Merge branch 'main' into update-dates-script

.github/allowed-actions.js

@@ -32,5 +32,6 @@ module.exports = [
   'repo-sync/pull-request@33777245b1aace1a58c87a29c90321aa7a74bd7d',
   'someimportantcompany/github-actions-slack-message@0b470c14b39da4260ed9e3f9a4f1298a74ccdefd',
   'tjenkinson/gh-action-auto-merge-dependency-updates@cee2ac0',
-  'EndBug/add-and-commit@9358097a71ad9fb9e2f9624c6098c89193d83575'
+  'EndBug/add-and-commit@9358097a71ad9fb9e2f9624c6098c89193d83575',
+  'dorny/paths-filter@eb75a1edc117d3756a18ef89958ee59f9500ba58'
 ]

.github/workflows/autoupdate-repo-sync-branch-on-cron.yml

@@ -1,15 +0,0 @@
-name: autoupdate reposync branch on cron
-on:
-  schedule:
-    - cron: '*/5 * * * *'
-jobs:
-  autoupdate:
-    name: autoupdate
-    runs-on: ubuntu-18.04
-    steps:
-      - uses: docker://chinthakagodawita/autoupdate-action:v1
-        env:
-          GITHUB_TOKEN: ${{ secrets.OCTOMERGER_PAT_WITH_REPO_AND_WORKFLOW_SCOPE }}
-          PR_FILTER: labelled
-          PR_LABELS: 'automated-reposync-pr'
-          MERGE_MSG: "Branch was updated using the 'autoupdate reposync branch on cron' Actions workflow."

.github/workflows/close-unwanted-pull-requests.yml

@@ -1,39 +0,0 @@
-name: Close unwanted pull requests
-on:
-  pull_request:
-    paths:
-      - '.github/workflows/**'
-      - '.github/CODEOWNERS'
-      - 'translations/**'
-      - 'assets/fonts/**'
-      - 'data/graphql/**'
-      - 'lib/graphql/**'
-      - 'lib/redirects/**'
-      - 'lib/webhooks/**'
-jobs:
-  close_unwanted_pull_requests:
-    if: github.repository == 'github/docs' && github.event.pull_request.user.login != 'Octomerger'
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/github-script@626af12fe9a53dc2972b48385e7fe7dec79145c9
-        with:
-          script: |
-            await github.issues.createComment({
-              ...context.repo,
-              issue_number: context.payload.pull_request.number,
-              body:
-            `Thanks for contributing! We do not accept community changes to these files at this time.
-            - '.github/workflows/**'
-            - '.github/CODEOWNERS'
-            - 'translations/**'
-            - 'assets/fonts/**'
-            - 'data/graphql/**'
-            - 'lib/graphql/**'
-            - 'lib/redirects/**'
-            - 'lib/webhooks/**'`
-            })
-            await github.issues.update({
-              ...context.repo,
-              issue_number: context.payload.pull_request.number,
-              state: 'closed'
-            })

.github/workflows/codeql.yml

@@ -2,6 +2,9 @@ name: CodeQL analysis
 
 on:
   push:
+    branches: main
+  pull_request:
+    branches: main
     paths:
       - '**/*.js'
       - '.github/workflows/codeql.yml'

.github/workflows/confirm-internal-staff-work-in-docs.yml

@@ -17,7 +17,8 @@ jobs:
     continue-on-error: true
     if: github.repository == 'github/docs'
     steps:
-      - uses: actions/github-script@626af12fe9a53dc2972b48385e7fe7dec79145c9
+      - id: membership_check
+        uses: actions/github-script@626af12fe9a53dc2972b48385e7fe7dec79145c9
         with:
           github-token: ${{ secrets.DOCUBOT_FR_PROJECT_BOARD_WORKFLOWS_REPO_ORG_READ_SCOPES }}
           script: |
@@ -61,10 +62,10 @@ jobs:
               body: `@${context.payload.sender.login} opened https://github.com/github/docs/issues/${issueNo} publicly in the github/docs repo, instead of the private github/docs-internal repo.\n\n@${context.payload.sender.login}, please confirm that this belongs in the public repo and that no sensitive information was disclosed by commenting below and closing the issue.\n\nIf this was not intentional and sensitive information was shared, please delete https://github.com/github/docs/issues/${issueNo} and notify us in the \#docs-open-source channel.\n\nThanks! \n\n/cc @github/docs @github/docs-engineering`
             });
 
-            throw new Error('A Hubber opened an issue on the public github/docs repo');
+            core.setOutput('did_warn', 'true')
 
       - name: Send Slack notification if a GitHub employee who isn't on the docs team opens an issue in public
-        if: ${{ failure() && github.repository == 'github/docs' }}
+        if: ${{ steps.membership_check.outputs.did_warn && github.repository == 'github/docs' }}
         uses: someimportantcompany/github-actions-slack-message@0b470c14b39da4260ed9e3f9a4f1298a74ccdefd
         with:
           channel: ${{ secrets.DOCS_OPEN_SOURCE_SLACK_CHANNEL_ID }}

.github/workflows/triage-unallowed-contributions.yml

@@ -0,0 +1,117 @@
+name: Check unallowed file changes
+
+on:
+  push:
+
+jobs:
+  triage:
+    if: github.repository == 'github/docs' && github.event.pull_request.user.login != 'Octomerger'
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
+      - name: Get pull request number
+        id: pull-number
+        uses: actions/github-script@626af12fe9a53dc2972b48385e7fe7dec79145c9
+        with:
+          github-token: ${{secrets.GITHUB_TOKEN}}
+          result-encoding: string
+          script: |
+            const pulls = await github.repos.listPullRequestsAssociatedWithCommit({
+              ...context.repo,
+              commit_sha: context.sha
+            })
+
+            return pulls.data.map(pull => pull.number).shift()
+      - name: Check for existing requested changes
+        id: requested-change
+        uses: actions/github-script@626af12fe9a53dc2972b48385e7fe7dec79145c9
+        with:
+          github-token: ${{secrets.GITHUB_TOKEN}}
+          result-encoding: json
+          script: |
+            const pullReviews = await github.pulls.listReviews({
+              ...context.repo,
+              pull_number: ${{steps.pull-number.outputs.result}}
+            })
+
+            return pullReviews.data
+              .filter(review => review.user.login === 'github-actions[bot]')
+              .sort((a, b) => new Date(b.submitted_at) - new Date(a.submitted_at))
+              .shift()
+      - name: Get files changed
+        uses: dorny/paths-filter@eb75a1edc117d3756a18ef89958ee59f9500ba58
+        id: filter
+        with:
+          # Base branch used to get changed files
+          base: 'main'
+
+          # Enables setting an output in the format in `${FILTER_NAME}_files
+          # with the names of the matching files formatted as JSON array
+          list-files: json
+
+          # Returns list of changed files matching each filter
+          filters: |
+            translation:
+              - 'translations/**'
+            openapi:
+              - 'lib/rest/static/**'
+            notAllowed:
+              - '.github/workflows/**'
+              - '.github/CODEOWNERS'
+              - 'translations/**'
+              - 'assets/fonts/**'
+              - 'data/graphql/**'
+              - 'lib/graphql/**'
+              - 'lib/redirects/**'
+              - 'lib/rest/**'
+              - 'lib/webhooks/**'
+
+      # When there are changes to files we can't accept
+      # and no review exists,leave a REQUEST_CHANGES review
+      - name: Request pull request changes
+        # Check for no reviews or reviews that aren't CHANGES_REQUESTED
+        if: ${{ steps.filter.outputs.notAllowed == 'true' && (!steps.requested-change.outputs.result || fromJson(steps.requested-change.outputs.result).state != 'CHANGES_REQUESTED') }}
+        uses: actions/github-script@626af12fe9a53dc2972b48385e7fe7dec79145c9
+        with:
+          github-token: ${{secrets.GITHUB_TOKEN}}
+          script: |
+            const changedFiles = ${{steps.filter.outputs.notAllowed_files}}
+            const restFiles = ${{steps.filter.outputs.openapi_files}}
+            const translationFiles = ${{steps.filter.outputs.translation_files}}
+            const markdownFiles = changedFiles.map(file => `- \`${file}\`\n`).join('')
+
+            let reviewMessage = `👋 Hey there spelunker. It looks like you've modified some files that we can't accept as contributions.\n${markdownFiles}\n\nYou'll need to revert all of these ☝️ files using [GitHub Desktop](https://docs.github.com/en/free-pro-team@latest/desktop/contributing-and-collaborating-using-github-desktop/reverting-a-commit) or \`git checkout origin/main <file name>\`. Once you get those files reverted, we can continue with the review process. :octocat:`
+
+            if (restFiles.length > 0) {
+              reviewMessage += "\n\nIt looks like you've modified the OpenAPI schema (`lib/rest/static/**`). While we aren't accepting changes to the schema directly, you can open an issue for any updates to the REST API docs. Head on over to the [`github/rest-api-description`](https://github.com/github/rest-api-description/issues/new?assignees=&labels=Inaccuracy&template=schema-inaccuracy.md&title=%5BSchema+Inaccuracy%5D+%3CDescribe+Problem%3E) repository to open an issue. ⚡"
+            }
+
+            if (translationFiles.length > 0) {
+              await github.issues.addLabels({
+                ...context.repo,
+                issue_number: ${{steps.pull-number.outputs.result}},
+                labels: ['localization']
+              })
+              reviewMessage += "\n\nIt looks like you've modified translated content. Unfortunately, we are not able to accept pull requests for translated content. Our translation process involves an integration with an external service at crowdin.com, where all translation activity happens. We hope to eventually open up the translation process to the open source community, but we're not there yet. See https://github.com/github/docs/blob/main/CONTRIBUTING.md#earth_asia-translations for more details."
+            }
+
+            await github.pulls.createReview({
+              ...context.repo,
+              pull_number: ${{steps.pull-number.outputs.result}},
+              body: reviewMessage,
+              event: 'REQUEST_CHANGES'
+            })
+      # When the most recent review was CHANGES_REQUESTED and the existing
+      # PR no longer contains unallowed changes, dismiss the previous review
+      - name: Dismiss pull request review
+        if: ${{ steps.filter.outputs.notAllowed == 'false' && fromJson(steps.requested-change.outputs.result).state == 'CHANGES_REQUESTED' }}
+        uses: actions/github-script@626af12fe9a53dc2972b48385e7fe7dec79145c9
+        with:
+          github-token: ${{secrets.GITHUB_TOKEN}}
+          script: |
+            await github.pulls.dismissReview({
+              ...context.repo,
+              pull_number: ${{steps.pull-number.outputs.result}},
+              review_id: ${{fromJson(steps.requested-change.outputs.result).id}},
+              message: `✨Looks like you reverted all files we don't accept contributions for. 🙌 A member of the docs team will review your PR soon. 🚂`
+            })

content/actions/creating-actions/creating-a-javascript-action.md

@@ -176,7 +176,7 @@ git tag -a -m "My first action release" v1
 git push --follow-tags
 ```
 
-As an alternative to checking in your `node_modules` directory you can use a tool called [`@vercel/ncc`](https://github.com/vercel/ncc) to compile your code and modules into one file used for distribution.
+Checking in your `node_modules` directory can cause problems. As an alternative, you can use a tool called [`@vercel/ncc`](https://github.com/vercel/ncc) to compile your code and modules into one file used for distribution.
 
 1. Install `vercel/ncc` by running this command in your terminal.
   `npm i -g @vercel/ncc`

content/actions/guides/building-and-testing-java-with-maven.md

@@ -53,7 +53,7 @@ jobs:
         with:
           java-version: 1.8
       - name: Build with Maven
-        run: mvn -B package --file pom.xml
+        run: mvn --batch-mode --update-snapshots verify
 ```
 {% endraw %}
 
@@ -85,7 +85,7 @@ steps:
     with:
       java-version: 1.8
   - name: Run the Maven verify phase
-    run: mvn -B verify --file pom-ci.xml
+    run: mvn --batch-mode --update-snapshots verify
 ```
 {% endraw %}
 
@@ -108,7 +108,7 @@ steps:
       key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
       restore-keys: ${{ runner.os }}-m2
   - name: Build with Maven
-    run: mvn -B package --file pom.xml
+    run: mvn --batch-mode --update-snapshots verify
 ```
 {% endraw %}
 
@@ -125,7 +125,7 @@ Maven will usually create output files like JARs, EARs, or WARs in the `target`
 steps:
   - uses: actions/checkout@v2
   - uses: actions/setup-java@v1
-  - run: mvn -B package --file pom.xml
+  - run: mvn --batch-mode --update-snapshots verify
   - run: mkdir staging && cp target/*.jar staging
   - uses: actions/upload-artifact@v2
     with:

content/actions/guides/publishing-java-packages-with-maven.md

@@ -84,7 +84,7 @@ jobs:
           server-username: MAVEN_USERNAME
           server-password: MAVEN_PASSWORD
       - name: Publish package
-        run: mvn -B deploy
+        run: mvn --batch-mode deploy
         env:
           MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }}
           MAVEN_PASSWORD: ${{ secrets.OSSRH_TOKEN }}
@@ -143,7 +143,7 @@ jobs:
         with:
           java-version: 1.8
       - name: Publish package
-        run: mvn -B deploy
+        run: mvn --batch-mode deploy
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 ```
@@ -182,7 +182,7 @@ jobs:
           server-username: MAVEN_USERNAME
           server-password: MAVEN_PASSWORD
       - name: Publish to the Maven Central Repository
-        run: mvn -B deploy
+        run: mvn --batch-mode deploy
         env:
           MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }}
           MAVEN_PASSWORD: ${{ secrets.OSSRH_TOKEN }}
@@ -191,7 +191,7 @@ jobs:
         with:
           java-version: 1.8
       - name: Publish to GitHub Packages
-        run: mvn -B deploy
+        run: mvn --batch-mode deploy
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 ```

content/actions/reference/events-that-trigger-workflows.md

@@ -139,7 +139,7 @@ jobs:
 
 | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` |
 | ------------------ | ------------ | ------------ | ------------------|
-| [repository_dispatch](/webhooks/event-payloads/#repository_dispatch) | n/a | Last commit on the `GITHUB_REF` branch | Branch that received dispatch |
+| [repository_dispatch](/webhooks/event-payloads/#repository_dispatch) | n/a | Last commit on default branch | Default branch |
 
 {% data reusables.github-actions.branch-requirement %}
 
@@ -699,6 +699,8 @@ on:
 
 {% data reusables.webhooks.workflow_run_desc %}
 
+{% data reusables.github-actions.branch-requirement %}
+
 | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` |
 | --------------------- | -------------- | ------------ | -------------|	
 | [`workflow_run`](/webhooks/event-payloads/#workflow_run) | - n/a | Last commit on default branch | Default branch |	

content/actions/reference/workflow-syntax-for-github-actions.md

@@ -249,9 +249,9 @@ The name of the job displayed on {% data variables.product.prodname_dotcom %}.
 
 ### `jobs.<job_id>.needs`
 
-Identifies any jobs that must complete successfully before this job will run. It can be a string or array of strings. If a job fails, all jobs that need it are skipped unless the jobs use a conditional statement that causes the job to continue.
+Identifies any jobs that must complete successfully before this job will run. It can be a string or array of strings. If a job fails, all jobs that need it are skipped unless the jobs use a conditional expression that causes the job to continue.
 
-#### Example
+#### Example requiring dependent jobs to be successful
 
 ```yaml
 jobs:
@@ -270,6 +270,20 @@ The jobs in this example run sequentially:
 2. `job2`
 3. `job3`
 
+#### Example not requiring dependent jobs to be successful
+
+```yaml
+jobs:
+  job1:
+  job2:
+    needs: job1
+  job3:
+    if: always()
+    needs: [job1, job2]
+```
+
+In this example, `job3` uses the `always()` conditional expression so that it always runs after `job1` and `job2` have completed, regardless of whether they were successful. For more information, see "[Context and expression syntax](/actions/reference/context-and-expression-syntax-for-github-actions#job-status-check-functions)."
+
 ### `jobs.<job_id>.runs-on`
 
 **Required** The type of machine to run the job on. The machine can be either a {% data variables.product.prodname_dotcom %}-hosted runner or a self-hosted runner.

content/discussions/guides/finding-discussions-across-multiple-repositories.md

@@ -10,7 +10,7 @@ versions:
 ### Finding discussions
 
 1. Navigate to {% data variables.product.prodname_dotcom_the_website %}.
-1. In the top-right corner of {% data variables.product.prodname_dotcom_the_website %}, click your profile photo, then click **Your enterprises**.
+1. In the top-right corner of {% data variables.product.prodname_dotcom_the_website %}, click your profile photo, then click **Your discussions**.
   !["Your discussions" in drop-down menu for profile photo on {% data variables.product.product_name %}](/assets/images/help/discussions/your-discussions.png)
 1. Toggle between **Created** and **Commented** to see the discussions you've created or participated in.
 

content/github/authenticating-to-github/removing-sensitive-data-from-a-repository.md

@@ -40,6 +40,12 @@ To replace all text listed in `passwords.txt` wherever it can be found in your r
 $ bfg --replace-text passwords.txt
 ```
 
+After the sensitive data is removed, you must force push your changes to {% data variables.product.product_name %}.
+
+```shell
+$ git push --force
+```
+
 See the [BFG Repo-Cleaner](http://rtyley.github.io/bfg-repo-cleaner/)'s documentation for full usage and download instructions.
 
 #### Using filter-branch

content/github/creating-cloning-and-archiving-repositories/about-code-owners.md

@@ -39,9 +39,9 @@ For code owners to receive review requests, the CODEOWNERS file must be on the b
 
 ### CODEOWNERS syntax
 
-A CODEOWNERS file uses a pattern that follows the same rules used in [gitignore](https://git-scm.com/docs/gitignore#_pattern_format) files. The pattern is followed by one or more {% data variables.product.prodname_dotcom %} usernames or team names using the standard `@username` or `@org/team-name` format. You can also refer to a user by an email address that has been added to their {% data variables.product.product_name %} account, for example `user@example.com`.
+A CODEOWNERS file uses a pattern that follows most of the same rules used in [gitignore](https://git-scm.com/docs/gitignore#_pattern_format) files, with [some exceptions](#syntax-exceptions). The pattern is followed by one or more {% data variables.product.prodname_dotcom %} usernames or team names using the standard `@username` or `@org/team-name` format. You can also refer to a user by an email address that has been added to their {% data variables.product.product_name %} account, for example `user@example.com`.
 
-If any line in your CODEOWNERS file contains invalid syntax, the file will not be detected and will not be used to request reviews. Invalid syntax includes inline comments and user or team names that do not exist on {% data variables.product.product_name %}.
+If any line in your CODEOWNERS file contains invalid syntax, the file will not be detected and will not be used to request reviews.
 #### Example of a CODEOWNERS file
 ```
 # This is a comment.
@@ -83,6 +83,13 @@ apps/ @octocat
 # subdirectories.
 /docs/ @doctocat
 ```
+#### Syntax exceptions
+There are some syntax rules for gitignore files that do not work in CODEOWNERS files:
+- Escaping a pattern starting with `#` using `\` so it is treated as a pattern and not a comment
+- Using `!` to negate a pattern
+- Using `[ ]` to define a character range
+
+
 
 ### Further reading
 

content/github/developing-online-with-codespaces/configuring-codespaces-for-your-project.md

@@ -15,7 +15,7 @@ versions:
 
 {% data reusables.codespaces.about-configuration %}
 
-If you don't define a configuration in your repository, {% data variables.product.prodname_dotcom %} creates a codespace with a base Linux image. The base Linux image includes tools for Node.js, JavaScript, TypeScript, Python, C++, Java, C#, .NET Core, PHP, and PowerShell. For more information about the base Linux image, see the [`microsoft/vscode-dev-containers`](https://github.com/microsoft/vscode-dev-containers/tree/master/containers/codespaces-linux) repository.
+If you don't define a configuration in your repository, {% data variables.product.prodname_dotcom %} creates a codespace with a base Linux image. The base Linux image includes tools for Python, Node.js, JavaScript, TypeScript, C++, Java, C#, F#, .NET Core, PHP, PowerShell, Go, Ruby, and Rust. For more information about the base Linux image, see the [`microsoft/vscode-dev-containers`](https://github.com/microsoft/vscode-dev-containers/tree/master/containers/codespaces-linux) repository.
 
 {% data reusables.codespaces.about-personalization %} {% data reusables.codespaces.codespace-config-order %} For more information, see "[Personalizing {% data variables.product.prodname_codespaces %} for your account](/github/developing-online-with-codespaces/personalizing-codespaces-for-your-account)."
 

content/github/setting-up-and-managing-billing-and-payments-on-github/about-billing-for-github-actions.md

@@ -8,7 +8,9 @@ versions:
 
 ### About billing for {% data variables.product.prodname_actions %}
 
-{% data reusables.github-actions.actions-billing %} {% data reusables.github-actions.actions-spending-limit %}
+{% data reusables.github-actions.actions-billing %}
+
+{% data reusables.github-actions.actions-spending-limit-brief %} For more information, see "[About spending limits](#about-spending-limits)."
 
 Minutes reset every month, while storage usage does not.
 
@@ -69,8 +71,8 @@ Your {% data variables.product.prodname_actions %} usage shares your account's e
 
 ### About spending limits
 
-By default, your account will have a spending limit of $0 for {% data variables.product.prodname_actions %} usage. To enable using minutes and storage for private repositories beyond the amounts included with your account, you can increase the spending limit or allow unlimited spending. For more information, see "[Managing your spending limit for {% data variables.product.prodname_actions %}](/github/setting-up-and-managing-billing-and-payments-on-github/managing-your-spending-limit-for-github-actions)."
+{% data reusables.github-actions.actions-spending-limit-detailed %}
 
-{% data reusables.github-actions.spending-limit-enterprise-account %}
+For information on managing and changing your account's spending limit, see "[Managing your spending limit for {% data variables.product.prodname_actions %}](/github/setting-up-and-managing-billing-and-payments-on-github/managing-your-spending-limit-for-github-actions)."
 
 {% data reusables.dotcom_billing.actions-packages-unpaid-account %}

content/github/setting-up-and-managing-billing-and-payments-on-github/about-billing-for-github-packages.md

@@ -10,6 +10,8 @@ versions:
 
 {% data reusables.package_registry.packages-billing %}
 
+{% data reusables.package_registry.packages-spending-limit-brief %} For more information, see "[About spending limits](#about-spending-limits)."
+
 {% data reusables.package_registry.container-registry-beta-billing-note %}
 
 Data transfer resets every month, while storage usage does not.
@@ -50,8 +52,8 @@ Your {% data variables.product.prodname_registry %} usage shares your account's
 
 ### About spending limits
 
-By default, your account will have a spending limit of $0 for {% data variables.product.prodname_registry %} usage. To enable storage and data transfer for private packages beyond the amounts included with your account, you can increase the spending limit or allow unlimited spending. For more information, see "[Managing your spending limit for {% data variables.product.prodname_registry %}](/github/setting-up-and-managing-billing-and-payments-on-github/managing-your-spending-limit-for-github-packages)."
+{% data reusables.package_registry.packages-spending-limit-detailed %}
 
-{% data reusables.package_registry.spending-limit-enterprise-account %}
+For information on managing and changing your account's spending limit, see "[Managing your spending limit for {% data variables.product.prodname_registry %}](/github/setting-up-and-managing-billing-and-payments-on-github/managing-your-spending-limit-for-github-packages)."
 
 {% data reusables.dotcom_billing.actions-packages-unpaid-account %}

content/github/setting-up-and-managing-billing-and-payments-on-github/managing-your-spending-limit-for-github-actions.md

@@ -8,13 +8,15 @@ versions:
 
 ### About spending limits for {% data variables.product.prodname_actions %}
 
-{% data reusables.github-actions.actions-billing %} {% data reusables.github-actions.actions-spending-limit %}
+{% data reusables.github-actions.actions-billing %}
 
-You can set a higher spending limit or, for some accounts, allow unlimited spending. If you pay for your organization or enterprise account by invoice, you can prepay for overages to set a higher spending limit. The spending limit applies to your combined overages for {% data variables.product.prodname_actions %} and {% data variables.product.prodname_registry %}. For more information about pricing for {% data variables.product.prodname_actions %} usage, see "[About billing for {% data variables.product.prodname_actions %}](/github/setting-up-and-managing-billing-and-payments-on-github/about-billing-for-github-actions)."
+{% data reusables.github-actions.actions-spending-limit-brief %}
 
-As soon as you set a spending limit above $0, you will be responsible for any overages that occurred in the past. For example, if your organization uses {% data variables.product.prodname_team %}, does not allow overages, and creates workflow artifacts that increase your storage usage for the month from 1.9GB to 2.1GB, you will use slightly more storage than the 2GB your product includes.
+{% data reusables.actions.actions-packages-set-spending-limit %} For more information about pricing for {% data variables.product.prodname_actions %} usage, see "[About billing for {% data variables.product.prodname_actions %}](/github/setting-up-and-managing-billing-and-payments-on-github/about-billing-for-github-actions)."
 
-Because you have not enabled overages, your next attempt to publish a version of the package will fail. You will not receive a bill for the 0.1GB overage that month. However, if you enable overages in a future month, your first bill will include the 0.1GB of overage from the past in addition to any overages for the current billing cycle.
+As soon as you set a spending limit other than $0, you will be responsible for any existing overages in the current billing period. For example, if your organization uses {% data variables.product.prodname_team %}, does not allow overages, and creates workflow artifacts that increase your storage usage for the month from 1.9GB to 2.1GB, you will use slightly more storage than the 2GB your product includes.
+
+Because you have not enabled overages, your next attempt to create a workflow artifact will fail. You will not receive a bill for the 0.1GB overage that month. However, if you enable overages, your first bill will include the 0.1GB of existing overage for the current billing cycle, as well as any additional overages you accrue.
 
 ### Managing the spending limit for {% data variables.product.prodname_actions %} for your user account
 
@@ -30,8 +32,6 @@ Anyone can manage the spending limit for {% data variables.product.prodname_acti
 
 Organizations owners and billing managers can manage the spending limit for {% data variables.product.prodname_actions %} for an organization.
 
-If you pay for your organization account by invoice, you cannot manage the spending limit for your enterprise account on {% data variables.product.product_name %}. If you want to allow repositories owned by your organization to use {% data variables.product.prodname_actions %} beyond the storage or data transfer included for each repository, you can prepay for overages. Because overages must prepaid, you cannot enable unlimited spending on accounts paid by invoice. Your spending limit will be 150% of the amount you prepaid. If you have any questions, [contact our account management team](https://enterprise.github.com/contact).
-
 {% data reusables.profile.access_profile %}
 {% data reusables.profile.access_org %}
 {% data reusables.organizations.org_settings %}
@@ -44,8 +44,6 @@ If you pay for your organization account by invoice, you cannot manage the spend
 
 Enterprise owners and billing managers can manage the spending limit for {% data variables.product.prodname_actions %} for an enterprise account.
 
