable issues
+            $errors   = $issues.Where({$_.Severity -eq 'Error'})
+            $warnings = $issues.Where({$_.Severity -eq 'Warning'})
+            if ($errors) {
+                Write-Error "There were $($errors.Count) errors and $($warnings.Count) warnings total." -ErrorAction Stop
+            } else {
+                Write-Output "There were $($errors.Count) errors and $($warnings.Count) warnings total."
+            }
+```
+{% endraw %}
+
+### Workflow-Daten als Artefakte paketieren
+
+You can upload artifacts to view after a workflow completes. Zum Beispiel kann es notwendig sein, Logdateien, Core Dumps, Testergebnisse oder Screenshots zu speichern. Weitere Informationen findest Du unter "[Workflow-Daten mittels Artefakten persistieren](/github/automating-your-workflow-with-github-actions/persisting-workflow-data-using-artifacts)."
+
+The following example demonstrates how you can use the `upload-artifact` action to archive the test results received from `Invoke-Pester`. For more information, see the [`upload-artifact` action](https://github.com/actions/upload-artifact).
+
+{% raw %}
+```yaml
+name: Upload artifact from Ubuntu
+
+on: [push]
+
+jobs:
+  upload-pester-results:
+    name: Run Pester and upload results
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v2
+    - name: Test with Pester
+      shell: pwsh
+      run: Invoke-Pester Unit.Tests.ps1 -Passthru | Export-CliXml -Path Unit.Tests.xml
+    - name: Upload test results
+      uses: actions/upload-artifact@v2
+      with:
+        name: ubuntu-Unit-Tests
+        path: Unit.Tests.xml
+    if: ${{ always() }}
+```
+{% endraw %}
+
+The `always()` function configures the job to continue processing even if there are test failures. For more information, see "[always](/actions/reference/context-and-expression-syntax-for-github-actions#always)."
+
+### Publishing to PowerShell Gallery
+
+You can configure your workflow to publish your PowerShell module to the PowerShell Gallery when your CI tests pass. You can use repository secrets to store any tokens or credentials needed to publish your package. Weitere Informationen findest Du unter "[Verschlüsselte Geheimnisse erstellen und verwenden](/github/automating-your-workflow-with-github-actions/creating-and-using-encrypted-secrets)".
+
+The following example creates a package and uses `Publish-Module` to publish it to the PowerShell Gallery:
+
+{% raw %}
+```yaml
+name: Publish PowerShell Module
+
+on:
+  release:
+    types: [created]
+
+jobs:
+  publish-to-gallery:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v2
+    - name: Build and publish
+      env:
+        NUGET_KEY: ${{ secrets.NUGET_KEY }}
+      shell: pwsh
+      run: |
+        ./build.ps1 -Path /tmp/samplemodule
+        Publish-Module -Path /tmp/samplemodule -NuGetApiKey $env:NUGET_KEY -Verbose
+```
+{% endraw %}

translations/de-DE/content/actions/guides/index.md

@@ -29,6 +29,7 @@ You can use {% data variables.product.prodname_actions %} to create custom conti
 {% link_in_list /about-continuous-integration %}
 {% link_in_list /setting-up-continuous-integration-using-workflow-templates %}
 {% link_in_list /building-and-testing-nodejs %}
+{% link_in_list /building-and-testing-powershell %}
 {% link_in_list /building-and-testing-python %}
 {% link_in_list /building-and-testing-java-with-maven %}
 {% link_in_list /building-and-testing-java-with-gradle %}

translations/de-DE/content/actions/guides/storing-workflow-data-as-artifacts.md

@@ -171,12 +171,12 @@ Von den Artefakten eines vorherigen Auftrags abhängige Aufträge müssen auf de
 
 Auftrag 1 führt die folgenden Schritte durch:
 - Führt eine mathematische Berechnung aus und speichert das Ergebnis in einer Textdatei namens `math-homework.txt`.
-- Verwendet die Aktion `upload-artifact`, um die Datei `math-homework.txt` mit dem Namen `homework` hochzuladen. Die Aktion platziert die Datei in einem Verzeichnis mit dem Namen `homework`.
+- Uses the `upload-artifact` action to upload the `math-homework.txt` file with the artifact name `homework`.
 