-{% data reusables.github-actions.spending-limit-enterprise-account %}
-
 {% data reusables.enterprise-accounts.access-enterprise %}
 {% data reusables.enterprise-accounts.settings-tab %}
 {% data reusables.enterprise-accounts.billing-tab %}

content/github/setting-up-and-managing-billing-and-payments-on-github/managing-your-spending-limit-for-github-packages.md

@@ -10,11 +10,13 @@ versions:
 
 {% data reusables.package_registry.packages-billing %}
 
-You can set a higher spending limit or, for some accounts, allow unlimited spending. If you pay for your organization or enterprise account by invoice, you can prepay for overages to set a higher spending limit. The spending limit applies to your combined overages for {% data variables.product.prodname_registry %} and {% data variables.product.prodname_actions %}. For more information about pricing for {% data variables.product.prodname_registry %} usage, see "[About billing for {% data variables.product.prodname_registry %}](/github/setting-up-and-managing-billing-and-payments-on-github/about-billing-for-github-packages)."
+{% data reusables.package_registry.packages-spending-limit-brief %}
 
-As soon as you set a spending limit above $0, you will be responsible for any overages that occurred in the past. For example, if your organization uses {% data variables.product.prodname_team %}, does not allow overages, and publishes a new version of a private package that increases your storage usage for the month from 1.9GB to 2.1GB, publishing the version will use slightly more than the 2GB your product includes.
+{% data reusables.actions.actions-packages-set-spending-limit %} For more information about pricing for {% data variables.product.prodname_registry %} usage, see "[About billing for {% data variables.product.prodname_registry %}](/github/setting-up-and-managing-billing-and-payments-on-github/about-billing-for-github-packages)."
 
-Because you have not enabled overages, your next attempt to publish a version of the package will fail. You will not receive a bill for the 0.1GB overage that month. However, if you enable overages in a future month, your first bill will include the 0.1GB of overage from the past in addition to any overages for the current billing cycle.
+As soon as you set a spending limit other than $0, you will be responsible for any existing overages in the current billing period. For example, if your organization uses {% data variables.product.prodname_team %}, does not allow overages, and publishes a new version of a private package that increases your storage usage for the month from 1.9GB to 2.1GB, publishing the version will use slightly more than the 2GB your product includes.
+
+Because you have not enabled overages, your next attempt to publish a version of the package will fail. You will not receive a bill for the 0.1GB overage that month. However, if you enable overages, your first bill will include the 0.1GB of existing overage for the current billing cycle, as well as any additional overages you accrue.
 
 ### Managing the spending limit for {% data variables.product.prodname_registry %} for your user account
 
@@ -30,8 +32,6 @@ Anyone can manage the spending limit for {% data variables.product.prodname_regi
 
 Organizations owners and billing managers can manage the spending limit for {% data variables.product.prodname_registry %} for an organization.
 
-If you pay for your organization account by invoice, you cannot manage the spending limit for your enterprise account on {% data variables.product.product_name %}. If you want to allow repositories owned by your organization to use {% data variables.product.prodname_registry %} beyond the storage or data transfer included for each repository, you can prepay for overages. Because overages must prepaid, you cannot enable unlimited spending on accounts paid by invoice. Your spending limit will be 150% of the amount you prepaid. If you have any questions, [contact our account management team](https://enterprise.github.com/contact).
-
 {% data reusables.profile.access_profile %}
 {% data reusables.profile.access_org %}
 {% data reusables.organizations.org_settings %}
@@ -44,8 +44,6 @@ If you pay for your organization account by invoice, you cannot manage the spend
 
 Enterprise owners and billing managers can manage the spending limit for {% data variables.product.prodname_registry %} for an enterprise account.
 
-{% data reusables.package_registry.spending-limit-enterprise-account %}
-
 {% data reusables.enterprise-accounts.access-enterprise %}
 {% data reusables.enterprise-accounts.settings-tab %}
 {% data reusables.enterprise-accounts.billing-tab %}

content/github/site-policy/github-additional-product-terms.md

@@ -4,7 +4,7 @@ versions:
   free-pro-team: '*'
 ---
 
-Version Effective Date: December 7, 2020
+Version Effective Date: December 14, 2020
 
 When you create an Account, you're given access to lots of different features and products that are all a part of the Service. Because many of these features and products offer different functionality, they may require additional terms and conditions specific to that feature or product. Below, we've listed those features and products, along with the corresponding additional terms that apply to your use of them.
 
@@ -46,13 +46,11 @@ GitHub Pages are subject to some specific bandwidth and usage limits, and may no
 ### 5. Actions and Packages
 
 #### a. Actions Usage
-GitHub Actions enables you to create custom software development lifecycle workflows directly in your GitHub repository. Each Account comes with included compute and storage quantities for use with Actions, depending on your Account plan, which can be found in the [Actions documentation](/actions). Your Actions compute usage is displayed within [your account settings](https://github.com/settings/billing), and you will be notified by email in advance of reaching the limit of your included quantities. If you want to use Actions beyond your included quantities, then you may [enable overages](/github/setting-up-and-managing-billing-and-payments-on-github/about-billing-for-github-actions).
+GitHub Actions is billed on a usage basis. The [Actions documentation](/actions) includes details, including compute and storage quantities (depending on your Account plan), and how to monitor your Actions minutes usage and set usage limits. 
 
-Compute usage for included and paid quantities is calculated in minutes based on the type of Actions you execute (e.g. Linux, Windows, macOS). The minutes used for each Action's job or task will be rounded up to the nearest minute. For included quantities and depending on the type of Action, a multiplier may be applied to the amount of time used to execute each job or task, prior to being rounded up to the nearest minute. Overage minutes are charged at the [stated per minute price](https://github.com/features/actions) based on the type of Actions you execute. Actions and Packages share storage, and your storage usage is displayed within your [account settings](https://github.com/settings/billing). For additional details about included quantity usage calculations, see the [Actions documentation](/actions).
-
-Actions and any elements of the Action service may not be used in violation of the Agreement, the [Acceptable Use Policy](/github/site-policy/github-acceptable-use-policies), or the GitHub Actions [service limitations](/actions/reference/usage-limits-billing-and-administration/#usage-limits). Additionally, Actions should not be used for:
+Actions and any elements of the Actions service may not be used in violation of the Agreement, the [GitHub Acceptable Use Polices](/github/site-policy/github-acceptable-use-policies), or the GitHub Actions service limitations set forth in the [Actions documentation](/actions). Additionally, Actions should not be used for:
 - cryptomining;
-- using our servers to disrupt, or to gain or to attempt to gain unauthorized access to, any service, device, data, account or network (other than those authorized by the [GitHub Bug Bounty program](https://bounty.github.com))
+- using our servers to disrupt, or to gain or to attempt to gain unauthorized access to, any service, device, data, account, or network (other than those authorized by the [GitHub Bug Bounty program](https://bounty.github.com));
 - the provision of a stand-alone or integrated application or service offering Actions or any elements of Actions for commercial purposes;
 - any activity that places a burden on our servers, where that burden is disproportionate to the benefits provided to users (for example, don't use Actions as a content delivery network or as part of a serverless application, but a low benefit Action could be ok if it’s also low burden); or
 - any other activity unrelated to the production, testing, deployment, or publication of the software project associated with the repository where GitHub Actions are used.
@@ -60,16 +58,7 @@ Actions and any elements of the Action service may not be used in violation of t
 In order to prevent violations of these limitations and abuse of GitHub Actions, GitHub may monitor your use of GitHub Actions. Misuse of GitHub Actions may result in termination of jobs, or restrictions in your ability to use GitHub Actions.
 
 #### b. Packages Usage
-GitHub Packages may be used to download, publish, and manage packages of Content. Each Account plan comes with included bandwidth and storage quantities for use with Packages, which can be found in the [Packages documentation](/github/managing-packages-with-github-package-registry/about-github-package-registry). Actions and Packages share storage between the two Service features. Storage and bandwidth usage are displayed within your [account settings](https://github.com/settings/billing), and you will be notified by email in advance of reaching the limit of your included quantities. If you want to use Packages beyond your included bandwidth and storage quantities, then you may [enable overages](/github/setting-up-and-managing-billing-and-payments-on-github/about-billing-for-github-packages).
-
-Bandwidth usage is calculated based on the amount of data transferred out of your repositories through Packages, but package transfers through Actions will not count toward your included or paid quantities. Packages bandwidth usage is limited by the [Acceptable Use Policy](/github/site-policy/github-acceptable-use-policies#7-excessive-bandwidth-use), and included bandwidth quantities are determined by your [account plan](https://github.com/pricing).
-
-Actions and Packages storage usage is shared between the two Service features. Storage usage is calculated as a weighted average over the course of the month and does not reset each month. Public and private repositories have different included storage quantities, and the included quantities for private repositories depend on your [account plan](https://github.com/pricing).
-
-#### c. Payment and Billing for Actions and Packages
-Billing for Actions and Packages is usage-based. Additional quantities of Actions or Packages cannot be purchased separately.  For monthly-billed customers, you must have a payment method on file to choose to pay for additional quantities of these Service features. You will be charged on a monthly, recurring basis based on your usage in the preceding month, unless you are billed by invoice. For invoiced customers, you must pay the fees within thirty (30) days of the GitHub invoice date. For customers paying for Service feature overages in advance, unused prepaid minutes will not roll over to the next billing period and will not be refunded.
-
-You can set a monthly spending limit in your [account settings](https://github.com/settings/billing/cost_management). You will be notified by email in advance of reaching the limit of your included quantities and the designated spending limit of your paid additional quantities.
+GitHub Packages is billed on a usage basis. The [Packages documentation](/packages) includes details, including bandwidth and storage quantities (depending on your Account plan), and how to monitor your Packages usage and set usage limits. Packages bandwidth usage is limited by the [GitHub Acceptable Use Polices](/github/site-policy/github-acceptable-use-policies).
 
 ### 6. Learning Lab
 

content/packages/learn-github-packages/about-github-packages.md

@@ -46,7 +46,7 @@ You can review the package's README, some metadata like licensing, download stat
 {% if currentVersion == "free-pro-team@latest" %}
 ### About billing for {% data variables.product.prodname_registry %}
 
-{% data reusables.package_registry.packages-billing %} For more information, see "[About billing for {% data variables.product.prodname_registry %}](/github/setting-up-and-managing-billing-and-payments-on-github/about-billing-for-github-packages)."
+{% data reusables.package_registry.packages-billing %} {% data reusables.package_registry.packages-spending-limit-brief %} For more information, see "[About billing for {% data variables.product.prodname_registry %}](/github/setting-up-and-managing-billing-and-payments-on-github/about-billing-for-github-packages)."
 
 {% data reusables.package_registry.container-registry-beta-billing-note %}
 {% endif %}

data/graphql/schema.docs.graphql

@@ -13418,6 +13418,11 @@ type MarketplaceListing implements Node {
   """
   hasTermsOfService: Boolean!
 
+  """
+  Whether the creator of the app is a verified org
+  """
+  hasVerifiedOwner: Boolean!
+
   """
   A technical description of how this app works with GitHub.
   """

data/release-notes/2-20/0.yml

@@ -0,0 +1,43 @@
+date: '2020-02-11'
+sections:
+  features:
+    - 'On a repository branch, repository administrators can reject any push that contains a merge commit by enabling `Require linear history` using [branch protection rules](https://help.github.com/en/github/administering-a-repository/enabling-branch-restrictions). {% comment %} https://github.blog/changelog/2019-12-04-expanded-branch-protection-rules/ {% endcomment %}'
+    - 'Repository administrators can grant all users with push access the ability to force-push to a protected branch by enabling `Allow force pushes` using [branch protection rules](https://help.github.com/en/github/administering-a-repository/enabling-branch-restrictions). {% comment %} https://github.blog/changelog/2019-12-04-expanded-branch-protection-rules/, https://github.com/github/ce-oss-happiness/issues/42, https://github.com/github/github/pull/125950 {% endcomment %}'
+    - 'Repository administrators can grant all users with push access the ability to delete a protected branch by enabling `Allow deletions` using [branch protection rules](https://help.github.com/en/github/administering-a-repository/enabling-branch-restrictions). {% comment %} https://github.blog/changelog/2019-12-04-expanded-branch-protection-rules/ {% endcomment %}'
+    - 'Administrators can set a `maxobjectsize` limit on repositories, [limiting the size of push commits](https://help.github.com/en/enterprise/admin/installation/setting-git-push-limits) to a repository that are not in [Git LFS](https://help.github.com/en/enterprise/admin/installation/configuring-git-large-file-storage-on-github-enterprise-server). {% comment %} https://github.com/github/babeld/pull/864, https://team.githubapp.com/posts/33519, https://github.com/githubcustomers/Slack/issues/27 {% endcomment %}'
+    - 'Organization owners can create a set of default labels when creating a new repository.{% comment %} https://github.com/github/issues-projects/issues/237, https://github.com/github/issues-projects/issues/179 {% endcomment %}'
+  security_fixes:
+    - Packages have been updated to the latest security versions.
+  bugs:
+    - 'When a member of an organization tried to view a public repository in that organization, an SSO prompt could break the page display. {% comment %} https://github.com/github/github/issues/126677, https://github.com/github/github/pull/127501 {% endcomment %}'
+    - "When viewing a users' profile, the links to that users' teams could be broken. {% comment %} https://github.com/github/github/issues/131771, https://github.com/github/github/pull/131865 {% endcomment %}"
+    - 'Users with the `maintain` role were unable to edit repository topics. {% comment %} https://github.com/github/github/pull/129503, https://github.com/github/github/issues/119456 {% endcomment %}'
+    - "A user who isn't an administrator for an organization would receive a 500 error when attempting to access the sign up page. {% comment %} https://github.com/github/github/pull/129213, https://github.com/github/github/issues/129210, https://github.com/github/github/issues/129212 {% endcomment %}"
+    - 'The edit history popup would not display on gist comments. {% comment %} https://github.com/github/github/pull/129134, https://github.com/github/github/issues/128496 {% endcomment %}'
+    - 'A new account could be registered with an email that was already registered.  {% comment %} https://github.com/github/github/pull/127905, https://github.com/github/github/issues/127858 {% endcomment %}'
+    - 'A storage service was hitting a file descriptor limit and causing kernel hanging and other services to log errors. {% comment %} https://github.com/github/enterprise2/pull/18775 {% endcomment %}'
+    - 'When an autolink reference was part of a url, the hyperlink could be removed. {% comment %} https://github.com/github/github/pull/126776 {% endcomment %}'
+    - 'When adding a comment to a pull request, the `Linked Issues` section from the sidebar could disappear. {% comment %} https://github.com/github/issues-projects/issues/384, https://github.com/github/github/pull/130514 {% endcomment %}'
+    - 'When editing an existing organization invitation for a user, a duplicate header could be appear on the `Teams` table. {% comment %} https://github.com/github/github/issues/120381, https://github.com/github/github/pull/128939 {% endcomment %}'
+    - 'The `resqued` service could stop logging events when the queues became too large. {% comment %} https://github.com/github/github/pull/130087, https://github.com/github/business-support/issues/2696 {% endcomment %}'
+    - 'Self-signed certificates are not automatically generated when running the `ghe-config-apply` command for cluster and high-availability configurations. {% comment %} https://github.com/github/enterprise2/pull/18773 {% endcomment %}'
+  changes:
+    - 'No logo will be displayed for a topic if one has not been uploaded. {% comment %} https://github.com/github/github/issues/130513, https://github.com/github/github/pull/130515 {% endcomment %}'
+    - 'When viewing an issue on a mobile browser, the issue metadata is listed at the top of the page. {% comment %} https://github.com/github/github/pull/127560 {% endcomment %}'
+    - 'Consul''s top-level domain has changed from ".consul" to ".ghe.local". {% comment %} https://github.com/github/enterprise2/pull/17443, https://github.com/github/enterprise2/issues/17701 {% endcomment %}'
+    - 'The hookshot service no longer relies on ElasticSearch and only uses MySQL as a database store. {% comment %} https://github.com/github/enterprise2/pull/18158, https://github.com/github/hookshot/pull/1128, https://github.com/github/enterprise2/pull/15898 {% endcomment %}'
+    - 'Improved visual distinction between issue, project and discussion has been implemented on project note cards. {% comment %} https://github.com/github/github/pull/132038 {% endcomment %}'
+    - 'On a pull request review, a notice is displayed if a multi-line comment is truncated. {% comment %} https://github.com/github/github/issues/125948, https://github.com/github/github/pull/128677 {% endcomment %}'
+    - 'Users can view their audit log on the `Security Log` tab of their personal settings page. {% comment %} https://github.com/github/github/pull/123041{% endcomment %}'
+  known_issues:
+    - 'On a freshly set up GitHub Enterprise Server without any users, an attacker could create the first admin user. {% comment %} https://github.com/github/enterprise2/issues/1889 {% endcomment %}'
+    - 'Custom firewall rules are not maintained during an upgrade. {% comment %} https://github.com/github/enterprise2/issues/2823 {% endcomment %}'
+    - 'Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. {% comment %} https://github.com/github/github/issues/54684 {% endcomment %}'
+    - 'Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters. {% comment %} https://github.com/github/github/issues/107731 {% endcomment %}'
+    - 'When pushing to a gist, an exception could be triggered during the post-receive hook. {% comment %} https://github.com/github/github/issues/129091 {% endcomment %}'
+    - Duplicate webhook entries in the database can cause upgrades from previous versions to fail. (updated 2020-02-26)
+    - 'Upgrades and settings updates will fail if background worker configurations have been customised. {% comment %} https://github.com/github/enterprise2/issues/19119 {% endcomment %}'
+    - 'When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. {% comment %} https://github.com/github/admin-experience/issues/571 {% endcomment %}'
+    - 'When upgrading from previous versions, background job workers may not be spawned, preventing essential features such as merging pull requests. (updated 2020-04-07) {% comment %} https://github.com/github/enterprise2/issues/19232 {% endcomment %}'
+    - 'Security alerts are not reported when pushing to a repository on the command line. (updated 2020-06-23) {% comment %} https://github.com/github/github/issues/143190 {% endcomment %}'
+    - 'Dependency graph is not detecting dependencies when deployed in a cluster configuration with multiple Redis nodes. (updated 2020-06-30) {% comment %} https://github.com/github/dependency-graph/issues/81 {% endcomment %}'

data/release-notes/2-20/1.yml

@@ -0,0 +1,20 @@
+date: '2020-02-27'
+sections:
+  security_fixes:
+    - 'Packages have been updated to the latest security versions. {% comment %} https://github.com/github/enterprise2/pull/19116, https://github.com/github/enterprise2/pull/19110, https://github.com/github/enterprise2/pull/19154, https://github.com/github/enterprise2/pull/19142 {% endcomment %}'
+  bugs:
+    - 'Restore from backups would fail with an `Invalid RDB version number` error. {% comment %} https://github.com/github/enterprise2/pull/19117, https://github.com/github/enterprise2/pull/19109 {% endcomment %}'
+    - 'Upgrading an HA replica would stall indefinitely waiting for MySQL to start. {% comment %} https://github.com/github/enterprise2/pull/19168, https://github.com/github/enterprise2/pull/19101 {% endcomment %}'
+    - 'PR review comments with unexpected values for "position" or "original_position" caused imports to fail. {% comment %} https://github.com/github/github/pull/135439, https://github.com/github/github/pull/135374 {% endcomment %}'
+    - 'Duplicate webhook entries in the database could cause upgrades from previous versions to fail. {% comment %} https://github.com/github/hookshot/pull/1541, https://github.com/github/hookshot/pull/1426, https://github.com/github/hookshot/pull/1540 {% endcomment %}'
+  known_issues:
+    - 'On a freshly set up GitHub Enterprise Server without any users, an attacker could create the first admin user. {% comment %} https://github.com/github/enterprise2/issues/1889 {% endcomment %}'
+    - 'Custom firewall rules are not maintained during an upgrade. {% comment %} https://github.com/github/enterprise2/issues/2823 {% endcomment %}'
+    - 'Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. {% comment %} https://github.com/github/github/issues/54684 {% endcomment %}'
+    - 'Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters. {% comment %} https://github.com/github/github/issues/107731 {% endcomment %}'
+    - 'When pushing to a gist, an exception could be triggered during the post-receive hook. {% comment %} https://github.com/github/github/issues/129091 {% endcomment %}'
+    - 'Upgrades and settings updates will fail if background worker configurations have been customised. {% comment %} https://github.com/github/enterprise2/issues/19119 {% endcomment %}'
+    - 'When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. {% comment %} https://github.com/github/admin-experience/issues/571 {% endcomment %}'
+    - 'When upgrading from previous versions, background job workers may not be spawned, preventing essential features such as merging pull requests. (updated 2020-04-07) {% comment %} https://github.com/github/enterprise2/issues/19232 {% endcomment %}'
+    - 'Security alerts are not reported when pushing to a repository on the command line. (updated 2020-06-23) {% comment %} https://github.com/github/github/issues/143190 {% endcomment %}'
+    - 'Dependency graph is not detecting dependencies when deployed in a cluster configuration with multiple Redis nodes. (updated 2020-06-30) {% comment %} https://github.com/github/dependency-graph/issues/81 {% endcomment %}'

data/release-notes/2-20/10.yml

@@ -0,0 +1,20 @@
+date: '2020-06-23'
+sections:
+  security_fixes:
+    - 'Packages have been updated to the latest security versions. {% comment %} https://github.com/github/enterprise2/pull/20746, https://github.com/github/enterprise2/pull/20727 {% endcomment %}'
+  bugs:
+    - 'Excessively large log events could lead to log forwarding instability when UDP was used as the transport mechanism. {% comment %} https://github.com/github/enterprise2/pull/20457, https://github.com/github/enterprise2/pull/20445 {% endcomment %}'
+    - "Automatic unsuspension of a user through SSO did not complete if the SSH keys attribute had keys already associated with the user's account. {% comment %} https://github.com/github/github/pull/143474, https://github.com/github/github/pull/142927 {% endcomment %}"
+    - 'The repository permission hash from the REST API indicated no access for business members who have pull access to internal repositories. {% comment %} https://github.com/github/github/pull/144755, https://github.com/github/github/pull/144292 {% endcomment %}'
+    - 'Previewing a GitHub App description written in markdown was not properly rendered. {% comment %} https://github.com/github/github/pull/145038, https://github.com/github/github/pull/133360 {% endcomment %}'
+    - 'The audit log did not include branch protection changes events. {% comment %} https://github.com/github/github/pull/145995, https://github.com/github/github/pull/145014 {% endcomment %}'
+    - "Trying to assign code review to a member of an empty team would result in a '500 Internal Server Error'. {% comment %} https://github.com/github/github/pull/146328, https://github.com/github/github/pull/139330 {% endcomment %}"
+    - 'Code review assignment using the load balancing algorithm could repeatedly assign to the same team member. {% comment %} https://github.com/github/github/pull/146329, https://github.com/github/github/pull/136504 {% endcomment %}'
+  known_issues:
+    - 'On a freshly set up GitHub Enterprise Server without any users, an attacker could create the first admin user. {% comment %} https://github.com/github/enterprise2/issues/1889 {% endcomment %}'
+    - 'Custom firewall rules are not maintained during an upgrade. {% comment %} https://github.com/github/enterprise2/issues/2823 {% endcomment %}'
+    - 'Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. {% comment %} https://github.com/github/github/issues/54684 {% endcomment %}'
+    - 'Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters. {% comment %} https://github.com/github/github/issues/107731 {% endcomment %}'
+    - 'When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. {% comment %} https://github.com/github/admin-experience/issues/571 {% endcomment %}'
+    - 'Security alerts are not reported when pushing to a repository on the command line. {% comment %} https://github.com/github/github/issues/143190 {% endcomment %}'
+    - 'Dependency graph is not detecting dependencies when deployed in a cluster configuration with multiple Redis nodes. (updated 2020-06-30) {% comment %} https://github.com/github/dependency-graph/issues/81 {% endcomment %}'

data/release-notes/2-20/11.yml

@@ -0,0 +1,18 @@
+date: '2020-07-09'
+sections:
+  security_fixes:
+    - '**MEDIUM:** Updated nginx to 1.16.1 and addressed CVE-2019-20372. (updated 2020-07-22) {% comment %} https://github.com/github/enterprise2/pull/21251 {% endcomment %}'
+    - 'Packages have been updated to the latest security versions. {% comment %} https://github.com/github/enterprise2/pull/21088, https://github.com/github/enterprise2/pull/21036 {% endcomment %}'
+  bugs:
+    - 'Dependency graph was not detecting dependencies when deployed in a cluster configuration with multiple Redis nodes. {% comment %} https://github.com/github/enterprise2/pull/21260, https://github.com/github/enterprise2/pull/21102 {% endcomment %}'
+    - 'Certain log files did not rotate every 7 days. {% comment %} https://github.com/github/enterprise2/pull/21278, https://github.com/github/enterprise2/pull/21264 {% endcomment %}'
+    - 'Rapid reuse of webhook source ports resulted in rejected connections. {% comment %} https://github.com/github/enterprise2/pull/21289 {% endcomment %}'
+    - 'Incorrect background jobs could attempt to run on instances configured as passive replicas. {% comment %} https://github.com/github/enterprise2/pull/21318, https://github.com/github/enterprise2/pull/21212, https://github.com/github/enterprise2/issues/21167 {% endcomment %}'
+    - 'Internal repositories were not correctly included in search results for SAML-enabled orgs. {% comment %} https://github.com/github/github/pull/147503, https://github.com/github/github/pull/145692 {% endcomment %}'
+  known_issues:
+    - 'On a freshly set up GitHub Enterprise Server without any users, an attacker could create the first admin user. {% comment %} https://github.com/github/enterprise2/issues/1889 {% endcomment %}'
+    - 'Custom firewall rules are not maintained during an upgrade. {% comment %} https://github.com/github/enterprise2/issues/2823 {% endcomment %}'
+    - 'Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. {% comment %} https://github.com/github/github/issues/54684 {% endcomment %}'
+    - 'Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters. {% comment %} https://github.com/github/github/issues/107731 {% endcomment %}'
+    - 'When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. {% comment %} https://github.com/github/admin-experience/issues/571 {% endcomment %}'
+    - 'Security alerts are not reported when pushing to a repository on the command line. {% comment %} https://github.com/github/github/issues/143190 {% endcomment %}'

data/release-notes/2-20/12.yml

@@ -0,0 +1,16 @@
+date: '2020-07-21'
+sections:
+  security_fixes:
+    - 'Packages have been updated to the latest security versions. {% comment %} https://github.com/github/enterprise2/pull/21437, https://github.com/github/enterprise2/pull/21402, https://github.com/github/enterprise2/pull/21495, https://github.com/github/enterprise2/pull/21479 {% endcomment %}'
+  bugs:
+    - 'The Management Console monitor graphs would sometimes not display correctly on larger screens. {% comment %} https://github.com/github/enterprise2/pull/21397, https://github.com/github/enterprise2/pull/21381 {% endcomment %}'
+    - 'GitHub App Manifest creation flow was unusable in some scenarios when a SameSite Cookie policy was applied. {% comment %} https://github.com/github/github/pull/147826, https://github.com/github/github/pull/144121 {% endcomment %}'
+  changes:
+    - 'Improvements to HAProxy scaling. {% comment %} https://github.com/github/enterprise2/pull/21383 {% endcomment %}'
+  known_issues:
+    - 'On a freshly set up GitHub Enterprise Server without any users, an attacker could create the first admin user. {% comment %} https://github.com/github/enterprise2/issues/1889 {% endcomment %}'
+    - 'Custom firewall rules are not maintained during an upgrade. {% comment %} https://github.com/github/enterprise2/issues/2823 {% endcomment %}'
+    - 'Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. {% comment %} https://github.com/github/github/issues/54684 {% endcomment %}'
+    - 'Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters. {% comment %} https://github.com/github/github/issues/107731 {% endcomment %}'
+    - 'When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. {% comment %} https://github.com/github/admin-experience/issues/571 {% endcomment %}'
+    - 'Security alerts are not reported when pushing to a repository on the command line. {% comment %} https://github.com/github/github/issues/143190 {% endcomment %}'

data/release-notes/2-20/13.yml

@@ -0,0 +1,21 @@
+date: '2020-08-11'
+sections:
+  security_fixes:
+    - '**CRITICAL:** A remote code execution vulnerability was identified in GitHub Pages that could allow an attacker to execute commands as part building a GitHub Pages site. This issue was due to an outdated and vulnerable dependency used in the Pages build process. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Server instance.  This vulnerability affected all versions of GitHub Enterprise Server. To mitigate this vulnerability, Kramdown has been updated to address CVE-2020-14001. {% comment %} https://github.com/github/pages/pull/2836, https://github.com/github/pages/pull/2827 {% endcomment %}'
+    - '**HIGH:** An attacker could inject a malicious argument into a Git sub-command when executed on GitHub Enterprise Server. This could allow an attacker to overwrite arbitrary files with partially user-controlled content and potentially execute arbitrary commands on the GitHub Enterprise Server instance. To exploit this vulnerability, an attacker would need permission to access repositories within the GitHub Enterprise Server instance. However, due to other protections in place, we could not identify a way to actively exploit this vulnerability. This vulnerability was reported through the GitHub Security Bug Bounty program. {% comment %} https://github.com/github/github/pull/151097 {% endcomment %}'
+    - 'Packages have been updated to the latest security versions. {% comment %} https://github.com/github/enterprise2/pull/21811, https://github.com/github/enterprise2/pull/21700 {% endcomment %}'
+  bugs:
+    - 'A Consul configuration error prevented some background jobs from being processed on standalone instances. {% comment %} https://github.com/github/enterprise2/pull/21464 {% endcomment %}'
+    - 'The service memory allocation calculation could allocate an incorrect or unbounded memory allocation to a service resulting in poor system performance. {% comment %} https://github.com/github/enterprise2/pull/21716 {% endcomment %}'
+    - 'The virtualization platform for oVirt KVM systems was not properly detected, causing problems during upgrades. {% comment %} https://github.com/github/enterprise2/pull/21730, https://github.com/github/enterprise2/pull/21669 {% endcomment %}'
+    - "The error message for invalid authentication with a password via Git command line didn't populate the URL linking to adding the appropriate token or SSH key. {% comment %} https://github.com/github/github/pull/149714 {% endcomment %}"
+    - 'GitHub Connect was using a deprecated GitHub.com API endpoint. {% comment %} https://github.com/github/github/pull/150828, https://github.com/github/github/pull/150545 {% endcomment %}'
+    - 'Issues could not be sorted by *Recently updated* on repositories migrated to a new instance. {% comment %} https://github.com/github/github/pull/150843, https://github.com/github/github/pull/149330 {% endcomment %}'
+    - 'The 404 page contained GitHub.com contact and status links in the footer. {% comment %} https://github.com/github/github/pull/151316 {% endcomment %}'
+  known_issues:
+    - 'On a freshly set up GitHub Enterprise Server without any users, an attacker could create the first admin user. {% comment %} https://github.com/github/enterprise2/issues/1889 {% endcomment %}'
+    - 'Custom firewall rules are not maintained during an upgrade. {% comment %} https://github.com/github/enterprise2/issues/2823 {% endcomment %}'
+    - 'Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. {% comment %} https://github.com/github/github/issues/54684 {% endcomment %}'
+    - 'Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters. {% comment %} https://github.com/github/github/issues/107731 {% endcomment %}'
+    - 'When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. {% comment %} https://github.com/github/admin-experience/issues/571 {% endcomment %}'
+    - 'Security alerts are not reported when pushing to a repository on the command line. {% comment %} https://github.com/github/github/issues/143190 {% endcomment %}'

data/release-notes/2-20/14.yml

@@ -0,0 +1,12 @@
+date: '2020-08-12'
+sections:
+  bugs:
+    - 'Resolved an issue that could lead to high CPU usage while generating system configuration templates. {% comment %} https://github.com/github/enterprise2/pull/21784, https://github.com/github/enterprise2/pull/21741 {% endcomment %}'
+    - 'Recent changes to memory allocations could lead to a degradation in system performance {% comment %} https://github.com/github/enterprise2/pull/22067 {% endcomment %}'
+  known_issues:
+    - 'On a freshly set up GitHub Enterprise Server without any users, an attacker could create the first admin user. {% comment %} https://github.com/github/enterprise2/issues/1889 {% endcomment %}'
+    - 'Custom firewall rules are not maintained during an upgrade. {% comment %} https://github.com/github/enterprise2/issues/2823 {% endcomment %}'
+    - 'Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. {% comment %} https://github.com/github/github/issues/54684 {% endcomment %}'
+    - 'Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters. {% comment %} https://github.com/github/github/issues/107731 {% endcomment %}'
+    - 'When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. {% comment %} https://github.com/github/admin-experience/issues/571 {% endcomment %}'
+    - 'Security alerts are not reported when pushing to a repository on the command line. {% comment %} https://github.com/github/github/issues/143190 {% endcomment %}'

data/release-notes/2-20/15.yml

@@ -0,0 +1,24 @@
+date: '2020-08-26'
+sections:
+  security_fixes:
+    - >-
+      **CRITICAL:** A remote code execution vulnerability was identified in GitHub Pages that could be exploited when building a GitHub Pages site. User-controlled configuration of the underlying parsers used by GitHub Pages were not sufficiently restricted and made it possible to execute commands on the GitHub Enterprise Server instance. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Server instance. This vulnerability affected all versions of GitHub Enterprise Server. The underlying issues contributing to this vulnerability were identified both internally and through the GitHub Security Bug Bounty program. We have issued CVE-2020-10518. {% comment %} https://github.com/github/pages/pull/2883, https://github.com/github/pages/pull/2902, https://github.com/github/pages/pull/2894, https://github.com/github/pages/pull/2877, https://github.com/github/pages-gem/pull/700,
+      https://github.com/github/pages/pull/2890, https://github.com/github/pages/pull/2898, https://github.com/github/pages/pull/2909, https://github.com/github/pages/pull/2891, https://github.com/github/pages/pull/2884, https://github.com/github/pages/pull/2889 {% endcomment %}
+    - '**MEDIUM:** An improper access control vulnerability was identified that allowed authenticated users of the instance to determine the names of unauthorized private repositories given their numerical IDs. This vulnerability did not allow unauthorized access to any repository content besides the name. This vulnerability affected all versions of GitHub Enterprise Server prior to 2.22 and has been assigned [CVE-2020-10517](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10517). The vulnerability was reported via the [GitHub Bug Bounty program](https://bounty.github.com). {% comment %} https://github.com/github/github/pull/151987, https://github.com/github/github/pull/151713 {% endcomment %}'
+    - 'Packages have been updated to the latest security versions. {% comment %} https://github.com/github/enterprise2/pull/21852, https://github.com/github/enterprise2/pull/21828, https://github.com/github/enterprise2/pull/22153, https://github.com/github/enterprise2/pull/21920, https://github.com/github/enterprise2/pull/22215, https://github.com/github/enterprise2/pull/22190 {% endcomment %}'
+  bugs:
+    - 'A message was not logged when the ghe-config-apply process had finished running ghe-es-auto-expand. {% comment %} https://github.com/github/enterprise2/pull/22177, https://github.com/github/enterprise2/pull/22171 {% endcomment %}'
+    - 'Excessive logging to the `syslog` file could occur on high-availability replicas if the primary appliance is unavailable. {% comment %} https://github.com/github/enterprise2/pull/22267, https://github.com/github/enterprise2/pull/22124 {% endcomment %}'
+    - "Database re-seeding on a replica could fail with an error: `Got packet bigger than 'max_allowed_packet'` {% comment %} https://github.com/github/enterprise2/pull/22321, https://github.com/github/enterprise2/pull/20063 {% endcomment %}"
+    - 'In some cases duplicate user data could cause a 500 error while running the ghe-license-usage script. {% comment %} https://github.com/github/github/pull/152638 {% endcomment %}'
+  changes:
+    - 'In a high availability or geo-replication configuration, replica instances would exit maintenance mode when ghe-config-apply ran. {% comment %} https://github.com/github/enterprise2/pull/21776, https://github.com/github/enterprise2/pull/21440 {% endcomment %}'
+    - "We've added support for the R5a and R5n AWS instance types. {% comment %} https://github.com/github/enterprise2/pull/21902, https://github.com/github/enterprise2/pull/21173 {% endcomment %}"
+    - 'Removed the license seat count information on the administrative SSH MOTD due to a performance issue impacting GitHub Enterprise Server clusters. {% comment %} https://github.com/github/enterprise2/pull/21993, https://github.com/github/enterprise2/pull/21870 {% endcomment %}'
+  known_issues:
+    - 'On a freshly set up GitHub Enterprise Server without any users, an attacker could create the first admin user. {% comment %} https://github.com/github/enterprise2/issues/1889 {% endcomment %}'
+    - 'Custom firewall rules are not maintained during an upgrade. {% comment %} https://github.com/github/enterprise2/issues/2823 {% endcomment %}'
+    - 'Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. {% comment %} https://github.com/github/github/issues/54684 {% endcomment %}'
+    - 'Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters. {% comment %} https://github.com/github/github/issues/107731 {% endcomment %}'
+    - 'When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. {% comment %} https://github.com/github/admin-experience/issues/571 {% endcomment %}'
+    - 'Security alerts are not reported when pushing to a repository on the command line. {% comment %} https://github.com/github/github/issues/143190 {% endcomment %}'

data/release-notes/2-20/16.yml

@@ -0,0 +1,12 @@
+date: '2020-09-08'
+sections:
+  bugs:
+    - 'A service health check caused session growth resulting in filesystem inode exhaustion. {% comment %} https://github.com/github/enterprise2/pull/22480, https://github.com/github/enterprise2/pull/22475 {% endcomment %}'
+    - "Upgrading using a hotpatch could fail with an error: `'libdbi1' was not found` {% comment %} https://github.com/github/enterprise2/pull/22558, https://github.com/github/enterprise2/pull/22552 {% endcomment %}"
+  known_issues:
+    - 'On a freshly set up GitHub Enterprise Server without any users, an attacker could create the first admin user. {% comment %} https://github.com/github/enterprise2/issues/1889 {% endcomment %}'
+    - 'Custom firewall rules are not maintained during an upgrade. {% comment %} https://github.com/github/enterprise2/issues/2823 {% endcomment %}'
+    - 'Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. {% comment %} https://github.com/github/github/issues/54684 {% endcomment %}'
+    - 'Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters. {% comment %} https://github.com/github/github/issues/107731 {% endcomment %}'
+    - 'When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. {% comment %} https://github.com/github/admin-experience/issues/571 {% endcomment %}'
+    - 'Security alerts are not reported when pushing to a repository on the command line. {% comment %} https://github.com/github/github/issues/143190 {% endcomment %}'

data/release-notes/2-20/17.yml

@@ -0,0 +1,12 @@
+date: '2020-09-23'
+sections:
+  security_fixes:
+    - '**MEDIUM**:  ImageMagick has been updated to address [DSA-4715-1](https://www.debian.org/security/2020/dsa-4715). {% comment %} https://github.com/github/enterprise2/pull/22625, https://github.com/github/enterprise2/pull/22610 {% endcomment %}'
+    - 'Packages have been updated to the latest security versions. {% comment %} https://github.com/github/enterprise2/pull/22601, https://github.com/github/enterprise2/pull/22592, https://github.com/github/enterprise2/pull/22605, https://github.com/github/enterprise2/pull/22426, https://github.com/github/enterprise2/pull/22718, https://github.com/github/enterprise2/pull/22699 {% endcomment %}'
+  known_issues:
+    - 'On a freshly set up GitHub Enterprise Server without any users, an attacker could create the first admin user. {% comment %} https://github.com/github/enterprise2/issues/1889 {% endcomment %}'
+    - 'Custom firewall rules are not maintained during an upgrade. {% comment %} https://github.com/github/enterprise2/issues/2823 {% endcomment %}'
+    - 'Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. {% comment %} https://github.com/github/github/issues/54684 {% endcomment %}'
+    - 'Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters. {% comment %} https://github.com/github/github/issues/107731 {% endcomment %}'
+    - 'When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. {% comment %} https://github.com/github/admin-experience/issues/571 {% endcomment %}'
+    - 'Security alerts are not reported when pushing to a repository on the command line. {% comment %} https://github.com/github/github/issues/143190 {% endcomment %}'

data/release-notes/2-20/18.yml

@@ -0,0 +1,25 @@
+date: '2020-10-09'
+sections:
+  security_fixes:
+    - 'A user whose LDAP directory username standardizes to an existing GHES account login could authenticate into the existing account. {% comment %} https://github.com/github/github/pull/156518, https://github.com/github/github/pull/155512 {% endcomment %}'
+    - 'Packages have been updated to the latest security versions. {% comment %} https://github.com/github/enterprise2/pull/22910, https://github.com/github/enterprise2/pull/22878 {% endcomment %}'
+  bugs:
+    - 'The NameID Format dropdown in the Management Console would be reset to "unspecified" after setting it to "persistent". {% comment %} https://github.com/github/enterprise2/pull/22403, https://github.com/github/enterprise2/pull/22331, https://github.com/github/enterprise2/issues/13446 {% endcomment %}'
+    - 'Saving settings via the [management console](https://docs.github.com/en/enterprise-server@latest/admin/configuration/accessing-the-management-console) would append a newline to the [TLS/SSL certificate and key](https://docs.github.com/en/enterprise-server@latest/admin/configuration/configuring-tls) files which triggered unnecessary reloading of some services. {% comment %} https://github.com/github/enterprise2/pull/22607, https://github.com/github/enterprise2/pull/22540 {% endcomment %}'
+    - 'System logs for Dependency Graph were not rotating, allowing unbounded storage growth. {% comment %} https://github.com/github/enterprise2/pull/22765, https://github.com/github/enterprise2/pull/22733 {% endcomment %}'
+    - 'Links to GitHub Security Advisories would use a URL with the hostname of the GitHub Enterprise Server instance instead of GitHub.com, directing the user to a nonexistent URL. {% comment %} https://github.com/github/github/pull/153444, https://github.com/github/github/pull/151301 {% endcomment %}'
+    - 'When importing a repository with `ghe-migrator`, an unexpected exception could occur when inconsistent data is present. {% comment %} https://github.com/github/github/pull/153848, https://github.com/github/github/pull/151552 {% endcomment %}'
+    - 'When using `ghe-migrator` to import PR review requests, records associated with deleted users would result in extraneous database records. {% comment %} https://github.com/github/github/pull/154958, https://github.com/github/github/pull/153169 {% endcomment %}'
+    - 'When importing users with `ghe-migrator`, an error of "Emails is invalid" would occur if the system-generated email address were longer than 100 characters. {% comment %} https://github.com/github/github/pull/155112, https://github.com/github/github/pull/152418 {% endcomment %}'
+    - 'Logging webhook activity could use large amounts of disk space and cause the root disk to become full. {% comment %} https://github.com/github/github/pull/155655, https://github.com/github/github/pull/154100 {% endcomment %}'
+  changes:
+    - 'Support is added for the AWS EC2 instance type `m5.16xlarge`. {% comment %} https://github.com/github/enterprise2/pull/22500, https://github.com/github/enterprise2/pull/22473 {% endcomment %}'
+    - 'Remove the requirement for SSH fingerprints in `ghe-migrator` archives as it can always be computed. {% comment %} https://github.com/github/github/pull/156944, https://github.com/github/github/pull/155387 {% endcomment %}'
+    - 'GitHub App Manifests now include the `request_oauth_on_install` field. {% comment %} https://github.com/github/github/pull/156996, https://github.com/github/github/pull/155010, https://github.com/github/ecosystem-apps/issues/1055 {% endcomment %}'
+  known_issues:
+    - 'On a freshly set up GitHub Enterprise Server without any users, an attacker could create the first admin user. {% comment %} https://github.com/github/enterprise2/issues/1889 {% endcomment %}'
+    - 'Custom firewall rules are not maintained during an upgrade. {% comment %} https://github.com/github/enterprise2/issues/2823 {% endcomment %}'
+    - 'Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. {% comment %} https://github.com/github/github/issues/54684 {% endcomment %}'
+    - 'Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters. {% comment %} https://github.com/github/github/issues/107731 {% endcomment %}'
+    - 'When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. {% comment %} https://github.com/github/admin-experience/issues/571 {% endcomment %}'
+    - 'Security alerts are not reported when pushing to a repository on the command line. {% comment %} https://github.com/github/github/issues/143190 {% endcomment %}'

data/release-notes/2-20/19.yml

@@ -0,0 +1,13 @@
+date: '2020-10-20'
+sections:
+  security_fixes:
+    - 'Packages have been updated to the latest security versions. {% comment %} https://github.com/github/enterprise2/pull/23095, https://github.com/github/enterprise2/pull/23081 {% endcomment %}'
+  bugs:
+    - 'The enterprise account "Confirm two-factor requirement policy" messaging was incorrect. {% comment %} https://github.com/github/github/pull/158737 {% endcomment %}'
+  known_issues:
+    - 'On a freshly set up GitHub Enterprise Server without any users, an attacker could create the first admin user. {% comment %} https://github.com/github/enterprise2/issues/1889 {% endcomment %}'
+    - 'Custom firewall rules are not maintained during an upgrade. {% comment %} https://github.com/github/enterprise2/issues/2823 {% endcomment %}'
+    - 'Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. {% comment %} https://github.com/github/github/issues/54684 {% endcomment %}'
+    - 'Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters. {% comment %} https://github.com/github/github/issues/107731 {% endcomment %}'
+    - 'When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. {% comment %} https://github.com/github/admin-experience/issues/571 {% endcomment %}'
+    - 'Security alerts are not reported when pushing to a repository on the command line. {% comment %} https://github.com/github/github/issues/143190 {% endcomment %}'

data/release-notes/2-20/2.yml

@@ -0,0 +1,27 @@
+date: '2020-03-10'
+sections:
+  security_fixes:
+    - 'Packages have been updated to the latest security versions. {% comment %} https://github.com/github/enterprise2/pull/19204, https://github.com/github/enterprise2/pull/19187 {% endcomment %}'
+  bugs:
+    - 'In some cases the forwarded log entries, mainly for audit.log were getting truncated. {% comment %} https://github.com/github/enterprise2/pull/19244, https://github.com/github/enterprise2/pull/19192, https://github.com/github/enterprise2/issues/16655 {% endcomment %}'
+    - 'The `ghe-license-check` command-line utility returned an "Invalid license file" error for some valid licenses, causing configuration changes to fail. {% comment %} https://github.com/github/enterprise2/pull/19249, https://github.com/github/enterprise2/pull/19185, https://github.zendesk.com/agent/tickets/549903 {% endcomment %}'
+    - 'Alambic exception logs were not forwarded by syslog. {% comment %} https://github.com/github/enterprise2/pull/19263, https://github.com/github/enterprise2/pull/19123, https://github.com/github/enterprise2/issues/18734 {% endcomment %}'
+    - 'The [`org_block event`](https://developer.github.com/v3/activity/events/types/#orgblockevent) is not unavailable but was appearing for GitHub Apps on GitHub Enterprise Server. {% comment %} https://github.com/github/github/pull/136227, https://github.com/github/github/pull/135640, https://github.com/github/ecosystem-apps/issues/693 {% endcomment %}'
+    - 'GraphQL query responses sometimes returned unmatched node identifiers for `ProtectedBranch` objects. {% comment %} https://github.com/github/github/pull/136376, https://github.com/github/github/pull/136214, https://github.com/github/github/issues/135407 {% endcomment %}'
+    - 'The GitHub App credential used by GitHub Connect failed to refresh immediately after expiry. {% comment %} https://github.com/github/github/pull/136384, https://github.com/github/github/pull/136259 {% endcomment %}'
+    - 'Leaving a comment in reply to a pull request comment was intermittently creating a pending pull request review. {% comment %} https://github.com/github/github/pull/136454, https://github.com/github/github/pull/133697, https://github.com/github/github/issues/127401 {% endcomment %}'
+    - 'Using ghe-migrator or exporting from GitHub.com, an export would silently fail to export non-image attachments. {% comment %} https://github.com/github/github/pull/136487, https://github.com/github/github/pull/134524, https://github.com/github/github/issues/134358 {% endcomment %}'
+    - 'Pre-receive hook returned 500 error on web UI when UTF-8 characters were encountered. {% comment %} https://github.com/github/github/pull/136699, https://github.com/github/github/pull/136014, https://github.com/github/github/issues/133501 {% endcomment %}'
+  changes:
+    - 'The ` ghe-license-usage  ` command-line utility includes a new `--unencrypted` option to provide visibility into the exported license usage file. {% comment %} https://github.com/github/github/pull/136134, https://github.com/github/github/pull/136000 {% endcomment %}'
+  known_issues:
+    - 'On a freshly set up GitHub Enterprise Server without any users, an attacker could create the first admin user. {% comment %} https://github.com/github/enterprise2/issues/1889 {% endcomment %}'
+    - 'Custom firewall rules are not maintained during an upgrade. {% comment %} https://github.com/github/enterprise2/issues/2823 {% endcomment %}'
+    - 'Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. {% comment %} https://github.com/github/github/issues/54684 {% endcomment %}'
+    - 'Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters. {% comment %} https://github.com/github/github/issues/107731 {% endcomment %}'
+    - 'When pushing to a gist, an exception could be triggered during the post-receive hook. {% comment %} https://github.com/github/github/issues/129091 {% endcomment %}'
+    - 'Upgrades and settings updates will fail if background worker configurations have been customised. {% comment %} https://github.com/github/enterprise2/issues/19119 {% endcomment %}'
+    - 'When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. {% comment %} https://github.com/github/admin-experience/issues/571 {% endcomment %}'
+    - 'When upgrading from previous versions, background job workers may not be spawned, preventing essential features such as merging pull requests. (updated 2020-04-07) {% comment %} https://github.com/github/enterprise2/issues/19232 {% endcomment %}'
+    - 'Security alerts are not reported when pushing to a repository on the command line. (updated 2020-06-23) {% comment %} https://github.com/github/github/issues/143190 {% endcomment %}'
+    - 'Dependency graph is not detecting dependencies when deployed in a cluster configuration with multiple Redis nodes. (updated 2020-06-30) {% comment %} https://github.com/github/dependency-graph/issues/81 {% endcomment %}'

data/release-notes/2-20/20.yml

@@ -0,0 +1,15 @@
+date: '2020-11-03'
+sections:
+  security_fixes:
+    - '**MEDIUM:** High CPU usage could be triggered by a specially crafted request to the SVN bridge resulting in Denial of Service (DoS). {% comment %} https://github.com/github/slumlord/pull/1003, https://github.com/github/slumlord/pull/1000 {% endcomment %}'
+    - "**LOW:** Incorrect token validation resulted in a reduced entropy for matching tokens during authentication. Analysis shows that in practice there's no significant security risk here. {% comment %} https://github.com/github/github/pull/159453, https://github.com/github/github/pull/159193 {% endcomment %}"
+    - 'Packages have been updated to the latest security versions. {% comment %} https://github.com/github/enterprise2/pull/23538, https://github.com/github/enterprise2/pull/23171, https://github.com/github/enterprise2/pull/23691, https://github.com/github/enterprise2/pull/23677 {% endcomment %}'
+  bugs:
+    - 'Suspended users were included in the list of suggested users, potentially hiding unsuspended users. {% comment %} https://github.com/github/github/pull/159809, https://github.com/github/github/pull/140563, https://github.com/github/github/pull/142146 {% endcomment %}'
+  known_issues:
+    - 'On a freshly set up GitHub Enterprise Server without any users, an attacker could create the first admin user. {% comment %} https://github.com/github/enterprise2/issues/1889 {% endcomment %}'
+    - 'Custom firewall rules are not maintained during an upgrade. {% comment %} https://github.com/github/enterprise2/issues/2823 {% endcomment %}'
+    - 'Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. {% comment %} https://github.com/github/github/issues/54684 {% endcomment %}'
+    - 'Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters. {% comment %} https://github.com/github/github/issues/107731 {% endcomment %}'
+    - 'When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. {% comment %} https://github.com/github/admin-experience/issues/571 {% endcomment %}'
+    - 'Security alerts are not reported when pushing to a repository on the command line. {% comment %} https://github.com/github/github/issues/143190 {% endcomment %}'

data/release-notes/2-20/21.yml

@@ -0,0 +1,14 @@
+date: '2020-11-17'
+sections:
+  security_fixes:
+    - 'Packages have been updated to the latest security versions. {% comment %} https://github.com/github/enterprise2/pull/23843, https://github.com/github/enterprise2/pull/23712 {% endcomment %}'
+  bugs:
+    - 'The babeld logs were missing a separator between seconds and microseconds. {% comment %} https://github.com/github/babeld/pull/1004, https://github.com/github/babeld/pull/1002 {% endcomment %}'
+    - 'When the enterprise account "Repository visibility change" policy was set to "Enabled", organization owners could not change the visibility of repositories within the organization. {% comment %} https://github.com/github/github/pull/160922, https://github.com/github/github/pull/160773 {% endcomment %}'
+  known_issues:
+    - 'On a freshly set up GitHub Enterprise Server without any users, an attacker could create the first admin user. {% comment %} https://github.com/github/enterprise2/issues/1889 {% endcomment %}'
+    - 'Custom firewall rules are not maintained during an upgrade. {% comment %} https://github.com/github/enterprise2/issues/2823 {% endcomment %}'
+    - 'Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. {% comment %} https://github.com/github/github/issues/54684 {% endcomment %}'
+    - 'Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters. {% comment %} https://github.com/github/github/issues/107731 {% endcomment %}'
+    - 'When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. {% comment %} https://github.com/github/admin-experience/issues/571 {% endcomment %}'
+    - 'Security alerts are not reported when pushing to a repository on the command line. {% comment %} https://github.com/github/github/issues/143190 {% endcomment %}'

data/release-notes/2-20/22.yml

@@ -0,0 +1,18 @@
+date: '2020-12-03'
+sections:
+  bugs:
+    - 'Authorization service was being detected as unhealthy due to a race condition in the bootstrap which led to  restart of the service. {% comment %} https://github.com/github/authzd/pull/1279 {% endcomment %}'
+    - 'An underlying behavior was causing a service to become unavailable during the hotpatch upgrade process. {% comment %} https://github.com/github/enterprise2/pull/24053, https://github.com/github/enterprise2/issues/23947 {% endcomment %}'
+    - 'A subset of log forwarding SSL certificates was not being applied correctly. {% comment %} https://github.com/github/enterprise2/pull/24112, https://github.com/github/enterprise2/pull/23981 {% endcomment %}'
+    - 'Email notifications sent to suspended users when they were removed from a Team or an Organization. {% comment %} https://github.com/github/github/pull/163107, https://github.com/github/github/pull/162742 {% endcomment %}'
+    - 'The way SSH certificates were applied between Organizations and Businesses was inconsistent. {% comment %} https://github.com/github/github/pull/163429, https://github.com/github/github/pull/159538, https://github.com/github/authentication/issues/115 {% endcomment %}'
+    - 'When an account was rate limited due to using incorrect passwords, it could be locked out for up to 24 hours. {% comment %} https://github.com/github/github/pull/163456, https://github.com/github/github/pull/162938, https://github.com/github/github-ds/pull/51 {% endcomment %}'
+    - 'Pull request synchronization on repositories with many references could cause worker queues to fall behind. {% comment %} https://github.com/github/github/pull/163576, https://github.com/github/github/pull/163142 {% endcomment %}'
+    - 'When signing in after attempting to visit a specific page, people were sent to the home page instead of their intended destination. {% comment %} https://github.com/github/github/pull/163785, https://github.com/github/github/pull/163579, https://github.com/github/github/pull/154117, https://github.com/github/ecosystem-apps/issues/1076 {% endcomment %}'
+  known_issues:
+    - 'On a freshly set up GitHub Enterprise Server without any users, an attacker could create the first admin user. {% comment %} https://github.com/github/enterprise2/issues/1889 {% endcomment %}'
+    - 'Custom firewall rules are not maintained during an upgrade. {% comment %} https://github.com/github/enterprise2/issues/2823 {% endcomment %}'
+    - 'Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. {% comment %} https://github.com/github/github/issues/54684 {% endcomment %}'
+    - 'Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters. {% comment %} https://github.com/github/github/issues/107731 {% endcomment %}'
+    - 'When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. {% comment %} https://github.com/github/admin-experience/issues/571 {% endcomment %}'
+    - 'Security alerts are not reported when pushing to a repository on the command line. {% comment %} https://github.com/github/github/issues/143190 {% endcomment %}'