 Auftrag 2 verwendet das Ergebnis des vorherigen Auftrags:
 - Lädt das im vorherigen Auftrag hochgeladene `homework`-Artefakt herunter. Die Aktion `download-artifact` lädt die Artefakte standardmäßig in das Verzeichnis der Arbeitsoberfläche, in dem der Schritt ausgeführt wird. Du kannst den Eingabeparameter `path` verwenden, um ein anderes Download-Verzeichnis anzugeben.
-- Liest den Wert in der Datei `homework/math-homework.txt`, führt eine mathematische Berechnung durch und speichert das Ergebnis in `math-homework.txt`.
-- Lädt die Datei `math-homework.txt` hoch. Dieser Upload überschreibt den vorherigen Upload, da beide Uploads den gleichen Namen haben.
+- Reads the value in the `math-homework.txt` file, performs a math calculation, and saves the result to `math-homework.txt` again, overwriting its contents.
+- Lädt die Datei `math-homework.txt` hoch. This upload overwrites the previously uploaded artifact because they share the same name.
 
 Auftrag 3 zeigt das im vorherigen Auftrag hochgeladene Ergebnis an:
 - Lädt das `homework`-Artefakt herunter.

translations/de-DE/content/actions/hosting-your-own-runners/about-self-hosted-runners.md

@@ -111,6 +111,7 @@ Du musst sicherstellen, dass der Rechner über den entsprechenden Netzwerkzugrif
 github.com
 api.github.com
 *.actions.githubusercontent.com
+codeload.github.com
 ```
 
 If you use an IP address allow list for your {% data variables.product.prodname_dotcom %} organization or enterprise account, you must add your self-hosted runner's IP address to the allow list. For more information, see "[Managing allowed IP addresses for your organization](/github/setting-up-and-managing-organizations-and-teams/managing-allowed-ip-addresses-for-your-organization#using-github-actions-with-an-ip-allow-list)" or "[Enforcing security settings in your enterprise account](/github/setting-up-and-managing-your-enterprise/enforcing-security-settings-in-your-enterprise-account#using-github-actions-with-an-ip-allow-list)".

translations/de-DE/content/actions/index.md

@@ -4,17 +4,34 @@ shortTitle: GitHub Actions
 intro: 'Mit {% data variables.product.prodname_actions %} kannst Du Deine Softwareentwicklungs-Workflows direkt in Ihrem Repository automatisieren, anpassen und ausführen. Du kannst Actions entdecken, erstellen und weitergeben, um beliebige Aufträge (einschließlich CI/CD) auszuführen. Du kannst auch Actions in einem vollständig angepassten Workflow kombinieren.'
 introLinks:
   quickstart: /actions/quickstart
-  learn: /actions/learn-github-actions
+  reference: /actions/reference
 featuredLinks:
+  guides:
+    - /actions/guides/setting-up-continuous-integration-using-workflow-templates
+    - /actions/guides/about-packaging-with-github-actions
   gettingStarted:
     - /actions/managing-workflow-runs
     - /actions/hosting-your-own-runners
-  guide:
-    - /actions/guides/setting-up-continuous-integration-using-workflow-templates
-    - /actions/guides/about-packaging-with-github-actions
   popular:
     - /actions/reference/workflow-syntax-for-github-actions
     - /actions/reference/events-that-trigger-workflows
+changelog:
+  - 
+    title: Self-Hosted Runner Group Access Changes
+    date: '2020-10-16'
+    href: https://github.blog/changelog/2020-10-16-github-actions-self-hosted-runner-group-access-changes/
+  - 
+    title: Ability to change retention days for artifacts and logs
+    date: '2020-10-08'
+    href: https://github.blog/changelog/2020-10-08-github-actions-ability-to-change-retention-days-for-artifacts-and-logs
+  - 
+    title: Deprecating set-env and add-path commands
+    date: '2020-10-01'
+    href: https://github.blog/changelog/2020-10-01-github-actions-deprecating-set-env-and-add-path-commands
+  - 
+    title: Fine-tune access to external actions
+    date: '2020-10-01'
+    href: https://github.blog/changelog/2020-10-01-github-actions-fine-tune-access-to-external-actions
 redirect_from:
   - /articles/automating-your-workflow-with-github-actions/
   - /articles/customizing-your-project-with-github-actions/
@@ -36,44 +53,8 @@ versions:
 <!-- {% link_with_intro /hosting-your-own-runners %} -->
 <!-- {% link_with_intro /reference %} -->
 
-<!-- Article links -->
-<div class="d-lg-flex gutter my-6 py-6">
-  <div class="col-12 col-lg-4 mb-4 mb-lg-0">
-    <div class="featured-links-heading pb-4">
-      <h3 class="f5 text-normal text-mono underline-dashed color-gray-5">{% data ui.toc.guides %}</h3>
-    </div>
-    <ul class="list-style-none">
-      {% for link in featuredLinks.guide %}
-        <li>{% include featured-link %}</li>
-      {% endfor %}
-    </ul>
-  </div>
-
-  <div class="col-12 col-lg-4 mb-4 mb-lg-0">
-    <div class="featured-links-heading pb-4">
-      <h3 class="f5 text-normal text-mono underline-dashed color-gray-5">{% data ui.toc.popular_articles %}</h3>
-    </div>
-    <ul class="list-style-none">
-      {% for link in featuredLinks.popular %}
-        <li>{% include featured-link %}</li>
-      {% endfor %}
-    </ul>
-  </div>
-
-  <div class="col-12 col-lg-4 mb-4 mb-lg-0">
-    <div class="featured-links-heading pb-4">
-      <h3 class="f5 text-normal text-mono underline-dashed color-gray-5">Manage workflows</h3>
-    </div>
-    <ul class="list-style-none">
-      {% for link in featuredLinks.gettingStarted %}
-        <li>{% include featured-link %}</li>
-      {% endfor %}
-    </ul>
-  </div>
-</div>
-
 <!-- Code examples -->
-<div class="mt-6 pt-6">
+<div class="my-6 pt-6">
   <h2 class="mb-2">More guides</h2>
 
   <div class="d-flex flex-wrap gutter">

translations/de-DE/content/actions/learn-github-actions/finding-and-customizing-actions.md

@@ -87,7 +87,7 @@ For more information, see "[Using release management for actions](/actions/creat
 
 ### Using inputs and outputs with an action
 
-An action often accepts or requires inputs and generates outputs that you can use. For example, an action might require you to specify a path to a file, the name of a label, or other data it will uses as part of the action processing.
+An action often accepts or requires inputs and generates outputs that you can use. For example, an action might require you to specify a path to a file, the name of a label, or other data it will use as part of the action processing.
 
 To see the inputs and outputs of an action, check the `action.yml` or `action.yaml` in the root directory of the repository.
 
@@ -149,7 +149,7 @@ jobs:
         verwendet: docker://alpine:3.8
 ```
 