data/release-notes/2-20/3.yml

@@ -0,0 +1,14 @@
+date: '2020-03-12'
+sections:
+  bugs:
+    - 'Upgrades and settings updates would fail if background worker configurations had been customised. {% comment %} https://github.com/github/enterprise2/pull/19321, https://github.com/github/enterprise2/pull/19299 {% endcomment %}'
+  known_issues:
+    - 'On a freshly set up GitHub Enterprise Server without any users, an attacker could create the first admin user. {% comment %} https://github.com/github/enterprise2/issues/1889 {% endcomment %}'
+    - 'Custom firewall rules are not maintained during an upgrade. {% comment %} https://github.com/github/enterprise2/issues/2823 {% endcomment %}'
+    - 'Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. {% comment %} https://github.com/github/github/issues/54684 {% endcomment %}'
+    - 'Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters. {% comment %} https://github.com/github/github/issues/107731 {% endcomment %}'
+    - 'When pushing to a gist, an exception could be triggered during the post-receive hook. {% comment %} https://github.com/github/github/issues/129091 {% endcomment %}'
+    - 'When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. {% comment %} https://github.com/github/admin-experience/issues/571 {% endcomment %}'
+    - 'When upgrading from previous versions, background job workers may not be spawned, preventing essential features such as merging pull requests. (updated 2020-04-07) {% comment %} https://github.com/github/enterprise2/issues/19232 {% endcomment %}'
+    - 'Security alerts are not reported when pushing to a repository on the command line. (updated 2020-06-23) {% comment %} https://github.com/github/github/issues/143190 {% endcomment %}'
+    - 'Dependency graph is not detecting dependencies when deployed in a cluster configuration with multiple Redis nodes. (updated 2020-06-30) {% comment %} https://github.com/github/dependency-graph/issues/81 {% endcomment %}'

data/release-notes/2-20/4.yml

@@ -0,0 +1,17 @@
+date: '2020-03-25'
+sections:
+  bugs:
+    - 'SAML Authentication requests and Metadata were not strictly encoded, causing some Identity Providers to not correctly process Service Provider initiated Authentication requests. {% comment %} https://github.com/github/github/pull/137150, https://github.com/github/github/pull/136770, https://github.com/github/github/issues/136766 {% endcomment %}'
+    - '`ghe-migrator` exports did not contain milestone users, which could break import operations. {% comment %} https://github.com/github/github/pull/138100, https://github.com/github/github/pull/137987, https://github.com/github/github/issues/137779 {% endcomment %}'
+    - 'When pushing to a Gist, an exception could be triggered during the post-receive hook. {% comment %} https://github.com/github/github/pull/138460, https://github.com/github/github/pull/138313 {% endcomment %}'
+    - '`ghe-repl-status` could fail when trying to display repositories that were not fully replicated. {% comment %} https://github.com/github/github/pull/138463, https://github.com/github/github/pull/138388 {% endcomment %}'
+  known_issues:
+    - 'On a freshly set up GitHub Enterprise Server without any users, an attacker could create the first admin user. {% comment %} https://github.com/github/enterprise2/issues/1889 {% endcomment %}'
+    - 'Custom firewall rules are not maintained during an upgrade. {% comment %} https://github.com/github/enterprise2/issues/2823 {% endcomment %}'
+    - 'Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. {% comment %} https://github.com/github/github/issues/54684 {% endcomment %}'
+    - 'Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters. {% comment %} https://github.com/github/github/issues/107731 {% endcomment %}'
+    - 'When pushing to a gist, an exception could be triggered during the post-receive hook. {% comment %} https://github.com/github/github/issues/129091 {% endcomment %}'
+    - 'When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. {% comment %} https://github.com/github/admin-experience/issues/571 {% endcomment %}'
+    - 'When upgrading from previous versions, background job workers may not be spawned, preventing essential features such as merging pull requests. (updated 2020-04-07) {% comment %} https://github.com/github/enterprise2/issues/19232 {% endcomment %}'
+    - 'Security alerts are not reported when pushing to a repository on the command line. (updated 2020-06-23) {% comment %} https://github.com/github/github/issues/143190 {% endcomment %}'
+    - 'Dependency graph is not detecting dependencies when deployed in a cluster configuration with multiple Redis nodes. (updated 2020-06-30) {% comment %} https://github.com/github/dependency-graph/issues/81 {% endcomment %}'

data/release-notes/2-20/5.yml

@@ -0,0 +1,19 @@
+date: '2020-04-07'
+sections:
+  security_fixes:
+    - 'Packages have been updated to the latest security versions. {% comment %} https://github.com/github/enterprise2/pull/19536, https://github.com/github/enterprise2/pull/19494 {% endcomment %}'
+  bugs:
+    - 'A maximum Git object size of 100MB option could not be selected for a repository when the global enterprise account had a Git object size option other than 100MB set. {% comment %} https://github.com/github/github/pull/138805, https://github.com/github/github/pull/138683 {% endcomment %}'
+    - 'Results from the the Issues and Pull Requests API could have inconsistent behaviour when ordering by the `updated_at` field. {% comment %} https://github.com/github/github/pull/139247, https://github.com/github/github/pull/138486 {% endcomment %}'
+    - 'The SecurityVulnerability `package` field could not be queried via the GraphQL API. {% comment %} https://github.com/github/github/pull/139418, https://github.com/github/github/pull/138245 {% endcomment %}'
+    - 'Changing a repository from *public* to *internal* displayed an irrelevant billing message. {% comment %} https://github.com/github/github/pull/139531, https://github.com/github/github/pull/139492 {% endcomment %}'
+  known_issues:
+    - 'On a freshly set up GitHub Enterprise Server without any users, an attacker could create the first admin user. {% comment %} https://github.com/github/enterprise2/issues/1889 {% endcomment %}'
+    - 'Custom firewall rules are not maintained during an upgrade. {% comment %} https://github.com/github/enterprise2/issues/2823 {% endcomment %}'
+    - 'Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. {% comment %} https://github.com/github/github/issues/54684 {% endcomment %}'
+    - 'Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters. {% comment %} https://github.com/github/github/issues/107731 {% endcomment %}'
+    - 'When pushing to a gist, an exception could be triggered during the post-receive hook. {% comment %} https://github.com/github/github/issues/129091 {% endcomment %}'
+    - 'When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. {% comment %} https://github.com/github/admin-experience/issues/571 {% endcomment %}'
+    - 'When upgrading from previous versions, background job workers may not be spawned, preventing essential features such as merging pull requests. {% comment %} https://github.com/github/enterprise2/issues/19232 {% endcomment %}'
+    - 'Security alerts are not reported when pushing to a repository on the command line. (updated 2020-06-23) {% comment %} https://github.com/github/github/issues/143190 {% endcomment %}'
+    - 'Dependency graph is not detecting dependencies when deployed in a cluster configuration with multiple Redis nodes. (updated 2020-06-30) {% comment %} https://github.com/github/dependency-graph/issues/81 {% endcomment %}'

data/release-notes/2-20/6.yml

@@ -0,0 +1,26 @@
+date: '2020-04-23'
+sections:
+  security_fixes:
+    - '**HIGH**: OpenSSL has been updated to address [CVE-2020-1967](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1967). {% comment %} https://github.com/github/enterprise2/pull/19889, https://github.com/github/enterprise2/pull/19885 {% endcomment %}'
+    - '**HIGH**: Git has been updated to address [CVE-2020-5260](https://github.com/git/git/security/advisories/GHSA-qm7j-c969-7j4q) and [CVE-2020-11008](https://github.com/git/git/security/advisories/GHSA-hjc9-x69f-jqj7). New restrictions prevent malicious repositories from being pushed to the server instance, protecting clients which have not yet been patched. {% comment %} https://github.com/github/git/pull/990 {% endcomment %}'
+    - '**LOW**:  ImageMagick has been updated to address [CVE-2019-10131](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10131). {% comment %} https://github.com/github/enterprise2/pull/19655, https://github.com/github/enterprise2/pull/19617 {% endcomment %}'
+    - 'Packages have been updated to the latest security versions. {% comment %} https://github.com/github/enterprise2/pull/19809, https://github.com/github/enterprise2/pull/19792, https://github.com/github/enterprise2/pull/19899, https://github.com/github/enterprise2/pull/19882 {% endcomment %}'
+  bugs:
+    - 'The git user lacked permissions to invoke the processes required to convert existing repositories using Subversion, from the v4 format to v3 LRS. {% comment %} https://github.com/github/enterprise2/pull/19465, https://github.com/github/enterprise2/pull/19150 {% endcomment %}'
+    - 'A mismatch in MySQL configurations could cause backups to fail in large installations. {% comment %} https://github.com/github/enterprise2/pull/19688, https://github.com/github/enterprise2/pull/19409, https://github.com/github/enterprise2/issues/19055 {% endcomment %}'
+    - 'When upgrading from previous versions, background job workers would sometimes not spawn, preventing essential features such as merging pull requests. {% comment %} https://github.com/github/enterprise2/pull/19771, https://github.com/github/enterprise2/pull/19712 {% endcomment %}'
+    - "When a GitHub Enterprise Server license contained non-ASCII characters, a `GET` request to the Management Console's API `/setup/api/settings` endpoint would result in an Internal Server Error. {% comment %} https://github.com/github/enterprise2/pull/19790 {% endcomment %}"
+    - 'The recovery console would prompt for a root password, even if the root account was locked. {% comment %} https://github.com/github/enterprise2/pull/19810, https://github.com/github/enterprise2/pull/19788, https://github.com/github/enterprise2/issues/18425 {% endcomment %}'
+    - 'A CODEOWNERS file with a leading UTF-8 Byte Order Mark would cause all codeowner rules to be ignored. {% comment %} https://github.com/github/github/pull/140974, https://github.com/github/github/pull/140729 {% endcomment %}'
+  changes:
+    - 'When the orchestrator-client cron job failed, multiple emails would be sent to the root account. {% comment %} https://github.com/github/enterprise2/pull/19761, https://github.com/github/enterprise2/pull/19748 {% endcomment %}'
+    - "When an external identity provider controlled user's site administrator status, users could not be demoted via the command line utility. {% comment %} https://github.com/github/github/pull/140522, https://github.com/github/github/pull/137807, https://github.com/github/github/issues/42727 {% endcomment %}"
+  known_issues:
+    - 'On a freshly set up GitHub Enterprise Server without any users, an attacker could create the first admin user. {% comment %} https://github.com/github/enterprise2/issues/1889 {% endcomment %}'
+    - 'Custom firewall rules are not maintained during an upgrade. {% comment %} https://github.com/github/enterprise2/issues/2823 {% endcomment %}'
+    - 'Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. {% comment %} https://github.com/github/github/issues/54684 {% endcomment %}'
+    - 'Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters. {% comment %} https://github.com/github/github/issues/107731 {% endcomment %}'
+    - 'When pushing to a gist, an exception could be triggered during the post-receive hook. {% comment %} https://github.com/github/github/issues/129091 {% endcomment %}'
+    - 'When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. {% comment %} https://github.com/github/admin-experience/issues/571 {% endcomment %}'
+    - 'Security alerts are not reported when pushing to a repository on the command line. (updated 2020-06-23) {% comment %} https://github.com/github/github/issues/143190 {% endcomment %}'
+    - 'Dependency graph is not detecting dependencies when deployed in a cluster configuration with multiple Redis nodes. (updated 2020-06-30) {% comment %} https://github.com/github/dependency-graph/issues/81 {% endcomment %}'

data/release-notes/2-20/7.yml

@@ -0,0 +1,20 @@
+date: '2020-05-05'
+sections:
+  security_fixes:
+    - 'Packages have been updated to the latest security versions. {% comment %} https://github.com/github/enterprise2/pull/20027, https://github.com/github/enterprise2/pull/19997 {% endcomment %}'
+  bugs:
+    - '`ghe-repl-start` and `ghe-repl-status` displayed syntax errors. {% comment %} https://github.com/github/enterprise2/pull/19954, https://github.com/github/enterprise2/pull/19927 {% endcomment %}'
+    - 'If a repository has the "automatically delete head branches" setting enabled, the head branch wasn''t automatically deleted, when a pull request was merged by a GitHub App installation. {% comment %} https://github.com/github/github/pull/141588, https://github.com/github/github/pull/133698, https://github.com/github/github/pull/133871, https://github.com/github/github/issues/132588 {% endcomment %}'
+    - 'When an organization member was reinstated, the webhook payload reported the `ghost` user as the sender and not the actual user performing the reinstatement. {% comment %} https://github.com/github/github/pull/141731, https://github.com/github/github/pull/140609 {% endcomment %}'
+    - 'If a repository has the "automatically delete head branches" setting enabled, the head branch wasn''t automatically deleted where the head repository was different from the base repository. {% comment %} https://github.com/github/github/pull/142096, https://github.com/github/github/pull/133871 {% endcomment %}'
+    - 'The garbage collection of temporary files could lead to a license validation error. {% comment %} https://github.com/github/github/pull/142209, https://github.com/github/github/pull/142189 {% endcomment %}'
+    - 'In some situations, including when a repository is first created, the pre-receive hook would be run without a value populated for the GITHUB_REPO_PUBLIC environment variable. {% comment %} https://github.com/github/github/pull/139419, https://github.com/github/github/pull/136228, https://github.com/github/github/pull/134363 {% endcomment %}'
+  known_issues:
+    - 'On a freshly set up GitHub Enterprise Server without any users, an attacker could create the first admin user. {% comment %} https://github.com/github/enterprise2/issues/1889 {% endcomment %}'
+    - 'Custom firewall rules are not maintained during an upgrade. {% comment %} https://github.com/github/enterprise2/issues/2823 {% endcomment %}'
+    - 'Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. {% comment %} https://github.com/github/github/issues/54684 {% endcomment %}'
+    - 'Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters. {% comment %} https://github.com/github/github/issues/107731 {% endcomment %}'
+    - 'When pushing to a gist, an exception could be triggered during the post-receive hook. {% comment %} https://github.com/github/github/issues/129091 {% endcomment %}'
+    - 'When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. {% comment %} https://github.com/github/admin-experience/issues/571 {% endcomment %}'
+    - 'Security alerts are not reported when pushing to a repository on the command line. (updated 2020-06-23) {% comment %} https://github.com/github/github/issues/143190 {% endcomment %}'
+    - 'Dependency graph is not detecting dependencies when deployed in a cluster configuration with multiple Redis nodes. (updated 2020-06-30) {% comment %} https://github.com/github/dependency-graph/issues/81 {% endcomment %}'

data/release-notes/2-20/8.yml

@@ -0,0 +1,19 @@
+date: '2020-05-19'
+sections:
+  security_fixes:
+    - 'Packages have been updated to the latest security versions. {% comment %} https://github.com/github/enterprise2/pull/20108, https://github.com/github/enterprise2/pull/20086 {% endcomment %}'
+  bugs:
+    - 'After the license file was updated, services were not properly reloaded causing functionality loss. {% comment %} https://github.com/github/enterprise2/pull/20072, https://github.com/github/enterprise2/pull/19989 {% endcomment %}'
+    - 'Internal API requests updating Dependency Graph information could fail if the response body was too large. {% comment %} https://github.com/github/enterprise2/pull/20231, https://github.com/github/enterprise2/pull/20208 {% endcomment %}'
+    - 'The `affiliations` argument to some GraphQL repository connections was not respected. {% comment %} https://github.com/github/github/pull/142036, https://github.com/github/github/pull/140658 {% endcomment %}'
+    - 'Automatic unsuspension of a user through SSO did not complete if the SAML email attribute had different casing than the GitHub user email. {% comment %} https://github.com/github/github/pull/143321, https://github.com/github/github/pull/142915 {% endcomment %}'
+    - 'Restoring the membership of a user to an organization did not instrument the actor in webhook and audit log payloads. {% comment %} https://github.com/github/github/pull/143231, https://github.com/github/github/pull/140849 {% endcomment %}'
+  known_issues:
+    - 'On a freshly set up GitHub Enterprise Server without any users, an attacker could create the first admin user. {% comment %} https://github.com/github/enterprise2/issues/1889 {% endcomment %}'
+    - 'Custom firewall rules are not maintained during an upgrade. {% comment %} https://github.com/github/enterprise2/issues/2823 {% endcomment %}'
+    - 'Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. {% comment %} https://github.com/github/github/issues/54684 {% endcomment %}'
+    - 'Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters. {% comment %} https://github.com/github/github/issues/107731 {% endcomment %}'
+    - 'When pushing to a gist, an exception could be triggered during the post-receive hook. {% comment %} https://github.com/github/github/issues/129091 {% endcomment %}'
+    - 'When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. {% comment %} https://github.com/github/admin-experience/issues/571 {% endcomment %}'
+    - 'Security alerts are not reported when pushing to a repository on the command line. (updated 2020-06-23) {% comment %} https://github.com/github/github/issues/143190 {% endcomment %}'
+    - 'Dependency graph is not detecting dependencies when deployed in a cluster configuration with multiple Redis nodes. (updated 2020-06-30) {% comment %} https://github.com/github/dependency-graph/issues/81 {% endcomment %}'

data/release-notes/2-20/9.yml

@@ -0,0 +1,16 @@
+date: '2020-06-02'
+sections:
+  security_fixes:
+    - '**HIGH:** An improper access control vulnerability was identified in the GitHub Enterprise Server API that allowed an organization member to escalate permissions and gain access to unauthorized repositories within an organization. This vulnerability affected all versions of GitHub Enterprise Server prior to 2.21.  We have issued [CVE-2020-10516](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10516) in response to this issue. The vulnerability was reported via the [GitHub Bug Bounty program](https://bounty.github.com). {% comment %} https://github.com/github/github/pull/144454, https://github.com/github/github/pull/143444 {% endcomment %}'
+    - 'Packages have been updated to the latest security versions. {% comment %} https://github.com/github/enterprise2/pull/20421, https://github.com/github/enterprise2/pull/20315 {% endcomment %}'
+  bugs:
+    - 'Internet-facing GitHub Enterprise Server instances could be indexed by search engines. {% comment %} https://github.com/github/github/pull/145073, https://github.com/github/github/pull/144973 {% endcomment %}'
+  known_issues:
+    - 'On a freshly set up GitHub Enterprise Server without any users, an attacker could create the first admin user. {% comment %} https://github.com/github/enterprise2/issues/1889 {% endcomment %}'
+    - 'Custom firewall rules are not maintained during an upgrade. {% comment %} https://github.com/github/enterprise2/issues/2823 {% endcomment %}'
+    - 'Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. {% comment %} https://github.com/github/github/issues/54684 {% endcomment %}'
+    - 'Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters. {% comment %} https://github.com/github/github/issues/107731 {% endcomment %}'
+    - 'When pushing to a gist, an exception could be triggered during the post-receive hook. {% comment %} https://github.com/github/github/issues/129091 {% endcomment %}'
+    - 'When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. {% comment %} https://github.com/github/admin-experience/issues/571 {% endcomment %}'
+    - 'Security alerts are not reported when pushing to a repository on the command line. (updated 2020-06-23) {% comment %} https://github.com/github/github/issues/143190 {% endcomment %}'
+    - 'Dependency graph is not detecting dependencies when deployed in a cluster configuration with multiple Redis nodes. (updated 2020-06-30) {% comment %} https://github.com/github/dependency-graph/issues/81 {% endcomment %}'

data/release-notes/2-21/0.yml

@@ -0,0 +1,71 @@
+date: '2020-06-09'
+sections:
+  features:
+    - 'Users can [manage notifications](https://help.github.com/en/enterprise/2.21/user/github/managing-subscriptions-and-notifications-on-github/about-notifications) on issues, pull requests and other subjects when navigating from a web notification. {% comment %} https://github.com/github/enterprise-releases/issues/2135#issuecomment-633905096 {% endcomment %}'
+    - 'Users can [convert a pull request back to a "Draft"](https://github.blog/changelog/2020-04-08-convert-pull-request-to-draft/). {% comment %} https://github.com/github/releases/issues/800 {% endcomment %}'
+    - '[Multi-line suggestions](https://github.blog/changelog/2020-04-15-multi-line-code-suggestions-general-availability/) let a user suggest a specific change to multiple lines of code when reviewing a pull request. {% comment %} https://github.com/github/releases/issues/810 {% endcomment %}'
+    - 'Users with write access to a repository can [hide a comment in an issue or pull request as a "Duplicate" ](https://help.github.com/en/enterprise/2.21/user/github/building-a-strong-community/managing-disruptive-comments#hiding-a-comment). {% comment %}https://github.com/github/github/pull/131746 {% endcomment %}'
+    - 'When [creating a repository from a template](https://help.github.com/en/enterprise/2.21/user/github/creating-cloning-and-archiving-repositories/creating-a-repository-from-a-template) a user can optionally select to include all branches, rather than just the default branch. {% comment %} https://github.com/github/releases/issues/580 {% endcomment %}'
+    - '[Issue project cards include a linked pull requests section](https://github.blog/changelog/2020-02-04-project-issue-cards-include-linked-pull-requests/) so a user can see what development work is related to the issue directly from the project board. {% comment %} https://github.com/github/releases/issues/743 {% endcomment %}'
+    - 'There are a new set of ["Deleting reactions" endpoints](https://developer.github.com/changes/2020-02-26-new-delete-reactions-endpoints/) in the Reactions API. The existing "Delete reactions" endpoints will be deprecated in early 2021. {% comment %} https://developer.github.com/changes/2020-02-26-new-delete-reactions-endpoints/ {% endcomment %}'
+    - 'There are a new set of [Teams API endpoints](https://developer.github.com/changes/2020-01-21-moving-the-team-api-endpoints/) which will allow GitHub to scale and support the Teams API long-term. The existing API endpoints will be deprecated in early 2021. {% comment %} https://developer.github.com/changes/2020-01-21-moving-the-team-api-endpoints/ {% endcomment %}'
+    - 'Users can [create links between issues and pull requests](https://help.github.com/en/enterprise/2.21/user/github/managing-your-work-on-github/linking-a-pull-request-to-an-issue#manually-linking-a-pull-request-to-an-issue) without needing to use closing keywords in the pull request description. {% comment %} https://github.com/github/releases/issues/704 {% endcomment %}'
+  security_fixes:
+    - 'An improper access control vulnerability was identified in the GitHub Enterprise Server API that allowed an organization member to escalate permissions and gain access to unauthorized repositories within an organization. This vulnerability affected all versions of GitHub Enterprise Server prior to 2.21. We have issued [CVE-2020-10516](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10516) in response to this issue. The vulnerability was reported via the [GitHub Bug Bounty program](https://bounty.github.com/). {% comment %} https://developer.github.com/changes/2020-02-26-new-delete-reactions-endpoints/ {% endcomment %}'
+  bugs:
+    - "If a user with push access minimized another user's comment, the author of the comment could unminimize it even if they had insufficient privileges. {% comment %} https://github.com/github/github/pull/141237 {% endcomment %}"
+    - 'Users could accidentally merge to master from the issue template editor and blob editor. {% comment %} https://github.com/github/github/pull/134483, https://github.com/github/github/pull/134323 {% endcomment %}'
+    - 'When a user deleted an account from GitHub, the audit log records did not correctly show organization removal records. {% comment %} https://github.com/github/github/pull/140940 {% endcomment %}'
+    - 'The gist avatar for the current user would link to a non-existent URL. {% comment %} https://github.com/github/github/pull/140925 {% endcomment %}'
+    - 'The organization repositories tab count did not include internal repositories. {% comment %} https://github.com/github/github/pull/136323 {% endcomment %}'
+    - 'Clicking the "Show All Teams" button when transferring a repository caused a 500 error. {% comment %} https://github.com/github/github/pull/134455 {% endcomment %}'
+    - "Long filenames could cause overflow issues when showing the 'Changed since last view' label or the 'Show rich' diff toggle on the diff file view. {% comment %} https://github.com/github/github/pull/134453 {% endcomment %}"
+    - 'Hovercards for organization teams misreported their member size. {% comment %} https://github.com/github/github/pull/133879 {% endcomment %}'
+    - 'The pull request review comment popup window had a scrolling issue. {% comment %} https://github.com/github/github/pull/141157 {% endcomment %}'
+    - 'Haproxy could become saturated causing a slowdown in git operations. {% comment %} https://github.com/github/enterprise2/issues/19322 {% endcomment %}'
+    - 'The Dependency Graph feature was not automatically enabled after HA replica promotion. {% comment %} https://github.com/github/enterprise2/issues/18698 {% endcomment %}'
+    - 'A timeout could be triggered on the releases index page for repositories with thousands of draft pull requests. {% comment %} https://github.com/github/github/pull/131802 {% endcomment %}'
+    - 'It was not possible to filter pull requests by both state and draft at the same time. {% comment %} https://github.com/github/github/pull/132567 {% endcomment %}'
+    - 'If a pull request changed a submodule pointer, then clicking "Edit file" on that submodule file from the "Files changed" tab of the pull request page caused a 404 error. {% comment %} https://github.com/github/github/pull/132448 {% endcomment %}'
+    - 'It was not possible to add users to an organization, or delete the organization, following the bulk removal of all users and admins from that organization. {% comment %} https://github.com/github/github/pull/132238 {% endcomment %}'
+    - 'Review comments against files containing diacritics and non-Latin characters in the filename on the "Files changed" page would disappear when the page is reloaded. {% comment %} https://github.com/github/github/pull/131836 {% endcomment %}'
+    - 'The state of the "Viewed" checkbox was not retained for files containing diacritics and non-Latin characters in the filename on the "Files changed" page. {% comment %} https://github.com/github/github/pull/131836 {% endcomment %}'
+    - 'Pull requests showed the "Approved" badge when not all required reviews were in place. {% comment %} https://github.com/github/github/pull/131823 {% endcomment %}'
+    - 'The tag dropdown was empty when searching for a tag in repositories with more than 100 tags. {% comment %} https://github.com/github/github/pull/131914 {% endcomment %}'
+    - 'Pull request pages showing annotations with non UTF-8 titles could encounter encoding errors in view rendering. {% comment %} https://github.com/github/github/pull/138534 {% endcomment %}'
+    - 'A race condition for refresh on the OAuth page could cause a redirect to be executed twice. {% comment %} https://github.com/github/github/pull/131964 {% endcomment %}'
+    - 'The "Personal Access Tokens" page would timeout if there are more than 10 tokens. {% comment %} https://github.com/github/github/pull/132064 {% endcomment %}'
+    - 'Scheduled LDAP User and Team Sync jobs could be started while previously scheduled Sync jobs were still in process. A locking mechanism has been implemented to prevent new Sync jobs from starting if one is still running. {% comment %} https://github.com/github/github/pull/139205, https://github.com/github/support/issues/429, https://github.com/github/github/issues/54386, https://github.com/github/iam/issues/40 {% endcomment %}'
+  changes:
+    - 'The web notifications interface, including new [states](https://help.github.com/en/enterprise/2.21/user/github/managing-subscriptions-and-notifications-on-github/managing-notifications-from-your-inbox#triaging-options) , [filters](https://help.github.com/en/enterprise/2.21/user/github/managing-subscriptions-and-notifications-on-github/managing-notifications-from-your-inbox#supported-queries-for-custom-filters) and [shortcuts](https://help.github.com/en/enterprise/2.21/user/github/getting-started-with-github/keyboard-shortcuts#notifications) have been updated. {% comment %} https://github.com/github/enterprise-releases/issues/2135#issuecomment-633905096 {% endcomment %}'
+    - 'It is now possible to disable reactivation of LDAP users on LDAP sync. {% comment %} https://github.com/github/github/pull/139023 {% endcomment %}'
+    - 'The push protected branch wording has been updated to clarify that admins can always push and that users with the Maintain role can push when status checks pass. {% comment %} https://github.com/github/github/pull/141555 {% endcomment %}'
+    - 'Prevent blank commit when suggestion is identical to original text. {% comment %} https://github.com/github/github/pull/138587 {% endcomment %}'
+    - 'Pagination is supported as a way to get more files in the diff associated with a commit via the REST API. {% comment %} https://github.com/github/github/pull/134341 {% endcomment %}'
+    - 'Admins can enable, disable, delete, and search for webhooks using the webhook ID from the command line using `ghe-webhook-manage`. {% comment %} https://github.com/github/enterprise2/pull/19027 {% endcomment %}'
+    - 'Automatic base retargeting will happen after manual head reference cleanup for a merged pull request. {% comment %} https://github.com/github/github/pull/142133 {% endcomment %}'
+    - 'SVG files are handled as text and as images in the diff viewer. {% comment %} https://github.com/github/render/pull/1129  {% endcomment %}'
+    - 'The "auto delete branches on merge" setting can be set when creating and updating repositories using the REST API. {% comment %} https://github.com/github/github/pull/131728 {% endcomment %}'
+    - 'A new endpoint has been added to delete a deployment through the REST API. {% comment %} https://github.com/github/github/pull/128733 {% endcomment %}'
+    - 'Admins can [enable security alerts](https://help.github.com/en/enterprise/2.21/admin/installation/enabling-security-alerts-for-vulnerable-dependencies-on-github-enterprise-server#enabling-security-alerts-for-vulnerable-dependencies-on-github-enterprise-server) but disable all notifications from those alerts. {% comment %} https://github.com/github/releases/issues/841 {% endcomment %}'
+    - 'The Pages log shows the user login accessing the GitHub Pages site. {% comment %} https://github.com/github/enterprise2/pull/19905 {% endcomment %}'
+    - 'Enterprise members can see all of the organizations they belong to as part of their Enterprise account from one view by navigating to `https://[ghes-hostname]/enterprises/[account-name]`. {% comment %} https://github.com/github/releases/issues/832 {% endcomment %}'
+    - '[REST API support for triage and maintain roles](https://developer.github.com/changes/2020-04-07-expanding-rest-api-support-for-the-triage-and-maintain-roles/) has been expanded. {% comment %} https://github.com/github/releases/issues/748 {% endcomment %}'
+    - 'A user can create and share search queries that resolve to the current user by using the `@me` search syntax. {% comment %} https://github.com/github/github/pull/129624 {% endcomment %}'
+    - 'New issue template configuration options have been [added](https://github.blog/changelog/2019-10-28-new-issue-template-configuration-options/). {% comment %} https://github.com/github/releases/issues/660 {% endcomment %}'
+    - 'MySQL backup and restore reliability and time to completion has been improved. {% comment %} https://github.com/github/ghes-infrastructure/issues/162 {% endcomment %}'
+    - '[Improved visibility](https://github.blog/2020-02-06-get-more-information-at-a-glance-with-issue-and-pull-request-linking/) of pull requests and issue references in the issue sidebar, issue cards and issue list. {% comment %} https://github.com/github/releases/issues/704 {% endcomment %}'
+    - 'Users can filter and search by `linked:pr` or `linked:issue`. {% comment %} https://github.com/github/releases/issues/744 {% endcomment %}'
+    - 'Automatic failover of MySQL within a single region for Cluster deployments is now possible. {% comment %} https://github.com/github/ghes-infrastructure/issues/136 {% endcomment %}'
+    - 'A user can compare tags between two releases to determine what changes have been made on the releases page. {% comment %} https://github.com/github/github/issues/107054 {% endcomment %}'
+    - 'Outdated comments are no longer collapsed by default on the Pull Request timeline. They can be collapsed by resolving the thread. {% comment %} https://github.com/github/enterprise-web/pull/6389#issuecomment-634201583 {% endcomment %}'
+    - 'Admins can view a list of logins reserved for internal use by navigating to the "Reserved logins" stafftools tab. {% comment %} https://github.com/github/enterprise-web/pull/6389#issuecomment-637846206 {% endcomment %}'
+  known_issues:
+    - 'On a freshly set up GitHub Enterprise Server without any users, an attacker could create the first admin user. {% comment %} https://github.com/github/enterprise2/issues/1889 {% endcomment %}'
+    - 'Custom firewall rules are not maintained during an upgrade. {% comment %} https://github.com/github/enterprise2/issues/2823 {% endcomment %}'
+    - 'Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. {% comment %} https://github.com/github/github/issues/54684 {% endcomment %}'
+    - 'Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters. {% comment %} https://github.com/github/github/issues/107731 {% endcomment %}'
+    - 'When pushing to a gist, an exception could be triggered during the post-receive hook. {% comment %} https://github.com/github/github/issues/129091 {% endcomment %}'
+    - 'When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. {% comment %} https://github.com/github/admin-experience/issues/571 {% endcomment %}'
+    - 'Security alerts are not reported when pushing to a repository on the command line. (updated 2020-06-23) {% comment %} https://github.com/github/github/issues/143190 {% endcomment %}'
+    - 'Audit logs may be attributed to 127.0.0.1 instead of the actual source IP address. (updated 2020-11-02) {% comment %} https://github.com/github/enterprise2/issues/21514 {% endcomment %}'

data/release-notes/2-21/1.yml

@@ -0,0 +1,19 @@
+date: '2020-06-23'
+sections:
+  security_fixes:
+    - 'Packages have been updated to the latest security versions. {% comment %} https://github.com/github/enterprise2/pull/20747, https://github.com/github/enterprise2/pull/20727 {% endcomment %}'
+  bugs:
+    - 'Excessively large log events could lead to log forwarding instability when UDP was used as the transport mechanism. {% comment %} https://github.com/github/enterprise2/pull/20458, https://github.com/github/enterprise2/pull/20445 {% endcomment %}'
+    - 'The internal communication service used to access MySQL could restart more often than required, including part way through the upgrade process, which could cause the upgrade to partially fail. We have reduced the rate of restarts and made the code more robust. {% comment %} https://github.com/github/enterprise2/pull/20957, https://github.com/github/enterprise2/pull/20972, https://github.com/github/github/pull/146974 {% endcomment %}'
+    - "Automatic unsuspension of a user through SSO did not complete if the SSH keys attribute had keys already associated with the user's account. {% comment %} https://github.com/github/github/pull/143475, https://github.com/github/github/pull/142927 {% endcomment %}"
+    - 'The repository permission hash from the REST API indicated no access for business members who have pull access to internal repositories. {% comment %} https://github.com/github/github/pull/144756, https://github.com/github/github/pull/144292 {% endcomment %}'
+    - 'The "Repository issue deletion" Enterprise account policy did not reflect the currently saved setting. {% comment %} https://github.com/github/github/pull/145218, https://github.com/github/github/pull/145067 {% endcomment %}'
+    - 'The audit log did not include branch protection changes events. {% comment %} https://github.com/github/github/pull/145998, https://github.com/github/github/pull/145014 {% endcomment %}'
+  known_issues:
+    - 'On a freshly set up GitHub Enterprise Server without any users, an attacker could create the first admin user. {% comment %} https://github.com/github/enterprise2/issues/1889 {% endcomment %}'
+    - 'Custom firewall rules are not maintained during an upgrade. {% comment %} https://github.com/github/enterprise2/issues/2823 {% endcomment %}'
+    - 'Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. {% comment %} https://github.com/github/github/issues/54684 {% endcomment %}'
+    - 'Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters. {% comment %} https://github.com/github/github/issues/107731 {% endcomment %}'
+    - 'When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. {% comment %} https://github.com/github/admin-experience/issues/571 {% endcomment %}'
+    - 'Security alerts are not reported when pushing to a repository on the command line. {% comment %} https://github.com/github/github/issues/143190 {% endcomment %}'
+    - 'Audit logs may be attributed to 127.0.0.1 instead of the actual source IP address. (updated 2020-11-02) {% comment %} https://github.com/github/enterprise2/issues/21514 {% endcomment %}'

data/release-notes/2-21/10.yml

@@ -0,0 +1,14 @@
+date: '2020-10-20'
+sections:
+  security_fixes:
+    - 'Packages have been updated to the latest security versions. {% comment %} https://github.com/github/enterprise2/pull/23096, https://github.com/github/enterprise2/pull/23081 {% endcomment %}'
+  bugs:
+    - 'The enterprise account "Confirm two-factor requirement policy" messaging was incorrect. {% comment %} https://github.com/github/github/pull/158736 {% endcomment %}'
+  known_issues:
+    - 'On a freshly set up GitHub Enterprise Server without any users, an attacker could create the first admin user. {% comment %} https://github.com/github/enterprise2/issues/1889 {% endcomment %}'
+    - 'Custom firewall rules are not maintained during an upgrade. {% comment %} https://github.com/github/enterprise2/issues/2823 {% endcomment %}'
+    - 'Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. {% comment %} https://github.com/github/github/issues/54684 {% endcomment %}'
+    - 'Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters. {% comment %} https://github.com/github/github/issues/107731 {% endcomment %}'
+    - 'When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. {% comment %} https://github.com/github/admin-experience/issues/571 {% endcomment %}'
+    - 'Security alerts are not reported when pushing to a repository on the command line. {% comment %} https://github.com/github/github/issues/143190 {% endcomment %}'
+    - 'Audit logs may be attributed to 127.0.0.1 instead of the actual source IP address. (updated 2020-11-02) {% comment %} https://github.com/github/enterprise2/issues/21514 {% endcomment %}'

data/release-notes/2-21/11.yml

@@ -0,0 +1,17 @@
+date: '2020-11-03'
+sections:
+  security_fixes:
+    - '**MEDIUM:** High CPU usage could be triggered by a specially crafted request to the SVN bridge resulting in Denial of Service (DoS). {% comment %} https://github.com/github/slumlord/pull/1004, https://github.com/github/slumlord/pull/1000 {% endcomment %}'
+    - "**LOW:** Incorrect token validation resulted in a reduced entropy for matching tokens during authentication. Analysis shows that in practice there's no significant security risk here. {% comment %} https://github.com/github/github/pull/159455, https://github.com/github/github/pull/159193 {% endcomment %}"
+    - 'Packages have been updated to the latest security versions. {% comment %} https://github.com/github/enterprise2/pull/23539, https://github.com/github/enterprise2/pull/23171, https://github.com/github/enterprise2/pull/23692, https://github.com/github/enterprise2/pull/23677 {% endcomment %}'
+  bugs:
+    - 'Editing issues templates with filenames containing non-ASCII characters would fail with a "500 Internal Server Error". {% comment %} https://github.com/github/github/pull/160589, https://github.com/github/github/pull/159747 {% endcomment %}'
+    - 'A metric gathering method for background jobs increased CPU utilization. (updated 2020-11-03) {% comment %} https://github.com/github/github/pull/160109 {% endcomment %}'
+  known_issues:
+    - 'On a freshly set up GitHub Enterprise Server without any users, an attacker could create the first admin user. {% comment %} https://github.com/github/enterprise2/issues/1889 {% endcomment %}'
+    - 'Custom firewall rules are not maintained during an upgrade. {% comment %} https://github.com/github/enterprise2/issues/2823 {% endcomment %}'
+    - 'Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. {% comment %} https://github.com/github/github/issues/54684 {% endcomment %}'
+    - 'Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters. {% comment %} https://github.com/github/github/issues/107731 {% endcomment %}'
+    - 'When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. {% comment %} https://github.com/github/admin-experience/issues/571 {% endcomment %}'
+    - 'Security alerts are not reported when pushing to a repository on the command line. {% comment %} https://github.com/github/github/issues/143190 {% endcomment %}'
+    - 'Audit logs may be attributed to 127.0.0.1 instead of the actual source IP address. {% comment %} https://github.com/github/enterprise2/issues/21514 {% endcomment %}'

data/release-notes/2-21/12.yml

@@ -0,0 +1,15 @@
+date: '2020-11-17'
+sections:
+  security_fixes:
+    - 'Packages have been updated to the latest security versions. {% comment %} https://github.com/github/enterprise2/pull/23844, https://github.com/github/enterprise2/pull/23712 {% endcomment %}'
+  bugs:
+    - 'The babeld logs were missing a separator between seconds and microseconds. {% comment %} https://github.com/github/babeld/pull/1005, https://github.com/github/babeld/pull/1002 {% endcomment %}'
+    - 'When the enterprise account "Repository visibility change" policy was set to "Enabled", organization owners could not change the visibility of repositories within the organization. {% comment %} https://github.com/github/github/pull/160921, https://github.com/github/github/pull/160773 {% endcomment %}'
+    - 'Audit logs could be attributed to 127.0.0.1 instead of the actual source IP address. {% comment %} https://github.com/github/github/pull/162436, https://github.com/github/github/pull/161215 {% endcomment %}'
+  known_issues:
+    - 'On a freshly set up GitHub Enterprise Server without any users, an attacker could create the first admin user. {% comment %} https://github.com/github/enterprise2/issues/1889 {% endcomment %}'
+    - 'Custom firewall rules are not maintained during an upgrade. {% comment %} https://github.com/github/enterprise2/issues/2823 {% endcomment %}'
+    - 'Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. {% comment %} https://github.com/github/github/issues/54684 {% endcomment %}'
+    - 'Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters. {% comment %} https://github.com/github/github/issues/107731 {% endcomment %}'
+    - 'When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. {% comment %} https://github.com/github/admin-experience/issues/571 {% endcomment %}'
+    - 'Security alerts are not reported when pushing to a repository on the command line. {% comment %} https://github.com/github/github/issues/143190 {% endcomment %}'

data/release-notes/2-21/13.yml

@@ -0,0 +1,18 @@
+date: '2020-12-03'
+sections:
+  bugs:
+    - 'Authorization service was being detected as unhealthy due to a race condition in the bootstrap which led to  restart of the service. {% comment %} https://github.com/github/authzd/pull/1278 {% endcomment %}'
+    - 'An underlying behavior was causing a service to become unavailable during the hotpatch upgrade process. {% comment %} https://github.com/github/enterprise2/pull/24054, https://github.com/github/enterprise2/issues/23947 {% endcomment %}'
+    - 'A subset of log forwarding SSL certificates was not being applied correctly. {% comment %} https://github.com/github/enterprise2/pull/24113, https://github.com/github/enterprise2/pull/23981 {% endcomment %}'
+    - 'Email notifications sent to suspended users when they were removed from a Team or an Organization. {% comment %} https://github.com/github/github/pull/162971, https://github.com/github/github/pull/162742 {% endcomment %}'
+    - 'The way SSH certificates were applied between Organizations and Businesses was inconsistent. {% comment %} https://github.com/github/github/pull/163426, https://github.com/github/github/pull/159538, https://github.com/github/authentication/issues/115 {% endcomment %}'
+    - 'When an account was rate limited due to using incorrect passwords, it could be locked out for up to 24 hours. {% comment %} https://github.com/github/github/pull/163436, https://github.com/github/github/pull/162938, https://github.com/github/github-ds/pull/51 {% endcomment %}'
+    - 'Pull request synchronization on repositories with many references could cause worker queues to fall behind. {% comment %} https://github.com/github/github/pull/163575, https://github.com/github/github/pull/163142 {% endcomment %}'
+    - 'When signing in after attempting to visit a specific page, people were sent to the home page instead of their intended destination. {% comment %} https://github.com/github/github/pull/163784, https://github.com/github/github/pull/163579, https://github.com/github/github/pull/154117, https://github.com/github/ecosystem-apps/issues/1076 {% endcomment %}'
+  known_issues:
+    - 'On a freshly set up GitHub Enterprise Server without any users, an attacker could create the first admin user. {% comment %} https://github.com/github/enterprise2/issues/1889 {% endcomment %}'
+    - 'Custom firewall rules are not maintained during an upgrade. {% comment %} https://github.com/github/enterprise2/issues/2823 {% endcomment %}'
+    - 'Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. {% comment %} https://github.com/github/github/issues/54684 {% endcomment %}'
+    - 'Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters. {% comment %} https://github.com/github/github/issues/107731 {% endcomment %}'
+    - 'When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. {% comment %} https://github.com/github/admin-experience/issues/571 {% endcomment %}'
+    - 'Security alerts are not reported when pushing to a repository on the command line. {% comment %} https://github.com/github/github/issues/143190 {% endcomment %}'

data/release-notes/2-21/2.yml

@@ -0,0 +1,19 @@
+date: '2020-07-09'
+sections:
+  security_fixes:
+    - '**MEDIUM:** Updated nginx to 1.16.1 and addressed CVE-2019-20372. (updated 2020-07-22) {% comment %} https://github.com/github/enterprise2/pull/21252 {% endcomment %}'
+    - 'Packages have been updated to the latest security versions. {% comment %} https://github.com/github/enterprise2/pull/21089, https://github.com/github/enterprise2/pull/21036 {% endcomment %}'
+  bugs:
+    - 'Certain log files did not rotate every 7 days. {% comment %} https://github.com/github/enterprise2/pull/21279, https://github.com/github/enterprise2/pull/21264 {% endcomment %}'
+    - 'Rapid reuse of webhook source ports resulted in rejected connections. {% comment %} https://github.com/github/enterprise2/pull/21286, https://github.com/github/enterprise2/pull/21280 {% endcomment %}'
+    - 'Incorrect background jobs could attempt to run on instances configured as passive replicas. {% comment %} https://github.com/github/enterprise2/pull/21317, https://github.com/github/enterprise2/pull/21212, https://github.com/github/enterprise2/issues/21167 {% endcomment %}'
+    - 'The VPN between nodes could become unstable causing errors to be logged and free space on the root volume to be exhausted. {% comment %} https://github.com/github/enterprise2/pull/21360, https://github.com/github/enterprise2/pull/21357 {% endcomment %}'
+    - 'Internal repositories were not correctly included in search results for SAML-enabled orgs. {% comment %} https://github.com/github/github/pull/147505, https://github.com/github/github/pull/145692 {% endcomment %}'
+  known_issues:
+    - 'On a freshly set up GitHub Enterprise Server without any users, an attacker could create the first admin user. {% comment %} https://github.com/github/enterprise2/issues/1889 {% endcomment %}'
+    - 'Custom firewall rules are not maintained during an upgrade. {% comment %} https://github.com/github/enterprise2/issues/2823 {% endcomment %}'
+    - 'Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. {% comment %} https://github.com/github/github/issues/54684 {% endcomment %}'
+    - 'Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters. {% comment %} https://github.com/github/github/issues/107731 {% endcomment %}'
+    - 'When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. {% comment %} https://github.com/github/admin-experience/issues/571 {% endcomment %}'
+    - 'Security alerts are not reported when pushing to a repository on the command line. {% comment %} https://github.com/github/github/issues/143190 {% endcomment %}'
+    - 'Audit logs may be attributed to 127.0.0.1 instead of the actual source IP address. (updated 2020-11-02) {% comment %} https://github.com/github/enterprise2/issues/21514 {% endcomment %}'

data/release-notes/2-21/3.yml

@@ -0,0 +1,16 @@
+date: '2020-07-21'
+sections:
+  security_fixes:
+    - 'Packages have been updated to the latest security versions. {% comment %} https://github.com/github/enterprise2/pull/21438, https://github.com/github/enterprise2/pull/21402, https://github.com/github/enterprise2/pull/21496, https://github.com/github/enterprise2/pull/21479 {% endcomment %}'
+  bugs:
+    - 'The Management Console monitor graphs would sometimes not display correctly on larger screens. {% comment %} https://github.com/github/enterprise2/pull/21398, https://github.com/github/enterprise2/pull/21381 {% endcomment %}'
+    - 'GitHub App Manifest creation flow was unusable in some scenarios when a SameSite Cookie policy was applied. {% comment %} https://github.com/github/github/pull/147829, https://github.com/github/github/pull/144121 {% endcomment %}'
+    - "In some circumstances, accessing the 'Explore' page would throw an application error. {% comment %} https://github.com/github/github/pull/149605, https://github.com/github/github/pull/148949 {% endcomment %}"
+  known_issues:
+    - 'On a freshly set up GitHub Enterprise Server without any users, an attacker could create the first admin user. {% comment %} https://github.com/github/enterprise2/issues/1889 {% endcomment %}'
+    - 'Custom firewall rules are not maintained during an upgrade. {% comment %} https://github.com/github/enterprise2/issues/2823 {% endcomment %}'
+    - 'Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. {% comment %} https://github.com/github/github/issues/54684 {% endcomment %}'
+    - 'Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters. {% comment %} https://github.com/github/github/issues/107731 {% endcomment %}'
+    - 'When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. {% comment %} https://github.com/github/admin-experience/issues/571 {% endcomment %}'
+    - 'Security alerts are not reported when pushing to a repository on the command line. {% comment %} https://github.com/github/github/issues/143190 {% endcomment %}'
+    - 'Audit logs may be attributed to 127.0.0.1 instead of the actual source IP address. (updated 2020-11-02) {% comment %} https://github.com/github/enterprise2/issues/21514 {% endcomment %}'

data/release-notes/2-21/4.yml

@@ -0,0 +1,26 @@
+date: '2020-08-11'
+sections:
+  security_fixes:
+    - '**CRITICAL:** A remote code execution vulnerability was identified in GitHub Pages that could allow an attacker to execute commands as part building a GitHub Pages site. This issue was due to an outdated and vulnerable dependency used in the Pages build process. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Server instance.  This vulnerability affected all versions of GitHub Enterprise Server. To mitigate this vulnerability, Kramdown has been updated to address CVE-2020-14001. {% comment %} https://github.com/github/pages/pull/2835, https://github.com/github/pages/pull/2827 {% endcomment %}'
+    - '**HIGH:** High: An attacker could inject a malicious argument into a Git sub-command when executed on GitHub Enterprise Server. This could allow an attacker to overwrite arbitrary files with partially user-controlled content and potentially execute arbitrary commands on the GitHub Enterprise Server instance. To exploit this vulnerability, an attacker would need permission to access repositories within the GHES instance. However, due to other protections in place, we could not identify a way to actively exploit this vulnerability. This vulnerability was reported through the GitHub Security Bug Bounty program. {% comment %} https://github.com/github/github/pull/150936, https://github.com/github/github/pull/150634 {% endcomment %}'
+    - 'Packages have been updated to the latest security versions. {% comment %} https://github.com/github/enterprise2/pull/21679, https://github.com/github/enterprise2/pull/21542, https://github.com/github/enterprise2/pull/21812, https://github.com/github/enterprise2/pull/21700 {% endcomment %}'
+  bugs:
+    - 'A Consul configuration error prevented some background jobs from being processed on standalone instances. {% comment %} https://github.com/github/enterprise2/pull/21463 {% endcomment %}'
+    - 'The service memory allocation calculation could allocate an incorrect or unbounded memory allocation to a service resulting in poor system performance. {% comment %} https://github.com/github/enterprise2/pull/21689 {% endcomment %}'
+    - 'The virtualization platform for oVirt KVM systems was not properly detected, causing problems during upgrades. {% comment %} https://github.com/github/enterprise2/pull/21731, https://github.com/github/enterprise2/pull/21669 {% endcomment %}'
+    - "The error message for invalid authentication with a password via Git command line didn't populate the URL linking to adding the appropriate token or SSH key. {% comment %} https://github.com/github/github/pull/149607, https://github.com/github/github/pull/149351 {% endcomment %}"
+    - 'Creating an issue on a user repository using the Issue Template feature could fail with an Internal Server Error. {% comment %} https://github.com/github/github/pull/150173, https://github.com/github/github/pull/149445 {% endcomment %}'
+    - 'Visiting the *Explore* section failed with a 500 Internal Server error. {% comment %} https://github.com/github/github/pull/150512, https://github.com/github/github/pull/150504 {% endcomment %}'
+    - 'Issues could not be sorted by *Recently updated* on repositories migrated to a new instance. {% comment %} https://github.com/github/github/pull/150688, https://github.com/github/github/pull/149330 {% endcomment %}'
+    - 'GitHub Connect was using a deprecated GitHub.com API endpoint. {% comment %} https://github.com/github/github/pull/150827, https://github.com/github/github/pull/150545 {% endcomment %}'
+    - 'Internal metrics gathering for background jobs contributed to CPU and memory use unnecessarily. {% comment %} https://github.com/github/github/pull/151182, https://github.com/github/github/pull/147695 {% endcomment %}'
+    - 'The 404 page contained GitHub.com contact and status links in the footer. {% comment %} https://github.com/github/github/pull/151315 {% endcomment %}'
+    - 'Background jobs for an unreleased feature were queued and left unprocessed. {% comment %} https://github.com/github/github/pull/151395, https://github.com/github/github/pull/146248 {% endcomment %}'
+  known_issues:
+    - 'On a freshly set up GitHub Enterprise Server without any users, an attacker could create the first admin user. {% comment %} https://github.com/github/enterprise2/issues/1889 {% endcomment %}'
+    - 'Custom firewall rules are not maintained during an upgrade. {% comment %} https://github.com/github/enterprise2/issues/2823 {% endcomment %}'
+    - 'Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. {% comment %} https://github.com/github/github/issues/54684 {% endcomment %}'
+    - 'Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters. {% comment %} https://github.com/github/github/issues/107731 {% endcomment %}'
+    - 'When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. {% comment %} https://github.com/github/admin-experience/issues/571 {% endcomment %}'
+    - 'Security alerts are not reported when pushing to a repository on the command line. {% comment %} https://github.com/github/github/issues/143190 {% endcomment %}'
+    - 'Audit logs may be attributed to 127.0.0.1 instead of the actual source IP address. (updated 2020-11-02) {% comment %} https://github.com/github/enterprise2/issues/21514 {% endcomment %}'

data/release-notes/2-21/5.yml

@@ -0,0 +1,14 @@
+date: '2020-08-12'
+sections:
+  bugs:
+    - 'Resolved an issue that could lead to high CPU usage while generating system configuration templates. {% comment %} https://github.com/github/enterprise2/pull/21786, https://github.com/github/enterprise2/pull/21741 {% endcomment %}'
+    - 'Recent changes to memory allocations could lead to a degradation in system performance {% comment %} https://github.com/github/enterprise2/pull/22066 {% endcomment %}'
+    - 'Temporary connectivity issues while running database migrations could cause data loss. {% comment %} https://github.com/github/enterprise2/pull/22128, https://github.com/github/enterprise2/pull/22100 {% endcomment %}'
+  known_issues:
+    - 'On a freshly set up GitHub Enterprise Server without any users, an attacker could create the first admin user. {% comment %} https://github.com/github/enterprise2/issues/1889 {% endcomment %}'
+    - 'Custom firewall rules are not maintained during an upgrade. {% comment %} https://github.com/github/enterprise2/issues/2823 {% endcomment %}'
+    - 'Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. {% comment %} https://github.com/github/github/issues/54684 {% endcomment %}'
+    - 'Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters. {% comment %} https://github.com/github/github/issues/107731 {% endcomment %}'
+    - 'When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. {% comment %} https://github.com/github/admin-experience/issues/571 {% endcomment %}'
+    - 'Security alerts are not reported when pushing to a repository on the command line. {% comment %} https://github.com/github/github/issues/143190 {% endcomment %}'
+    - 'Audit logs may be attributed to 127.0.0.1 instead of the actual source IP address. (updated 2020-11-02) {% comment %} https://github.com/github/enterprise2/issues/21514 {% endcomment %}'