-For some examples of Docker actions, see the [Docker-image.yml workflow](https://github.com/actions/starter-workflows/blob/main/ci/docker-image.yml) and "[Creating a Docker container action](/articles/creating-a-docker-container-action)."
+Einige Beispiele für Docker-Aktionen findest Du im [Docker-image.yml-Workflow](https://github.com/actions/starter-workflows/blob/main/ci/docker-image.yml) oder unter „[Eine Docker-Container-Aktion erstellen](/articles/creating-a-docker-container-action)“.
 
 ### Nächste Schritte:
 

translations/de-DE/content/actions/learn-github-actions/index.md

@@ -36,7 +36,8 @@ versions:
 {% link_with_intro /managing-complex-workflows %}
 {% link_with_intro /sharing-workflows-with-your-organization %}
 {% link_with_intro /security-hardening-for-github-actions %}
+{% link_with_intro /migrating-from-azure-pipelines-to-github-actions %}
 {% link_with_intro /migrating-from-circleci-to-github-actions %}
 {% link_with_intro /migrating-from-gitlab-cicd-to-github-actions %}
-{% link_with_intro /migrating-from-azure-pipelines-to-github-actions %}
 {% link_with_intro /migrating-from-jenkins-to-github-actions %}
+{% link_with_intro /migrating-from-travis-ci-to-github-actions %}

translations/de-DE/content/actions/learn-github-actions/introduction-to-github-actions.md

@@ -34,7 +34,7 @@ The workflow is an automated procedure that you add to your repository. Workflow
 
 #### Ereignisse
 
-An event is a specific activity that triggers a workflow. Die Aktivität kann beispielsweise von {% data variables.product.prodname_dotcom %} stammen, wenn ein Commit an Repository gepusht oder wenn ein Issue oder ein Pull Request erstellt wird. You can also use the repository dispatch webhook to trigger a workflow when an external event occurs. For a complete list of events that can be used to trigger workflows, see [Events that trigger workflows](/actions/reference/events-that-trigger-workflows).
+An event is a specific activity that triggers a workflow. Die Aktivität kann beispielsweise von {% data variables.product.prodname_dotcom %} stammen, wenn ein Commit an Repository gepusht oder wenn ein Issue oder ein Pull Request erstellt wird. You can also use the [repository dispatch webhook](/rest/reference/repos#create-a-repository-dispatch-event) to trigger a workflow when an external event occurs. For a complete list of events that can be used to trigger workflows, see [Events that trigger workflows](/actions/reference/events-that-trigger-workflows).
 
 #### Jobs