data/release-notes/2-21/6.yml

@@ -0,0 +1,26 @@
+date: '2020-08-26'
+sections:
+  security_fixes:
+    - >-
+      **CRITICAL:** A remote code execution vulnerability was identified in GitHub Pages that could be exploited when building a GitHub Pages site. User-controlled configuration of the underlying parsers used by GitHub Pages were not sufficiently restricted and made it possible to execute commands on the GitHub Enterprise Server instance. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Server instance. This vulnerability affected all versions of GitHub Enterprise Server. The underlying issues contributing to this vulnerability were identified both internally and through the GitHub Security Bug Bounty program. We have issued CVE-2020-10518. {% comment %} https://github.com/github/pages/pull/2882, https://github.com/github/pages/pull/2902, https://github.com/github/pages/pull/2894, https://github.com/github/pages/pull/2877, https://github.com/github/pages-gem/pull/700,
+      https://github.com/github/pages/pull/2889, https://github.com/github/pages/pull/2899, https://github.com/github/pages/pull/2903, https://github.com/github/pages/pull/2890, https://github.com/github/pages/pull/2891, https://github.com/github/pages/pull/2884 {% endcomment %}
+    - '**MEDIUM:** An improper access control vulnerability was identified that allowed authenticated users of the instance to determine the names of unauthorized private repositories given their numerical IDs. This vulnerability did not allow unauthorized access to any repository content besides the name. This vulnerability affected all versions of GitHub Enterprise Server prior to 2.22 and has been assigned [CVE-2020-10517](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10517). The vulnerability was reported via the [GitHub Bug Bounty program](https://bounty.github.com). {% comment %} https://github.com/github/github/pull/151986, https://github.com/github/github/pull/151713 {% endcomment %}'
+    - 'Packages have been updated to the latest security versions. {% comment %} https://github.com/github/enterprise2/pull/21853, https://github.com/github/enterprise2/pull/21828, https://github.com/github/enterprise2/pull/22154, https://github.com/github/enterprise2/pull/21920, https://github.com/github/enterprise2/pull/22216, https://github.com/github/enterprise2/pull/22190 {% endcomment %}'
+  bugs:
+    - 'A message was not logged when the ghe-config-apply process had finished running ghe-es-auto-expand. {% comment %} https://github.com/github/enterprise2/pull/22178, https://github.com/github/enterprise2/pull/22171 {% endcomment %}'
+    - 'Excessive logging to the `syslog` file could occur on high-availability replicas if the primary appliance is unavailable. {% comment %} https://github.com/github/enterprise2/pull/22268, https://github.com/github/enterprise2/pull/22124 {% endcomment %}'
+    - "Database re-seeding on a replica could fail with an error: `Got packet bigger than 'max_allowed_packet'` {% comment %} https://github.com/github/enterprise2/pull/22322, https://github.com/github/enterprise2/pull/20063 {% endcomment %}"
+    - 'In some cases duplicate user data could cause a 500 error while running the ghe-license-usage script. {% comment %} https://github.com/github/github/pull/152637 {% endcomment %}'
+    - 'Using `ghe-migrator`, the `add` command would fail to lock a repository when using the `--lock` flag. {% comment %} https://github.com/github/github/pull/152780, https://github.com/github/github/pull/152588 {% endcomment %}'
+  changes:
+    - 'In a high availability or geo-replication configuration, replica instances would exit maintenance mode when ghe-config-apply ran. {% comment %} https://github.com/github/enterprise2/pull/21777, https://github.com/github/enterprise2/pull/21440 {% endcomment %}'
+    - "We've added support for the R5a and R5n AWS instance types. {% comment %} https://github.com/github/enterprise2/pull/21903, https://github.com/github/enterprise2/pull/21173 {% endcomment %}"
+    - 'Removed the license seat count information on the administrative SSH MOTD due to a performance issue impacting GitHub Enterprise Server clusters. {% comment %} https://github.com/github/enterprise2/pull/21994, https://github.com/github/enterprise2/pull/21870 {% endcomment %}'
+  known_issues:
+    - 'On a freshly set up GitHub Enterprise Server without any users, an attacker could create the first admin user. {% comment %} https://github.com/github/enterprise2/issues/1889 {% endcomment %}'
+    - 'Custom firewall rules are not maintained during an upgrade. {% comment %} https://github.com/github/enterprise2/issues/2823 {% endcomment %}'
+    - 'Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. {% comment %} https://github.com/github/github/issues/54684 {% endcomment %}'
+    - 'Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters. {% comment %} https://github.com/github/github/issues/107731 {% endcomment %}'
+    - 'When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. {% comment %} https://github.com/github/admin-experience/issues/571 {% endcomment %}'
+    - 'Security alerts are not reported when pushing to a repository on the command line. {% comment %} https://github.com/github/github/issues/143190 {% endcomment %}'
+    - 'Audit logs may be attributed to 127.0.0.1 instead of the actual source IP address. (updated 2020-11-02) {% comment %} https://github.com/github/enterprise2/issues/21514 {% endcomment %}'

data/release-notes/2-21/7.yml

@@ -0,0 +1,13 @@
+date: '2020-09-08'
+sections:
+  bugs:
+    - 'A service health check caused session growth resulting in filesystem inode exhaustion. {% comment %} https://github.com/github/enterprise2/pull/22481, https://github.com/github/enterprise2/pull/22475 {% endcomment %}'
+    - "Upgrading using a hotpatch could fail with an error: `'libdbi1' was not found` {% comment %} https://github.com/github/enterprise2/pull/22556, https://github.com/github/enterprise2/pull/22552 {% endcomment %}"
+  known_issues:
+    - 'On a freshly set up GitHub Enterprise Server without any users, an attacker could create the first admin user. {% comment %} https://github.com/github/enterprise2/issues/1889 {% endcomment %}'
+    - 'Custom firewall rules are not maintained during an upgrade. {% comment %} https://github.com/github/enterprise2/issues/2823 {% endcomment %}'
+    - 'Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. {% comment %} https://github.com/github/github/issues/54684 {% endcomment %}'
+    - 'Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters. {% comment %} https://github.com/github/github/issues/107731 {% endcomment %}'
+    - 'When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. {% comment %} https://github.com/github/admin-experience/issues/571 {% endcomment %}'
+    - 'Security alerts are not reported when pushing to a repository on the command line. {% comment %} https://github.com/github/github/issues/143190 {% endcomment %}'
+    - 'Audit logs may be attributed to 127.0.0.1 instead of the actual source IP address. (updated 2020-11-02) {% comment %} https://github.com/github/enterprise2/issues/21514 {% endcomment %}'

data/release-notes/2-21/8.yml

@@ -0,0 +1,15 @@
+date: '2020-09-23'
+sections:
+  security_fixes:
+    - '**MEDIUM**:  ImageMagick has been updated to address [DSA-4715-1](https://www.debian.org/security/2020/dsa-4715). {% comment %} https://github.com/github/enterprise2/pull/22621, https://github.com/github/enterprise2/pull/22610 {% endcomment %}'
+    - 'Packages have been updated to the latest security versions. {% comment %} https://github.com/github/enterprise2/pull/22571, https://github.com/github/enterprise2/pull/22426, https://github.com/github/enterprise2/pull/22602, https://github.com/github/enterprise2/pull/22592, https://github.com/github/enterprise2/pull/22719, https://github.com/github/enterprise2/pull/22699 {% endcomment %}'
+  bugs:
+    - 'Admins were unable to see delivered repository webhooks and instead saw "Sorry, something went wrong and we weren''t able to fetch the deliveries for this hook". {% comment %} https://github.com/github/authzd/pull/1181, https://github.com/github/authzd/pull/980 {% endcomment %}'
+  known_issues:
+    - 'On a freshly set up GitHub Enterprise Server without any users, an attacker could create the first admin user. {% comment %} https://github.com/github/enterprise2/issues/1889 {% endcomment %}'
+    - 'Custom firewall rules are not maintained during an upgrade. {% comment %} https://github.com/github/enterprise2/issues/2823 {% endcomment %}'
+    - 'Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. {% comment %} https://github.com/github/github/issues/54684 {% endcomment %}'
+    - 'Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters. {% comment %} https://github.com/github/github/issues/107731 {% endcomment %}'
+    - 'When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. {% comment %} https://github.com/github/admin-experience/issues/571 {% endcomment %}'
+    - 'Security alerts are not reported when pushing to a repository on the command line. {% comment %} https://github.com/github/github/issues/143190 {% endcomment %}'
+    - 'Audit logs may be attributed to 127.0.0.1 instead of the actual source IP address. (updated 2020-11-02) {% comment %} https://github.com/github/enterprise2/issues/21514 {% endcomment %}'

data/release-notes/2-21/9.yml

@@ -0,0 +1,28 @@
+date: '2020-10-09'
+sections:
+  security_fixes:
+    - 'A user whose **LDAP** directory username standardizes to an existing GHES account login could authenticate into the existing account. {% comment %} https://github.com/github/github/pull/156517, https://github.com/github/github/pull/155512 {% endcomment %}'
+    - 'Packages have been updated to the latest security versions. {% comment %} https://github.com/github/enterprise2/pull/22911, https://github.com/github/enterprise2/pull/22878 {% endcomment %}'
+  bugs:
+    - 'The NameID Format dropdown in the Management Console would be reset to "unspecified" after setting it to "persistent". {% comment %} https://github.com/github/enterprise2/pull/22402, https://github.com/github/enterprise2/pull/22331, https://github.com/github/enterprise2/issues/13446 {% endcomment %}'
+    - 'Saving settings via the [management console](https://docs.github.com/en/enterprise-server@latest/admin/configuration/accessing-the-management-console) would append a newline to the [TLS/SSL certificate and key](https://docs.github.com/en/enterprise-server@latest/admin/configuration/configuring-tls) files which triggered unnecessary reloading of some services. {% comment %} https://github.com/github/enterprise2/pull/22608, https://github.com/github/enterprise2/pull/22540 {% endcomment %}'
+    - 'System logs for Dependency Graph were not rotating, allowing unbounded storage growth. {% comment %} https://github.com/github/enterprise2/pull/22766, https://github.com/github/enterprise2/pull/22733 {% endcomment %}'
+    - 'Upgrade could fail if the resqued workers override setting is in use. {% comment %} https://github.com/github/enterprise2/pull/22838, https://github.com/github/enterprise2/pull/22814 {% endcomment %}'
+    - 'When importing a repository with `ghe-migrator`, an unexpected exception could occur when inconsistent data is present. {% comment %} https://github.com/github/github/pull/153849, https://github.com/github/github/pull/151552 {% endcomment %}'
+    - 'Links to GitHub Security Advisories would use a URL with the hostname of the GitHub Enterprise Server instance instead of GitHub.com, directing the user to a nonexistent URL. {% comment %} https://github.com/github/github/pull/153853, https://github.com/github/github/pull/151301 {% endcomment %}'
+    - 'The enterprise account security settings page showed a "View your organizations'' current configurations" link for the "Two-factor authentication" setting when the authentication mode in use does not support built in two-factor authentication. {% comment %} https://github.com/github/github/pull/153861 {% endcomment %}'
+    - 'When using `ghe-migrator` to import PR review requests, records associated with deleted users would result in extraneous database records. {% comment %} https://github.com/github/github/pull/154959, https://github.com/github/github/pull/153169 {% endcomment %}'
+    - 'When importing users with `ghe-migrator`, an error of "Emails is invalid" would occur if the system-generated email address were longer than 100 characters. {% comment %} https://github.com/github/github/pull/155110, https://github.com/github/github/pull/152418 {% endcomment %}'
+    - 'Logging webhook activity could use large amounts of disk space and cause the root disk to become full. {% comment %} https://github.com/github/github/pull/155656, https://github.com/github/github/pull/154100 {% endcomment %}'
+  changes:
+    - 'Support is added for the AWS EC2 instance type `m5.16xlarge`. {% comment %} https://github.com/github/enterprise2/pull/22501, https://github.com/github/enterprise2/pull/22473 {% endcomment %}'
+    - 'Remove the requirement for SSH fingerprints in `ghe-migrator` archives as it can always be computed. {% comment %} https://github.com/github/github/pull/156945, https://github.com/github/github/pull/155387 {% endcomment %}'
+    - 'GitHub App Manifests now include the `request_oauth_on_install` field. {% comment %} https://github.com/github/github/pull/156994, https://github.com/github/github/pull/155010, https://github.com/github/ecosystem-apps/issues/1055 {% endcomment %}'
+  known_issues:
+    - 'On a freshly set up GitHub Enterprise Server without any users, an attacker could create the first admin user. {% comment %} https://github.com/github/enterprise2/issues/1889 {% endcomment %}'
+    - 'Custom firewall rules are not maintained during an upgrade. {% comment %} https://github.com/github/enterprise2/issues/2823 {% endcomment %}'
+    - 'Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. {% comment %} https://github.com/github/github/issues/54684 {% endcomment %}'
+    - 'Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters. {% comment %} https://github.com/github/github/issues/107731 {% endcomment %}'
+    - 'When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. {% comment %} https://github.com/github/admin-experience/issues/571 {% endcomment %}'
+    - 'Security alerts are not reported when pushing to a repository on the command line. {% comment %} https://github.com/github/github/issues/143190 {% endcomment %}'
+    - 'Audit logs may be attributed to 127.0.0.1 instead of the actual source IP address. (updated 2020-11-02) {% comment %} https://github.com/github/enterprise2/issues/21514 {% endcomment %}'

data/release-notes/2-22/0.yml

@@ -0,0 +1,129 @@
+intro: GitHub is excited to present GitHub Enterprise Server 2.22.0.
+date: '2020-09-23'
+sections:
+  features:
+    - heading: GitHub Actions Beta
+      notes:
+        - |
+          [GitHub Actions](https://github.com/features/actions) is a powerful, flexible solution for CI/CD and workflow automation. GitHub Actions on Enteprise Server includes tools to help you manage the service, including key metrics in the Management Console, audit logs and access controls to help you control the roll out.
+
+          You will need to provide your own [storage](https://docs.github.com/en/enterprise/2.22/admin/github-actions/enabling-github-actions-and-configuring-storage) and runners for GitHub Actions. AWS S3, Azure Blob Storage and MinIO are supported. Please review the [updated minimum requirements for your platform](https://docs.github.com/en/enterprise/2.22/admin/installation/setting-up-a-github-enterprise-server-instance) before you turn on GitHub Actions. To learn more, contact the GitHub Sales team or [sign up for the beta](https://resources.github.com/beta-signup/). {% comment %} https://github.com/github/releases/issues/775 {% endcomment %}
+
+    - heading: GitHub Packages Beta
+      notes:
+        - |
+          [GitHub Packages](https://github.com/features/packages) is a package hosting service, natively integrated with GitHub APIs, Actions, and webhooks. Create an [end-to-end DevOps workflow](https://docs.github.com/en/enterprise/2.22/admin/packages/configuring-packages-support-for-your-enterprise) that includes your code, continuous integration, and deployment solutions.
+
+          Supported storage back ends include AWS S3 and MinIO with support for Azure blob coming in a future release. Please note that the current Docker support will be replaced by a beta of the new GitHub Container Registry in the next release. Please review the [updated minimum requirements for your platform](https://docs.github.com/en/enterprise/2.22/admin/installation/setting-up-a-github-enterprise-server-instance) before you turn on GitHub Packages. To learn more, contact the GitHub Sales team or [sign up for the beta](https://resources.github.com/beta-signup/). {% comment %} https://github.com/github/releases/issues/773 {% endcomment %}
+
+    - heading: Advanced Security Code Scanning Beta
+      notes:
+        - |
+          [GitHub Advanced Security code scanning](https://github.com/features/security) is a developer-first, GitHub-native static application security testing (SAST). Easily find security vulnerabilities before they reach production, all powered by the world’s most powerful code analysis engine: CodeQL.
+
+          Administrators using GitHub Advanced Security can [sign up for](https://resources.github.com/beta-signup/) and [enable](https://docs.github.com/en/enterprise/2.22/admin/configuration/configuring-code-scanning-for-your-appliance) GitHub Advanced Security code scanning beta. Please review the [updated minimum requirements for your platform](https://docs.github.com/en/enterprise/2.22/admin/installation/setting-up-a-github-enterprise-server-instance) before you turn on GitHub Advanced Security code scanning. {% comment %} https://github.com/github/releases/issues/768 {% endcomment %}
+
+    - heading: Pull Request Retargeting
+      notes:
+        - |
+          When a [pull request's head branch](https://docs.github.com/en/enterprise/2.22/user/github/collaborating-with-issues-and-pull-requests/about-branches#working-with-branches) is merged and deleted, all other open pull requests in the same repository that target this branch are now retargeted to the merged pull request's base branch. Previously these pull requests were closed. {% comment %} https://github.com/github/releases/issues/801 {% endcomment %}
+
+    - heading: Suspend and Unsuspend an App Installation
+      notes:
+        - |
+          Administrators and users can [suspend any GitHub App’s access](https://docs.github.com/enterprise/2.22/user/rest/reference/apps#suspend-an-app-installation) for as long as needed, and [unsuspend the app](https://docs.github.com/enterprise/2.22/user/rest/reference/apps#unsuspend-an-app-installation) on command through Settings and the API. Suspended apps cannot access the GitHub API or webhook events. You can use this instead of uninstalling an application, which deauthorises every user. {% comment %} https://github.com/github/github/pull/138316 https://github.com/github/github/pull/150869 {% endcomment %}''
+
+    - heading: Improved Large Scale Performance
+      notes:
+        - |
+          We have revised the approach we take to scheduling network maintenance for repositories, ensuring large monorepos are able to avoid failure states. {% comment %} https://github.com/github/github/pull/146789, https://github.com/github/github/pull/147931, https://github.com/github/github/pull/146724, https://github.com/github/git-protocols/issues/94 {% endcomment %}''
+
+          Passive replicas are now [supported and configurable on GitHub Enterprise Server cluster deployments](https://docs.github.com/en/enterprise/2.22/admin/enterprise-management/configuring-high-availability-replication-for-a-cluster). These changes will enable faster failover, reducing RTO and RPO. {% comment %} https://github.com/github/releases/issues/905 {% endcomment %}
+
+    - heading: View All of Your Users
+      notes:
+        - |
+          For exceptionally large teams, administrators can [adjust the 1,500 default maximum for user lists](https://docs.github.com/en/enterprise/2.22/admin/configuration/command-line-utilities#ghe-config). {% comment %} https://github.com/github/github/pull/146508 {% endcomment %}''
+
+  changes:
+    - heading: Administration Changes
+      notes:
+        - Shared workers have been enabled to make live updates more resilient by sharing connections across tabs. {% comment %} https://github.com/github/releases/issues/914 {% endcomment %}
+        - The "Contact Support" link on `50x` error pages now links to the support email or link configured in the Management Console. {% comment %} https://github.com/github/github/pull/142123 {% endcomment %}
+        - It's now possible to [manage global announcements and expiration dates through the enterprise account settings](https://docs.github.com/en/enterprise/2.22/admin/installation/command-line-utilities#ghe-announce). {% comment %} https://github.com/github/releases/issues/945, https://github.com/github/github/pull/148475, https://github.com/github/github/pull/148494 {% endcomment %}
+        - You can now [exempt certain users from the default API rate limits configured in the management console](https://docs.github.com/en/enterprise/2.22/admin/configuration/configuring-rate-limits), if necessary. {% comment %} https://github.com/github/github/pull/148673 {% endcomment %}
+        - Repository administrators can now [set their repository to any available visibility option](https://docs.github.com/en/enterprise/2.22/user/github/administering-a-repository/setting-repository-visibility) from a single dialog in the repository's settings. Previously, you had to navigate separate sections, buttons, and dialog boxes for changing between public and private and between private and internal. {% comment %} https://github.com/github/releases/issues/882 {% endcomment %}
+        - A new Enterprise settings link on the user dropdown menu makes it easier to navigate to Enterprise Account Settings. {% comment %} https://github.com/github/releases/issues/946, https://github.com/github/github/pull/150595, https://github.com/github/github/pull/150520, https://github.com/github/github/pull/151121, https://github.com/github/hydro-schemas/pull/1244 {% endcomment %}
+        - The legacy "Admin Center" link on the /stafftools page has been removed. The "Enterprise" link is now the best way to navigate to the Enterprise Account from the /stafftools page. {% comment %} https://github.com/github/github/pull/147633 {% endcomment %}
+        - The Options sub-menu item in the Enterprise Account settings has been moved from the Settings section to the Policies section. {% comment %} https://github.com/github/releases/issues/944, https://github.com/github/github/pull/148477 {% endcomment %}
+        - '[Accessing resources by using a personal access token or SSH key now counts as user activity](https://docs.github.com/en/enterprise/2.22/admin/user-management/managing-dormant-users). This relieves administrators from the burden of filtering out certain users from the user dormancy reports and makes it safer to use the "Suspend all" button without accidentally suspending users who only accessed GitHub in a read-only way over the APIs with a Personal Access Token (PAT) or SSH key. {% comment %} https://github.com/github/github/pull/140433, https://github.com/github/help-docs/pull/14853, https://github.com/github/customer-feedback/issues/174, https://github.com/github/supportability/issues/14 {% endcomment %}'
+
+    - heading: Security Changes
+      notes:
+        - Two-factor recovery codes can no longer be used during the two-factor sign in process. One-Time-Passwords are the only acceptable values. {% comment %} https://github.com/github/github/pull/145016, https://github.com/github/github/pull/140208 {% endcomment %}
+        - When a user is signed into GitHub Enterprise Server through single sign-on, the [default repository visibility selection is Private](https://docs.github.com/en/enterprise/2.22/user/github/administering-a-repository/setting-repository-visibility). {% comment %} https://github.com/github/releases/issues/872 {% endcomment %}
+        - Owners of GitHub Apps can now choose to have their [user-to-server access tokens expire after 8 hours](https://developer.github.com/changes/2020-04-30-expiring-user-to-server-access-tokens-for-github-apps/), to help enforce regular token rotation and reduce the impact of a compromised token. {% comment %} https://github.com/github/releases/issues/966 {% endcomment %}
+
+    - heading: Developer Changes
+      notes:
+        - '[The GitHub UI has undergone a design refresh](https://github.blog/changelog/2020-06-23-design-updates-to-repositories-and-github-ui/), and the repositories homepage has been redesigned, including a responsive layout and improved mobile web experience. {% comment %} https://github.com/github/releases/issues/886 {% endcomment %}'
+        - In the "Clone with SSH" repository dropdown menu, users will now be notified if they do not have any keys setup. {% comment %} https://github.com/github/github/pull/149098 {% endcomment %}
+        - Commits are now ordered chronologically in the pull request timeline and commits tab. This new ordering is also reflected in the ["List commits on a pull request"](https://docs.github.com/en/enterprise/2.22/user/rest/reference/pulls#list-commits-on-a-pull-request) REST API and GraphQL ["PullRequest object"](https://docs.github.com/en/enterprise/2.22/user/graphql/reference/objects#pullrequest) timeline connection. {% comment %} https://github.com/github/releases/issues/867 {% endcomment %}
+        - Users can now [set a skin tone default for emoji autocomplete results](https://github.blog/changelog/2020-07-17-customizable-skin-tones-in-emoji-autocomplete/) in comment text areas. {% comment %} https://github.com/github/releases/issues/916 {% endcomment %}
+        - '[Tree-sitter](https://github.com/tree-sitter/tree-sitter) improves syntax highlighting and is now the default library used for language parsing. {% comment %} https://github.com/github/releases/issues/918, https://github.com/github/windrose/issues/44 {% endcomment %}'
+
+    - heading: Users and organizations can add Twitter usernames to their GitHub profiles
+      notes:
+        - '[Developers and organizations can now add their Twitter username to their profile](https://github.blog/changelog/2020-07-22-users-and-organizations-can-now-add-twitter-usernames-to-their-github-profiles/) {% comment %}  https://github.com/github/github/pull/145127 {% endcomment %}'
+
+    - heading: API Changes
+      notes:
+        - |
+          #### Graduated Previews
+
+          The following previews are now an official part of the API:
+          * The GitHub Apps API and endpoints that returned the `performed_via_github_app` property no longer require the [`machine-man`](https://developer.github.com/changes/2020-08-20-graduate-machine-man-and-sailor-v-previews/) preview header. {% comment %} https://github.com/github/releases/issues/965 {% endcomment %}
+          * To add and view a lock reason to an issue, you no longer need to use the [`sailor-v`](https://developer.github.com/changes/2020-08-20-graduate-machine-man-and-sailor-v-previews/) preview header. {% comment %} https://github.com/github/github/pull/143676 {% endcomment %}
+
+        - |
+          #### GraphQL Schema Changes
+
+          * [The GraphQL schema changes](https://docs.github.com/enterprise/2.22/user/graphql/overview/changelog) include backwards-compatible changes, schema previews, and upcoming breaking changes.
+
+  bugs:
+    - The stafftools page for viewing pending collaborator showed a `500 Internal Server Error` when there was a pending email invite. {% comment %} https://github.com/github/github/pull/150836 {% endcomment %}
+    - The Repository Health Check in stafftools could give incorrect results on busy repositories. {% comment %} https://github.com/github/github/pull/151160 {% endcomment %}
+    - A logged in user trying to accept an email invitation could get a `404 Not Found` error. {% comment %} https://github.com/github/github/pull/150848 {% endcomment %}
+    - If a user navigated to a repository whose name started with "repositories.", they were redirected to the owner's "Repositories" tab instead of landing on the repository overview page. {% comment %} https://github.com/github/github/pull/149704 {% endcomment %}
+    - Labels in the dashboard timeline did not have enough contrast. {% comment %} https://github.com/github/github/pull/146749 {% endcomment %}
+
+  deprecations:
+    - heading: Upcoming Deprecation of GitHub Enterprise Server 2.19
+      notes:
+        - '**GitHub Enterprise Server 2.19 will be deprecated as of November 12, 2020** That means that no patch releases will be made, even for critical security issues, after this date. For better performance, improved security, and new features, [upgrade to the newest version of GitHub Enterprise Server](https://help.github.com/enterprise/admin/guides/installation/upgrading-github-enterprise/) as soon as possible.'
+    - heading: Deprecation of Legacy GitHub App Webhook Events
+      notes:
+        - Starting with GitHub Enterprise Server 2.21.0 two legacy GitHub Apps-related webhook events have been deprecated and will be removed in GitHub Enterprise Server 2.25.0. The deprecated events `integration_installation` and `integration_installation_repositories` have equivalent events which will be supported. More information is available in the [deprecation announcement blog post](https://developer.github.com/changes/2020-04-15-replacing-the-installation-and-installation-repositories-events/). {% comment %} https://github.com/github/enterprise-web/pull/6419#issuecomment-668303461 {% endcomment %}
+    - heading: Deprecation of Legacy GitHub Apps Endpoint
+      notes:
+        - Starting with GitHub Enterprise Server 2.21.0 the legacy GitHub Apps endpoint for creating installation access tokens was deprecated and will be removed in GitHub Enterprise Server 2.25.0.  More information is available in the [deprecation announcement blog post](https://developer.github.com/changes/2020-04-15-replacing-create-installation-access-token-endpoint/). {% comment %} https://github.com/github/enterprise-web/pull/6419#issuecomment-668303461 {% endcomment %}
+    - heading: Deprecation of OAuth Application API
+      notes:
+        - GitHub [no longer supports the OAuth application endpoints](https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/) and have replaced them with a version that moves the access token to the request body for improved security. Brownouts will start in March 2021 and all calls to the old version of the OAuth application endpoints will return a status code of 404 starting on May 5, 2021 at 16:00 UTC.
+
+  # - type: Backup and Disaster recovery
+  #   note: GitHub Enterprise Server 2.22 requires at least [GitHub Enterprise Backup Utilities](https://github.com/github/backup-utils) 2.22.0 for [Backups and Disaster Recovery](https://help.github.com/enterprise/2.22/admin/guides/installation/backups-and-disaster-recovery/).
+
+  known_issues:
+    - On a freshly set up GitHub Enterprise Server without any users, an attacker could create the first admin user. {% comment %} https://github.com/github/enterprise2/issues/1889 {% endcomment %}
+    - Custom firewall rules are not maintained during an upgrade. {% comment %} https://github.com/github/enterprise2/issues/2823 {% endcomment %}
+    - Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. {% comment %} https://github.com/github/github/issues/54684 {% endcomment %}
+    - Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters. {% comment %} https://github.com/github/github/issues/107731 {% endcomment %}
+    - When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. {% comment %} https://github.com/github/admin-experience/issues/571 {% endcomment %}
+    - The Name ID Format dropdown in the Management Console resets to "unspecified" after setting instance to "persistent". {% comment %} https://github.com/github/enterprise2/issues/13446 {% endcomment %}
+    - The repository Settings page of a repository for a user or organization GitHub Pages sites will fail with a "500 Internal Server Error". {% comment %} https://github.com/github/github/issues/156183 {% endcomment %}
+    - Users may experience slower Git clone and fetch performance on an instance with high availability replicas due to reads being forwarded to a different node. {% comment %} https://github.com/github/spokesd/issues/746 {% endcomment %}
+    - '[Creating a GitHub App from a manifest](https://docs.github.com/en/enterprise/2.22/user/developers/apps/creating-a-github-app-from-a-manifest) fails. To work around this issue, users can follow the manual instructions for [creating a GitHub App](https://docs.github.com/en/enterprise/2.22/user/developers/apps/creating-a-github-app). {% comment %} https://github.com/github/enterprise2/issues/22849 {% endcomment %}'
+    - GitHub usernames may change unintentionally when using SAML authentication, if the GitHub username does not match the value of the attribute mapped to the `username` field in the Management Console. (updated 2020-10-08) {% comment %} https://github.com/github/external-identities/issues/335 {% endcomment %}
+    - On a freshly set up 2.22.0 instance or after upgrading to 2.22.0, the activity feed on an organization's dashboard will no longer update. (updated 2020-10-27) {% comment %}https://github.com/github/enterprise2/issues/23050{% endcomment %}
+    - Audit logs may be attributed to 127.0.0.1 instead of the actual source IP address. (updated 2020-11-02) {% comment %} https://github.com/github/enterprise2/issues/21514 {% endcomment %}

data/release-notes/2-22/1.yml

@@ -0,0 +1,73 @@
+date: '2020-10-09'
+sections:
+  security_fixes:
+    - '**MEDIUM**:  ImageMagick has been updated to address [DSA-4715-1](https://www.debian.org/security/2020/dsa-4715). {% comment %} https://github.com/github/enterprise2/pull/22623, https://github.com/github/enterprise2/pull/22610 {% endcomment %}'
+    - 'Requests from a GitHub App integration to refresh an OAuth access token would be accepted if sent with a different, valid OAuth client ID and client secret than was used to create the refresh token. {% comment %} https://github.com/github/github/pull/154921, https://github.com/github/github/pull/154423, https://github.com/github/ecosystem-apps/issues/1066 {% endcomment %}'
+    - 'A user whose LDAP directory username standardizes to an existing GHES account login could authenticate into the existing account. {% comment %} https://github.com/github/github/pull/156513, https://github.com/github/github/pull/155512 {% endcomment %}'
+    - 'Packages have been updated to the latest security versions. {% comment %} https://github.com/github/enterprise2/pull/22912, https://github.com/github/enterprise2/pull/22878 {% endcomment %}'
+
+  bugs:
+    - |
+      The NameID Format dropdown in the Management Console would be reset to "unspecified" after setting it to "persistent". {% comment %} https://github.com/github/enterprise2/pull/22376, https://github.com/github/enterprise2/pull/22331, https://github.com/github/enterprise2/issues/13446 {% endcomment %}
+    - |
+      Upgrading using a hotpatch could fail with an error: `'libdbi1' was not found` {% comment %} https://github.com/github/enterprise2/pull/22557, https://github.com/github/enterprise2/pull/22552 {% endcomment %}
+    - |
+      Saving settings via the [management console](https://docs.github.com/en/enterprise-server@latest/admin/configuration/accessing-the-management-console) would append a newline to the [TLS/SSL certificate and key](https://docs.github.com/en/enterprise-server@latest/admin/configuration/configuring-tls) files which triggered unnecessary reloading of some services. {% comment %} https://github.com/github/enterprise2/pull/22570, https://github.com/github/enterprise2/pull/22540 {% endcomment %}
+    - |
+      System logs for Dependency Graph were not rotating, allowing unbounded storage growth. {% comment %} https://github.com/github/enterprise2/pull/22767, https://github.com/github/enterprise2/pull/22733 {% endcomment %}
+    - |
+      The MS SQL Server performance graph showed statistics from the primary instance even when a replica was selected. {% comment %} https://github.com/github/enterprise2/pull/22778, https://github.com/github/enterprise2/pull/22750 {% endcomment %}
+    - |
+      `ghe-actions-precheck` would silently exit without running the storage checks if Actions was not enabled. {% comment %} https://github.com/github/enterprise2/pull/22787, https://github.com/github/enterprise2/pull/22742 {% endcomment %}
+    - |
+      Upgrade could fail if the resqued workers override setting is in use. {% comment %} https://github.com/github/enterprise2/pull/22836, https://github.com/github/enterprise2/pull/22814 {% endcomment %}
+    - |
+      Some services running in containers were not sending logs to the journal. {% comment %} https://github.com/github/enterprise2/pull/22994, https://github.com/github/enterprise2/pull/22518 {% endcomment %}
+    - |
+      Links to GitHub Security Advisories would use a URL with the hostname of the GitHub Enterprise Server instance instead of GitHub.com, directing the user to a nonexistent URL. {% comment %} https://github.com/github/github/pull/153316, https://github.com/github/github/pull/151301 {% endcomment %}
+    - |
+      When importing a repository with `ghe-migrator`, an unexpected exception could occur when inconsistent data is present. {% comment %} https://github.com/github/github/pull/153850, https://github.com/github/github/pull/151552 {% endcomment %}
+    - |
+      The enterprise account security settings page showed a "View your organizations' current configurations" link for the "Two-factor authentication" setting when the authentication mode in use does not support built in two-factor authentication. {% comment %} https://github.com/github/github/pull/153860 {% endcomment %}
+    - |
+      OAuth refresh tokens would be removed prematurely. {% comment %} https://github.com/github/github/pull/154271, https://github.com/github/github/pull/153694 {% endcomment %}
+    - |
+      Search repair tasks would generate exceptions during the migration phase of configuration. {% comment %} https://github.com/github/github/pull/154573, https://github.com/github/github/pull/153392 {% endcomment %}
+    - |
+      On the settings page for GitHub Apps, the "Beta Features" tab was not visible in some circumstances. {% comment %} https://github.com/github/github/pull/154612, https://github.com/github/github/pull/154417 {% endcomment %}
+    - |
+      When using `ghe-migrator` to import PR review requests, records associated with deleted users would result in extraneous database records. {% comment %} https://github.com/github/github/pull/154960, https://github.com/github/github/pull/153169 {% endcomment %}
+    - |
+      When importing users with `ghe-migrator`, an error of "Emails is invalid" would occur if the system-generated email address were longer than 100 characters. {% comment %} https://github.com/github/github/pull/155109, https://github.com/github/github/pull/152418 {% endcomment %}
+    - |
+      Logging webhook activity could use large amounts of disk space and cause the root disk to become full. {% comment %} https://github.com/github/github/pull/155657, https://github.com/github/github/pull/154100 {% endcomment %}
+    - |
+      Users experienced slower Git clone and fetch performance on an instance with high availability replicas due to reads being forwarded to a different node. {% comment %} https://github.com/github/github/pull/156195, https://github.com/github/github/pull/156016, https://github.com/github/spokesd/issues/746 {% endcomment %}
+    - |
+      The repository Settings page of a repository for a user or organization GitHub Pages sites would fail with a "500 Internal Server Error". {% comment %} https://github.com/github/github/pull/156439, https://github.com/github/github/issues/156183 {% endcomment %}
+    - |
+      Repository network maintenance operations could become stuck in a `running` state. {% comment %} https://github.com/github/github/pull/156669, https://github.com/github/github/pull/156036 {% endcomment %}
+    - |
+      A repository being deleted immediately after uploading a code scanning result could cause a stall in the processing of code scanning results for all repositories. {% comment %} https://github.com/github/github/pull/157063, https://github.com/github/github/pull/156437 {% endcomment %}
+    - |
+      When a large number of code scanning results were submitted at the same time, processing of batches could time out resulting in a stall in processing of code scanning results. {% comment %} https://github.com/github/github/pull/157065, https://github.com/github/github/pull/156462 {% endcomment %}
+    - |
+      [Creating a GitHub App from a manifest](https://docs.github.com/en/enterprise/2.22/user/developers/apps/creating-a-github-app-from-a-manifest) would fail. {% comment %} https://github.com/github/github/pull/157133, https://github.com/github/github/pull/156904, https://github.com/github/enterprise2/issues/22849 {% endcomment %}
+    - |
+      GitHub usernames were changed unintentionally when using SAML authentication, when the GitHub username did not match the value of the attribute mapped to the `username` field in the Management Console. {% comment %} https://github.com/github/github/pull/158131, https://github.com/github/github/pull/157936, https://github.com/github/external-identities/issues/335 {% endcomment %}
+
+  changes:
+    - Support is added for the AWS EC2 instance type `m5.16xlarge`. {% comment %} https://github.com/github/enterprise2/pull/22502, https://github.com/github/enterprise2/pull/22473 {% endcomment %}
+    - Remove the requirement for SSH fingerprints in `ghe-migrator` archives as it can always be computed. {% comment %} https://github.com/github/github/pull/156946, https://github.com/github/github/pull/155387 {% endcomment %}
+    - GitHub App Manifests now include the `request_oauth_on_install` field. {% comment %} https://github.com/github/github/pull/156991, https://github.com/github/github/pull/155010, https://github.com/github/ecosystem-apps/issues/1055 {% endcomment %}
+
+  known_issues:
+    - On a freshly set up GitHub Enterprise Server without any users, an attacker could create the first admin user. {% comment %} https://github.com/github/enterprise2/issues/1889 {% endcomment %}
+    - Custom firewall rules are not maintained during an upgrade. {% comment %} https://github.com/github/enterprise2/issues/2823 {% endcomment %}
+    - Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. {% comment %} https://github.com/github/github/issues/54684 {% endcomment %}
+    - Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters. {% comment %} https://github.com/github/github/issues/107731 {% endcomment %}
+    - When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. {% comment %} https://github.com/github/admin-experience/issues/571 {% endcomment %}
+    - Configuration updates will fail when restoring data to a GitHub Actions-enabled instance if the original backup source did not have the feature enabled. {% comment %} https://github.com/github/c2c-actions-runtime/issues/915 {% endcomment %}
+    - GitHub Actions can fail to start up successfully if it was previously enabled on an instance running 2.22.0 and is upgraded to 2.22.1. (updated 2020-10-23) {% comment %} https://github.com/github/c2c-actions/issues/1680 {% endcomment %}
+    - On a freshly set up 2.22.1 instance or after upgrading to 2.22.1, the activity feed on an organization's dashboard will no longer update. (updated 2020-10-27) {% comment %}https://github.com/github/enterprise2/issues/23050{% endcomment %}
+    - Audit logs may be attributed to 127.0.0.1 instead of the actual source IP address. (updated 2020-11-02) {% comment %} https://github.com/github/enterprise2/issues/21514 {% endcomment %}

data/release-notes/2-22/2.yml

@@ -0,0 +1,30 @@
+date: '2020-10-20'
+sections:
+  security_fixes:
+    - Packages have been updated to the latest security versions. {% comment %} https://github.com/github/enterprise2/pull/23097, https://github.com/github/enterprise2/pull/23081 {% endcomment %}
+
+  bugs:
+    - |
+      If the storage account settings failed to validate while configuring GitHub Actions, running `ghe-actions-teardown` was required before making a new attempt. {% comment %} https://github.com/github/enterprise2/pull/23057, https://github.com/github/enterprise2/pull/22981 {% endcomment %}
+    - |
+      A custom proxy configuration could adversely affect the GitHub Actions environment. {% comment %} https://github.com/github/enterprise2/pull/23121, https://github.com/github/enterprise2/pull/23092, https://github.com/github/c2c-actions-platform/issues/2254 {% endcomment %}
+    - |
+      On a change of an address on eth0, Nomad and Consul could get unresponsive. {% comment %} https://github.com/github/enterprise2/pull/23227, https://github.com/github/enterprise2/pull/23153 {% endcomment %}
+    - |
+      When using self-signed certificates, GHES could have SSL validation exceptions upon configuring GitHub Actions. {% comment %} https://github.com/github/enterprise2/pull/23381 {% endcomment %}
+    - |
+      Using a GitHub Action from a branch name with a `+` or `/` character resulted in an error: `Unable to resolve action`. {% comment %} https://github.com/github/github/pull/157942, https://github.com/github/github/pull/157819, https://github.com/github/launch/pull/3463 {% endcomment %}
+    - |
+      The enterprise account "Confirm two-factor requirement policy" messaging was incorrect. {% comment %} https://github.com/github/github/pull/158735 {% endcomment %}
+    - |
+      On certain requests above 100MB, Kafka's buffer could be over-allocated. {% comment %} https://github.com/github/kafka-lite/pull/286, https://github.com/github/kafka-lite/pull/285 {% endcomment %}
+
+  known_issues:
+    - On a freshly set up GitHub Enterprise Server without any users, an attacker could create the first admin user. {% comment %} https://github.com/github/enterprise2/issues/1889 {% endcomment %}
+    - Custom firewall rules are not maintained during an upgrade. {% comment %} https://github.com/github/enterprise2/issues/2823 {% endcomment %}
+    - Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. {% comment %} https://github.com/github/github/issues/54684 {% endcomment %}
+    - Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters. {% comment %} https://github.com/github/github/issues/107731 {% endcomment %}
+    - When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. {% comment %} https://github.com/github/admin-experience/issues/571 {% endcomment %}
+    - GitHub Actions can fail to start up successfully if it was previously enabled on an instance running 2.22.0 and is upgraded to 2.22.2. (updated 2020-10-23) {% comment %} https://github.com/github/c2c-actions/issues/1680 {% endcomment %}
+    - On a freshly set up 2.22.2 instance or after upgrading to 2.22.2, the activity feed on an organization's dashboard will no longer update. (updated 2020-10-27) {% comment %}https://github.com/github/enterprise2/issues/23050{% endcomment %}
+    - Audit logs may be attributed to 127.0.0.1 instead of the actual source IP address. (updated 2020-11-02) {% comment %} https://github.com/github/enterprise2/issues/21514 {% endcomment %}

data/release-notes/2-22/3.yml

@@ -0,0 +1,24 @@
+date: '2020-11-03'
+sections:
+  security_fixes:
+    - |
+      **LOW:** High CPU usage could be triggered by a specially crafted request to the SVN bridge resulting in Denial of Service (DoS) on the SVN bridge service. (updated 2020-11-16) {% comment %} https://github.com/github/slumlord/pull/1005, https://github.com/github/slumlord/pull/1000 {% endcomment %}
+    - |
+      **LOW:** Incorrect token validation resulted in a reduced entropy for matching tokens during authentication. Analysis shows that in practice there's no significant security risk here. {% comment %} https://github.com/github/github/pull/159457, https://github.com/github/github/pull/159193 {% endcomment %}
+    - |
+      Packages have been updated to the latest security versions. {% comment %} https://github.com/github/enterprise2/pull/23540, https://github.com/github/enterprise2/pull/23171, https://github.com/github/enterprise2/pull/23693, https://github.com/github/enterprise2/pull/23677 {% endcomment %}
+
+  bugs:
+    - GitHub Actions could fail to start up successfully if it was previously enabled on an instance running 2.22.0 and was upgraded to 2.22.1 or 2.22.2. {% comment %} https://github.com/github/enterprise2/pull/23622, https://github.com/github/enterprise2/pull/23490, https://github.com/github/c2c-actions/issues/1680 {% endcomment %}
+    - Configuration files for GitHub Actions were not copied to the replica when setting up high availability replicas potentially leading to errors during `ghe-repl-promote`. {% comment %} https://github.com/github/enterprise2/pull/23703, https://github.com/github/enterprise2/pull/23683 {% endcomment %}
+    - On a freshly set up 2.22.1 or 2.22.2 instance or after upgrading to 2.22.1 or 2.22.2, the activity feed on an organization's dashboard would not update. {% comment %} https://github.com/github/github/pull/159376, https://github.com/github/github/pull/159235, https://github.com/github/enterprise2/issues/23050 {% endcomment %}
+    - Editing issues templates with filenames containing non-ASCII characters would fail with a "500 Internal Server Error". {% comment %} https://github.com/github/github/pull/160588, https://github.com/github/github/pull/159747 {% endcomment %}
+    - A metric gathering method for background jobs increased CPU utilization. (updated 2020-11-03) {% comment %} https://github.com/github/github/pull/160109 {% endcomment %}
+
+  known_issues:
+    - On a freshly set up GitHub Enterprise Server without any users, an attacker could create the first admin user. {% comment %} https://github.com/github/enterprise2/issues/1889 {% endcomment %}
+    - Custom firewall rules are not maintained during an upgrade. {% comment %} https://github.com/github/enterprise2/issues/2823 {% endcomment %}
+    - Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. {% comment %} https://github.com/github/github/issues/54684 {% endcomment %}
+    - Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters. {% comment %} https://github.com/github/github/issues/107731 {% endcomment %}
+    - When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. {% comment %} https://github.com/github/admin-experience/issues/571 {% endcomment %}
+    - Audit logs may be attributed to 127.0.0.1 instead of the actual source IP address. {% comment %} https://github.com/github/enterprise2/issues/21514 {% endcomment %}

data/release-notes/2-22/4.yml

@@ -0,0 +1,17 @@
+date: '2020-11-17'
+sections:
+  security_fixes:
+    - Packages have been updated to the latest security versions. {% comment %} https://github.com/github/enterprise2/pull/23845, https://github.com/github/enterprise2/pull/23712 {% endcomment %}
+
+  bugs:
+    - The babeld logs were missing a separator between seconds and microseconds. {% comment %} https://github.com/github/babeld/pull/1006, https://github.com/github/babeld/pull/1002 {% endcomment %}
+    - After upgrading GHES with a hotpatch, the `ghe-actions-precheck` and `ghe-packages-precheck` commands would fail with the error `"docker load" accepts no arguments`. {% comment %} https://github.com/github/enterprise2/pull/23760, https://github.com/github/enterprise2/pull/23745 {% endcomment %}
+    - When the enterprise account "Repository visibility change" policy was set to "Enabled", organization owners could not change the visibility of repositories within the organization. {% comment %} https://github.com/github/github/pull/160920, https://github.com/github/github/pull/160773 {% endcomment %}
+    - Audit logs could be attributed to 127.0.0.1 instead of the actual source IP address. {% comment %} https://github.com/github/github/pull/162438, https://github.com/github/github/pull/161215 {% endcomment %}
+
+  known_issues:
+    - On a freshly set up GitHub Enterprise Server without any users, an attacker could create the first admin user. {% comment %} https://github.com/github/enterprise2/issues/1889 {% endcomment %}
+    - Custom firewall rules are not maintained during an upgrade. {% comment %} https://github.com/github/enterprise2/issues/2823 {% endcomment %}
+    - Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. {% comment %} https://github.com/github/github/issues/54684 {% endcomment %}
+    - Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters. {% comment %} https://github.com/github/github/issues/107731 {% endcomment %}
+    - When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. {% comment %} https://github.com/github/admin-experience/issues/571 {% endcomment %}

data/release-notes/2-22/5.yml

@@ -0,0 +1,21 @@
+date: '2020-12-03'
+sections:
+  bugs:
+    - 'Authorization service was being detected as unhealthy due to a race condition in the bootstrap which led to  restart of the service. {% comment %} https://github.com/github/authzd/pull/1275, https://github.com/github/authzd/pull/1274 {% endcomment %}'
+    - 'The Elasticsearch upgrade process was not getting captured by ghe-diagnostics. {% comment %} https://github.com/github/enterprise2/pull/23905, https://github.com/github/enterprise2/pull/23874 {% endcomment %}'
+    - 'Enabling GitHub Actions on an upgraded high availability configuration caused errors in replication. {% comment %} https://github.com/github/enterprise2/pull/23979, https://github.com/github/c2c-actions-platform/issues/2479 {% endcomment %}'
+    - 'An underlying behavior was causing a service to become unavailable during the hotpatch upgrade process. {% comment %} https://github.com/github/enterprise2/pull/24055 {% endcomment %}'
+    - 'Users connecting to an active replica would get an error connecting to the live updates websocket. {% comment %} https://github.com/github/enterprise2/pull/24079, https://github.com/github/enterprise2/pull/24058 {% endcomment %}'
+    - 'A subset of log forwarding SSL certificates was not being applied correctly. {% comment %} https://github.com/github/enterprise2/pull/24114, https://github.com/github/enterprise2/pull/23981 {% endcomment %}'
+    - 'Email notifications sent to suspended users when they were removed from a Team or an Organization. {% comment %} https://github.com/github/github/pull/162973, https://github.com/github/github/pull/162742 {% endcomment %}'
+    - 'The way SSH certificates were applied between Organizations and Businesses was inconsistent. {% comment %} https://github.com/github/github/pull/163423, https://github.com/github/github/pull/159538, https://github.com/github/authentication/issues/115 {% endcomment %}'
+    - 'When an account was rate limited due to using incorrect passwords, it could be locked out for up to 24 hours. {% comment %} https://github.com/github/github/pull/163433, https://github.com/github/github/pull/162938, https://github.com/github/github-ds/pull/51 {% endcomment %}'
+    - 'Pull request synchronization on repositories with many references could cause worker queues to fall behind. {% comment %} https://github.com/github/github/pull/163573, https://github.com/github/github/pull/163142 {% endcomment %}'
+    - 'When signing in after attempting to visit a specific page, people were sent to the home page instead of their intended destination. {% comment %} https://github.com/github/github/pull/163782, https://github.com/github/github/pull/163579, https://github.com/github/github/pull/154117, https://github.com/github/ecosystem-apps/issues/1076 {% endcomment %}'
+    - 'For GHES instances using built-in authentication with an internal SAML identity provider, users without an associated email address could not create a commit from the web interface. {% comment %} https://github.com/github/github/pull/164009, https://github.com/github/github/pull/163530, https://github.com/github/github/issues/163524 {% endcomment %}'
+  known_issues:
+    - 'On a freshly set up GitHub Enterprise Server without any users, an attacker could create the first admin user. {% comment %} https://github.com/github/enterprise2/issues/1889 {% endcomment %}'
+    - 'Custom firewall rules are not maintained during an upgrade. {% comment %} https://github.com/github/enterprise2/issues/2823 {% endcomment %}'
+    - 'Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. {% comment %} https://github.com/github/github/issues/54684 {% endcomment %}'
+    - 'Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters. {% comment %} https://github.com/github/github/issues/107731 {% endcomment %}'
+    - 'When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. {% comment %} https://github.com/github/admin-experience/issues/571 {% endcomment %}'

data/reusables/actions/actions-packages-set-spending-limit.md

@@ -0,0 +1 @@
+You can set a specific spending limit or, for some accounts, allow unlimited spending. The spending limit applies to your combined overages for {% data variables.product.prodname_registry %} and {% data variables.product.prodname_actions %}.

data/reusables/dotcom_billing/actions-packages-unpaid-account.md

@@ -2,4 +2,4 @@ If your account has outstanding unpaid charges:
 
 * The storage or minutes included in your account for {% data variables.product.prodname_actions %} and {% data variables.product.prodname_registry %} will not be reset until the payment has been successfully processed.
 * For accounts with storage or minutes remaining for the current billing period, {% data variables.product.prodname_actions %} and {% data variables.product.prodname_registry %} will continue to be available until any included usage has been reached.
-* For accounts that have reached the included usage for the current billing period for {% data variables.product.prodname_actions %} or {% data variables.product.prodname_registry %}, both {% data variables.product.prodname_actions %} and {% data variables.product.prodname_registry %} will be disabled to prevent any further overages. If you pay your account by invoice, you must [contact our account management team](https://enterprise.github.com/contact) to process payment and reset your usage.
+* For accounts that have reached the included usage for the current billing period for {% data variables.product.prodname_actions %} or {% data variables.product.prodname_registry %}, both {% data variables.product.prodname_actions %} and {% data variables.product.prodname_registry %} will be disabled to prevent any further overages.

data/reusables/github-actions/actions-billing.md

@@ -1 +1 @@
-{% data variables.product.prodname_actions %} usage is free for public repositories and self-hosted runners. For private repositories, each {% data variables.product.prodname_dotcom %} account receives a certain amount of free minutes and storage, depending on the product used with the account.
+{% data variables.product.prodname_actions %} usage is free for public repositories and self-hosted runners. For private repositories, each {% data variables.product.prodname_dotcom %} account receives a certain amount of free minutes and storage, depending on the product used with the account. Any usage beyond the included amounts is controlled by spending limits.

data/reusables/github-actions/actions-spending-limit-brief.md

@@ -0,0 +1 @@
+If you are a monthly-billed customer, your account will have a default spending limit of $0, which prevents additional usage of minutes or storage for private repositories beyond the amounts included with your account. If you pay your account by invoice, your account will have an unlimited default spending limit.

data/reusables/github-actions/actions-spending-limit-detailed.md

@@ -0,0 +1,3 @@
+{% data reusables.github-actions.actions-spending-limit-brief %}
+
+If you have an unlimited spending limit or a spending limit set higher than $0, you will be billed for any additional minutes or storage beyond the included amounts in your account, also called overages. {% data variables.product.prodname_dotcom %} charges usage to the account that owns the repository where a workflow is run. Any coupons on your account do not apply to {% data variables.product.prodname_actions %} overages.

data/reusables/github-actions/actions-spending-limit.md

@@ -1 +0,0 @@
-By default, your account will have a spending limit of $0, which prevents additional usage of minutes or storage after you reach these limits. If you increase your spending limit above the default of $0, you will be billed for any minutes or storage beyond the limits, also called overages. {% data variables.product.prodname_dotcom %} charges usage to the account that owns the repository where the workflow is run. Any coupons on your account do not apply to {% data variables.product.prodname_actions %} overages.

data/reusables/github-actions/publish-to-maven-workflow-step.md

@@ -1 +1 @@
-Runs the `mvn -B deploy` command to publish to the `ossrh` repository. The `MAVEN_USERNAME` environment variable will be set with the contents of your `OSSRH_USERNAME` secret, and the `MAVEN_PASSWORD` environment variable will be set with the contents of your `OSSRH_TOKEN` secret.
+Runs the `mvn --batch-mode deploy` command to publish to the `ossrh` repository. The `MAVEN_USERNAME` environment variable will be set with the contents of your `OSSRH_USERNAME` secret, and the `MAVEN_PASSWORD` environment variable will be set with the contents of your `OSSRH_TOKEN` secret.

data/reusables/github-actions/publish-to-packages-workflow-step.md

@@ -1 +1 @@
-Runs the `mvn -B deploy` command to publish to {% data variables.product.prodname_registry %}. The `GITHUB_TOKEN` environment variable will be set with the contents of the `GITHUB_TOKEN` secret.
+Runs the `mvn --batch-mode deploy` command to publish to {% data variables.product.prodname_registry %}. The `GITHUB_TOKEN` environment variable will be set with the contents of the `GITHUB_TOKEN` secret.

data/reusables/github-actions/spending-limit-enterprise-account.md

@@ -1 +0,0 @@
-If you pay for your enterprise account by invoice, you cannot manage the spending limit for your enterprise account on {% data variables.product.product_name %}. If you want to allow organizations owned by your enterprise account to use {% data variables.product.prodname_actions %} beyond the storage or data transfer included in their accounts, you can prepay for overages. Because overages must prepaid, you cannot enable unlimited spending on accounts paid by invoice. Your spending limit will be 150% of the amount you prepaid. If you have any questions, [contact our account management team](https://enterprise.github.com/contact).

data/reusables/package_registry/packages-billing.md

@@ -1 +1 @@
-{% data variables.product.prodname_registry %} usage is free for public packages. For private packages, each {% data variables.product.product_name %} account receives a certain amount of free storage and data transfer, depending on the product used with the account. By default, your account will have a spending limit of $0, which prevents additional usage of storage or data transfer after you reach the included amounts. If you increase your spending limit above the default of $0, you will be billed for any additional storage or data transfer, also called overages, up to your spending limit. Any coupons on your account do not apply to {% data variables.product.prodname_registry %} overages.
+{% data variables.product.prodname_registry %} usage is free for public packages. For private packages, each {% data variables.product.product_name %} account receives a certain amount of free storage and data transfer, depending on the product used with the account. Any usage beyond the included amounts is controlled by spending limits.

data/reusables/package_registry/packages-spending-limit-brief.md

@@ -0,0 +1 @@
+If you are a monthly-billed customer, your account will have a default spending limit of $0, which prevents additional usage of storage or data transfer after you reach the included amounts. If you pay your account by invoice, your account will have an unlimited default spending limit.

data/reusables/package_registry/packages-spending-limit-detailed.md

@@ -0,0 +1,3 @@
+{% data reusables.package_registry.packages-spending-limit-brief %}
+
+If you have an unlimited spending limit or a spending limit set higher than $0, you will be billed for any additional storage or data transfer, also called overages, up to your spending limit. Any coupons on your account do not apply to {% data variables.product.prodname_registry %} overages.

data/reusables/package_registry/spending-limit-enterprise-account.md

@@ -1 +0,0 @@
-If you pay for your enterprise account by invoice, you cannot manage the spending limit for your enterprise account on {% data variables.product.product_name %}. If you want to allow organizations owned by your enterprise account to use {% data variables.product.prodname_registry %} beyond the storage or data transfer included in their accounts, you can prepay for overages. Because overages must prepaid, you cannot enable unlimited spending on accounts paid by invoice. Your spending limit will be 150% of the amount you prepaid. If you have any questions, [contact our account management team](https://enterprise.github.com/contact).

data/variables/action_code_examples.yml

@@ -287,3 +287,9 @@
     - monorepo
     - copybara
     - workflow
+- title: Deploy static files to GitHub Pages
+  description: GitHub Action to publish website to GitHub Pages automatically
+  languages: 'TypeScript, JavaScript'
+  href: peaceiris/actions-gh-pages
+  tags:
+    - publishing

docs/index.yaml

@@ -2,6 +2,11 @@
 
 version: 1
 links:
+  - name: Observability docs
+    description: Docs Engineering observability docs
+    kind: docs
+    service: docs-internal
+    url: https://github.com/github/docs-engineering/blob/main/docs/observability/docs.github.com.md
   - name: Datadog dashboard
     description: Production Datadog dashboard
     kind: dashboard

includes/release-notes-category-label.html

@@ -1,12 +1,18 @@
-{% assign sectionTitle = section.title | default: 'Misc' %}
-
-{% case sectionTitle %}
-  {% when "New Feature" %}
-    {% assign colors = "bg-orange text-white" %}
-  {% when "Bugs" %}
-    {% assign colors = "bg-purple text-white" %}
+{% case section[0] %}
+  {% when "features" %}
+    {% assign text = "Features" %}
+  {% when "bugs" %}
+    {% assign text = "Bug fixes" %}
+  {% when "known_issues" %}
+    {% assign text = "Known issues" %}
+  {% when "security_fixes" %}
+    {% assign text = "Security fixes" %}
+  {% when "changes" %}
+    {% assign text = "Changes" %}
+  {% when "deprecations" %}
+    {% assign text = "Deprecations" %}
   {% else %}
-    {% assign colors = "bg-blue text-white" %}
+    {% assign text = "INVALID SECTION" %}
 {% endcase %}
 
-<span class="{{ colors }} px-3 py-2 f5 text-uppercase text-mono">{{ sectionTitle }}</span>
+<span class="px-3 py-2 f5 text-uppercase text-mono text-white release-notes-section-label">{{ text }}</span>

includes/release-notes-heading.html

@@ -0,0 +1,5 @@
+{% assign slug = note.heading | slugify %}
+
+<h4 id="{{ slug }}" class="release-notes-section-heading text-uppercase text-bold">
+  <a href="#{{ slug }}" class="text-inherit">{{ note.heading }}</a>
+</h4>

layouts/release-notes.html

@@ -11,83 +11,133 @@
       {% include header %}
       {% include deprecation-banner %}
 
-      <div class="container-xl px-3 px-md-6 my-4 my-lg-4 markdown-body">
-        <div class="d-lg-flex flex-justify-between">
-          <div class="d-block d-lg-none">{% include article-version-switcher %}</div>
-          <div class="d-flex flex-items-center" style="height: 39px;">
-            {% include breadcrumbs %}
+      <div class="d-flex flex-items-stretch">
+        <article class="flex-auto">
+          <div class="d-flex flex-items-center flex-justify-between bg-white text-bold py-4 px-5">
+            {% if prevRelease %}
+              <a
+                class="btn btn-outline"
+                href="/{{ currentLanguage }}/{{ allVersions[currentVersion].plan }}@{{ prevRelease }}/{{ currentProduct }}/release-notes">
+                {% octicon "chevron-left" %} {{ prevRelease }}
+              </a>
+            {% else %}
+              <div></div>
+            {% endif %}
+
+            <h1 class="f4 p-0 m-0">{{ currentVersion | version_num }} Release notes</h1>
+
+            {% if nextRelease %}
+              <a
+                class="btn btn-outline"
+                href="/{{ currentLanguage }}/{{ allVersions[currentVersion].plan }}@{{ nextRelease }}/{{ currentProduct }}/release-notes">
+                {{ nextRelease }} {% octicon "chevron-right" %}
+              </a>
+            {% else %}
+              <div></div>
+            {% endif %}
           </div>
-          <div class="d-none d-lg-block">{% include article-version-switcher %}</div>
-        </div>
-
-        <article class="mt-2 d-flex gutter">
-          <div class="col-12 col-md-10">
-            <header>
-              <h1>{{ allVersions[currentVersion].versionTitle }}</h1>
-            </header>
 
+          <div class="markdown-body">
             {% for patch in releaseNotes %}
-              <details id="{{ patch.version }}" class="details-reset mb-3" {% if forloop.first %}open{% endif %}>
-                <summary class="position-sticky top-0 bg-white pb-2 d-flex flex-items-center flex-justify-between border-bottom">
-                  <h2 class="d-flex flex-items-center border-bottom-0">
-                    {{ patch.version }}
+              <div id="{{ patch.version }}" class="mb-10 bg-gray-light px-3 py-6 border-bottom border-top">
+                <header class="container-xl position-sticky top-0 bg-gray-light border-bottom pb-2">
+                  <div class="d-flex flex-items-baseline">
+                    <h2 class="d-flex flex-items-center border-bottom-0 mr-3 mb-0">
+                      {{ allVersions[currentVersion].versionTitle }}.{{ patch.patchVersion }}
 
-                    {% if patch.release_candidate %}
-                      <span class="IssueLabel bg-orange text-white mx-2">Release Candidate</span>
-                    {% endif %}
-                  </h2>
+                      {% if patch.release_candidate %}
+                        <span class="IssueLabel bg-orange text-white mx-2">Release Candidate</span>
+                      {% endif %}
+                    </h2>
 
-                  <div>
-                    <span class="text-gray-light text-mono text-small" style="margin-left: auto">{{ patch.date | date: "%B %d, %Y" }}</span>
+                    <a href="https://enterprise.github.com/releases/{{ patch.version }}/download" class="f5">
+                      Download
+                    </a>
 
-                    <div class="mt-1 d-flex flex-items-center f5">
-                      <a href="https://enterprise.github.com/releases/{{ patch.version }}/download">
-                        Download GHES {{ patch.version }}
-                      </a>
-
-                      <button class="js-print btn-link ml-6">
-                        Print
-                      </button>
-                    </div>
+                    <button class="js-print btn-link ml-3 f5">
+                      Print
+                    </button>
                   </div>
-                </summary>
 
-                <p>{{ patch.intro }}</p>
+                  <p class="text-gray mt-1">{{ patch.date | date: "%B %d, %Y" }}</p>
+                </header>
 
-                {% for section in patch.sortedNotes %}
-                  <div class="py-6 border-bottom d-block d-md-flex flex-items-baseline">
-                    <div class="mr-2 flex-shrink-0 mb-3">
-                      {% include 'release-notes-category-label' %}
-                    </div>
+                <div class="container-xl">
+                  <p class="mt-3">{{ patch.intro }}</p>
 
-                    <ul class="flex-auto container-xl">
-                      {% for note in section.notes %}
-                        {% if note.note and note.note != '<p>n/a</p>' %}
-                          <li>
-                            {{ note.note }}
+                  {% for section in patch.sections %}
+                    <div class="release-notes-section-{{ section[0] }} py-6 d-block d-xl-flex flex-items-baseline {% unless forloop.last %}border-bottom{% endunless %}">
+                      <div class="mr-2 flex-shrink-0 mb-5 col-12 col-xl-3">
+                        {% include 'release-notes-category-label' %}
+                      </div>
+
+                      <ul class="flex-auto pl-3 pl-xl-0 release-notes-list">
+                        {% for note in section[1] %}
+                          <li class="release-notes-list-item {% if note.heading %}list-style-none{% endif %}">
+                            {% if note.heading %}
+                              {% include 'release-notes-heading' %}
+                              <ul class="pl-3 pb-4 mt-2 release-notes-list">
+                                {% for subNote in note.notes %}
+                                  <li class="release-notes-list-item">{{ subNote }}</li>
+                                {% endfor %}
+                              </ul>
+                            {% else %}
+                              {{ note }}
+                            {% endif %}
                           </li>
-                        {% endif %}
-                      {% endfor %}
-                    </ul>
-                  </div>
-                {% endfor %}
-              </details>
+                        {% endfor %}
+                      </ul>
+                    </div>
+                  {% endfor %}
+                </div>
+              </div>
             {% endfor %}
           </div>
+        </article>
 
-          <aside class="col-2 d-none d-md-block no-print">
-            <h3 class="f5">Patch versions</h3>
-            <ul>
-              {% for patch in releaseNotes %}
-                <li><a href="#{{ patch.version }}">{{ patch.version }}</a></li>
+        <aside class="markdown-body d-none d-md-block border-left no-print bg-white flex-shrink-0" style="width: 300px">
+          <nav class="position-sticky top-0">
+            <ul class="list-style-none pl-0 text-bold">
+              {% for release in releases %}
+                <li class="border-bottom">
+                  {% if release.patches %}
+                    <details class="my-0 details-reset release-notes-version-picker" aria-current="page" {% if release.version == allVersions[currentVersion].currentRelease %}open{% endif %}>
+                      <summary class="px-3 py-4 my-0 d-flex flex-items-center flex-justify-between">
+                        {{ release.version }}
+                        <div class="d-flex">
+                          <span class="text-gray-light text-mono text-small text-normal mr-1">{{ release.patches | size }} releases</span>
+                          {% octicon "chevron-down" %}
+                        </div>
+                      </summary>
+                      <ul class="bg-gray border-top list-style-none px-3 py-4 my-0">
+                        {% for patch in release.patches %}
+                          <li>
+                            <a
+                              href="/{{ currentLanguage }}/{{ allVersions[currentVersion].plan }}@{{ release.version }}/{{ currentProduct }}/release-notes#{{ patch.version }}"
+                              class="d-flex flex-items-center flex-justify-between">
+                              {{ patch.version }}
+                              <span class="text-gray-light text-mono text-small text-normal">{{ patch.date | date: "%B %d, %Y" }}</span>
+                            </a>
+                          </li>
+                        {% endfor %}
+                      </ul>
+                    </details>
+                  {% else %}
+                    <a href="/{{ currentLanguage }}/{{ allVersions[currentVersion].plan }}@{{ release.version }}/{{ currentProduct }}/release-notes" class="link-gray-dark no-underline px-3 py-4 my-0 d-flex flex-items-center flex-justify-between">
+                      {{ release.version }}
+                      {% octicon "link-external" %}
+                    </a>
+                  {% endif %}
+                </li>
               {% endfor %}
             </ul>
-          </aside>
-        </article>
+          </nav>
+        </aside>
       </div>
 
-      {% include support %}
-      {% include small-footer %}
+      <div class="border-top">
+        {% include small-footer %}
+      </div>
     </main>
   </body>
 </html>

lib/data-directory.js

@@ -2,10 +2,13 @@ const assert = require('assert')
 const fs = require('fs').promises
 const path = require('path')
 const walk = require('walk-sync')
+const { mapLimit } = require('async')
 const yaml = require('js-yaml')
 const { isRegExp, set } = require('lodash')
 const filenameToKey = require('./filename-to-key')
 
+const FILE_READ_LIMIT = 100
+
 module.exports = async function dataDirectory (dir, opts = {}) {
   const defaultOpts = {
     preprocess: (content) => { return content },
@@ -31,7 +34,7 @@ module.exports = async function dataDirectory (dir, opts = {}) {
   const data = {}
 
   // find YAML and Markdown files in the given directory, recursively
-  await Promise.all(walk(dir, { includeBasePath: true })
+  const filenames = walk(dir, { includeBasePath: true })
     .filter(filename => {
       // ignore files that match any of ignorePatterns regexes
       if (opts.ignorePatterns.some(pattern => pattern.test(filename))) return false
@@ -39,7 +42,10 @@ module.exports = async function dataDirectory (dir, opts = {}) {
       // ignore files that don't have a whitelisted file extension
       return opts.extensions.includes(path.extname(filename).toLowerCase())
     })
-    .map(async filename => {
+  await mapLimit(
+    filenames,
+    FILE_READ_LIMIT,
+    async filename => {
       // derive `foo.bar.baz` object key from `foo/bar/baz.yml` filename
       const key = filenameToKey(path.relative(dir, filename))
       const extension = path.extname(filename).toLowerCase()
@@ -62,7 +68,8 @@ module.exports = async function dataDirectory (dir, opts = {}) {
           set(data, key, fileContent)
           break
       }
-    }))
+    }
+  )
 
   return data
 }

lib/graphql/static/changelog.json

@@ -1,4 +1,17 @@
 [
+  {
+    "schemaChanges": [
+      {
+        "title": "The GraphQL schema includes these changes:",
+        "changes": [
+          "Field `hasVerifiedOwner` was added to object type `MarketplaceListing`"
+        ]
+      }
+    ],
+    "previewChanges": [],
+    "upcomingChanges": [],
+    "date": "2020-12-09"
+  },
   {
     "date": "2020-11-13",
     "schemaChanges": [

lib/graphql/static/schema-dotcom.json

@@ -21683,6 +21683,14 @@
           "kind": "scalars",
           "href": "/graphql/reference/scalars#boolean"
         },
+        {
+          "name": "hasVerifiedOwner",
+          "description": "<p>Whether the creator of the app is a verified org.</p>",
+          "type": "Boolean!",
+          "id": "boolean",
+          "kind": "scalars",
+          "href": "/graphql/reference/scalars#boolean"
+        },
         {
           "name": "howItWorks",
           "description": "<p>A technical description of how this app works with GitHub.</p>",

lib/page.js

@@ -29,14 +29,12 @@ class Page {
 
     const relativePath = slash(opts.relativePath)
     const fullPath = slash(path.join(opts.basePath, relativePath))
-    const raw = await fs.readFile(fullPath, 'utf8')
 
-    return new Page({ ...opts, relativePath, fullPath, raw })
-  }
-
-  static async exists (path) {
+    // Per https://nodejs.org/api/fs.html#fs_fs_exists_path_callback
+    // its better to read and handle errors than to check access/stats first
     try {
-      return await fs.stat(path)
+      const raw = await fs.readFile(fullPath, 'utf8')
+      return new Page({ ...opts, relativePath, fullPath, raw })
     } catch (err) {
       if (err.code === 'ENOENT') return false
       console.error(err)

lib/pages.js

@@ -2,18 +2,19 @@ const path = require('path')
 const walk = require('walk-sync').entries
 const Page = require('./page')
 const languages = require('./languages')
-const { mapLimit, filterLimit } = require('async')
-const FILE_READ_LIMIT = 500
+const { mapLimit } = require('async')
+
+const FILE_READ_LIMIT = 100
 
 async function loadPageList () {
   const pageList = []
 
   // load english pages
   const englishPath = path.join(__dirname, '..', languages.en.dir, 'content')
-  const englishPaths = walk(englishPath)
-    .filter(({ relativePath }) =>
-      relativePath.endsWith('.md') && !relativePath.includes('README')
-    )
+  const englishPaths = walk(englishPath, {
+    globs: ['**/*.md'],
+    ignore: ['**/README.md']
+  })
   const englishPages = await mapLimit(
     englishPaths,
     FILE_READ_LIMIT,
@@ -22,7 +23,7 @@ async function loadPageList () {
   pageList.push(...englishPages)
 
   // load matching pages in other languages
-  let localizedPaths = Object.values(languages)
+  const localizedPaths = Object.values(languages)
     .filter(({ code }) => code !== 'en')
     .map(language => {
       const basePath = path.join(__dirname, '..', language.dir, 'content')
@@ -34,18 +35,13 @@ async function loadPageList () {
       }))
     })
     .flat()
-  localizedPaths = await filterLimit(
-    localizedPaths,
-    FILE_READ_LIMIT,
-    async ({ localizedPath }) => Page.exists(localizedPath)
-  )
   const localizedPages = await mapLimit(
     localizedPaths,
     FILE_READ_LIMIT,
     async ({ basePath, relativePath, languageCode }) =>
       await Page.init({ basePath, relativePath, languageCode })
   )
-  pageList.push(...localizedPages)
+  pageList.push(...localizedPages.filter(Boolean))
 
   return pageList
 }

lib/path-utils.js

@@ -6,6 +6,8 @@ const allProducts = require('./all-products')
 const allVersions = require('./all-versions')
 const { getNewVersionedPath } = require('./old-versions-utils')
 
+const supportedVersions = new Set(Object.keys(allVersions))
+
 // construct appropriate versioned path for any given HREF
 function getVersionedPathWithoutLanguage (href, version) {
   // start clean without language code or trailing slash
@@ -24,7 +26,7 @@ function getVersionedPathWithoutLanguage (href, version) {
 
   // if the version found is not a currently supported version...
   let productObjectFromPath
-  if (!Object.keys(allVersions).includes(versionFromPath)) {
+  if (!supportedVersions.has(versionFromPath)) {
     // first check if the first segment is instead a current product;
     // example: /admin/foo or /desktop/foo
     productObjectFromPath = allProducts[versionFromPath]
@@ -71,11 +73,7 @@ function getPathWithLanguage (href, languageCode) {
 // remove the language from the given HREF
 // /articles/foo -> /en/articles/foo
 function getPathWithoutLanguage (href) {
-  const newHref = href.match(patterns.hasLanguageCode)
-    ? '/' + href.split('/').slice(2).join('/')
-    : href
-
-  return slash(newHref)
+  return slash(href.replace(patterns.hasLanguageCode, '/'))
 }
 
 function getPathWithoutVersion (href) {

lib/redirects/get-old-paths-from-permalink.js

@@ -56,7 +56,7 @@ module.exports = function getOldPathsFromPath (currentPath, languageCode, curren
 
   // ------ BEGIN MODERN VERSION FORMAT REPLACEMENTS ------//
   if (currentlySupportedVersions.includes(currentVersion) || versionSatisfiesRange(currentVersion, `>${lastReleaseWithLegacyFormat}`)) {
-    oldPaths.forEach(oldPath => {
+    (new Set(oldPaths)).forEach(oldPath => {
       // create old path /github from new path /free-pro-team@latest/github
       oldPaths.add(oldPath
         .replace(`/${nonEnterpriseDefaultVersion}`, ''))
@@ -107,19 +107,22 @@ module.exports = function getOldPathsFromPath (currentPath, languageCode, curren
   // ------ END MODERN VERSION FORMAT REPLACEMENTS ------//
 
   // For each old path added to the set above, do the following...
+  (new Set(oldPaths)).forEach(oldPath => {
+    // for English only, remove language code
+    if (languageCode === 'en') {
+      oldPaths.add(getPathWithoutLanguage(oldPath))
+    }
 
-  // add language code
-  oldPaths.forEach(oldPath => oldPaths.add(getPathWithLanguage(oldPath, languageCode)))
+    // add language code
+    oldPaths.add(getPathWithLanguage(oldPath, languageCode))
 
-  // for English only, remove language code
-  if (languageCode === 'en') {
-    oldPaths.forEach(oldPath => oldPaths.add(getPathWithoutLanguage(oldPath)))
-  }
+    // create /enterprise from /enterprise/latest
+    oldPaths.add(oldPath.replace(`/enterprise/${latest}`, '/enterprise'))
+  })
 
-  // create /enterprise from /enterprise/latest
-  oldPaths.forEach(oldPath => oldPaths.add(oldPath.replace(`/enterprise/${latest}`, '/enterprise')))
+  // exclude any empty old paths that may have been derived
+  oldPaths.delete('')
+  oldPaths.delete('/')
 
-  return Array.from(oldPaths)
-    // exclude any empty old paths that may have been derived
-    .filter(oldPath => oldPath !== '' && oldPath !== '/')
+  return oldPaths
 }

lib/release-notes-schema.js

@@ -1,8 +1,32 @@
+const section = {
+  anyOf: [
+    {
+      type: 'array',
+      items: { type: 'string' },
+      minItems: 1
+    },
+    {
+      type: 'object',
+      properties: {
+        heading: {
+          type: 'string',
+          required: true
+        },
+        notes: {
+          type: 'array',
+          items: { type: 'string' },
+          required: true,
+          minItems: 1
+        }
+      }
+    }
+  ]
+}
+
 module.exports = {
   properties: {
     intro: {
-      type: 'string',
-      required: true
+      type: 'string'
     },
     date: {
       type: 'string',
@@ -13,22 +37,18 @@ module.exports = {
       type: 'boolean',
       default: false
     },
-    notes: {
+    sections: {
       required: true,
-      type: 'array',
-      items: {
-        type: 'object',
-        properties: {
-          note: {
-            type: 'string',
-            required: true
-          },
-          type: {
-            type: 'string',
-            required: true
-          }
-        }
-      }
+      type: 'object',
+      minProperties: 1,
+      properties: [
+        'bugs',
+        'known_issues',
+        'features',
+        'changes',
+        'deprecations',
+        'security_fixes'
+      ].reduce((prev, curr) => ({ ...prev, [curr]: section }), {})
     }
   }
 }

lib/render-content/index.js

@@ -1,3 +1,4 @@
+const GithubSlugger = require('github-slugger')
 const renderContent = require('./renderContent')
 const { ExtendedMarkdown, tags } = require('../liquid-tags/extended-markdown')
 
@@ -33,6 +34,13 @@ renderContent.liquid.registerFilters({
    */
   version_num: (input) => {
     return input.split('@')[1]
+  },
+  /**
+   * Convert the input to a slug
+   */
+  slugify: (input) => {
+    const slugger = new GithubSlugger()
+    return slugger.slug(input)
   }
 })
 

lib/rest/static/decorated/api.github.com.json

@@ -49098,11 +49098,11 @@
               },
               "base_tree": {
                 "type": "string",
-                "description": "<p>The SHA1 of the tree you want to update with new data. If you don't set this, the commit will be created on top of everything; however, it will only contain your change, the rest of your files will show up as deleted.</p>",
+                "description": "<p>The SHA1 of an existing Git tree object which will be used as the base for the new tree. If provided, a new Git tree object will be created from entries in the Git tree object pointed to by <code>base_tree</code> and entries defined in the <code>tree</code> parameter. Entries defined in the <code>tree</code> parameter will overwrite items from <code>base_tree</code> with the same <code>path</code>. If you're creating new changes on a branch, then normally you'd set <code>base_tree</code> to the SHA1 of the Git tree object of the current latest commit on the branch you're working on.\nIf not provided, GitHub will create a new Git tree object from only the entries defined in the <code>tree</code> parameter. If you create a new commit pointing to such a tree, then all files which were a part of the parent commit's tree and were not defined in the <code>tree</code> parameter will be listed as deleted by the new commit.</p>",
                 "name": "base_tree",
                 "in": "body",
                 "rawType": "string",
-                "rawDescription": "The SHA1 of the tree you want to update with new data. If you don't set this, the commit will be created on top of everything; however, it will only contain your change, the rest of your files will show up as deleted.",
+                "rawDescription": "The SHA1 of an existing Git tree object which will be used as the base for the new tree. If provided, a new Git tree object will be created from entries in the Git tree object pointed to by `base_tree` and entries defined in the `tree` parameter. Entries defined in the `tree` parameter will overwrite items from `base_tree` with the same `path`. If you're creating new changes on a branch, then normally you'd set `base_tree` to the SHA1 of the Git tree object of the current latest commit on the branch you're working on.\nIf not provided, GitHub will create a new Git tree object from only the entries defined in the `tree` parameter. If you create a new commit pointing to such a tree, then all files which were a part of the parent commit's tree and were not defined in the `tree` parameter will be listed as deleted by the new commit.\n",
                 "childParamsGroups": []
               }
             },
@@ -49302,11 +49302,11 @@
       },
       {
         "type": "string",
-        "description": "<p>The SHA1 of the tree you want to update with new data. If you don't set this, the commit will be created on top of everything; however, it will only contain your change, the rest of your files will show up as deleted.</p>",
+        "description": "<p>The SHA1 of an existing Git tree object which will be used as the base for the new tree. If provided, a new Git tree object will be created from entries in the Git tree object pointed to by <code>base_tree</code> and entries defined in the <code>tree</code> parameter. Entries defined in the <code>tree</code> parameter will overwrite items from <code>base_tree</code> with the same <code>path</code>. If you're creating new changes on a branch, then normally you'd set <code>base_tree</code> to the SHA1 of the Git tree object of the current latest commit on the branch you're working on.\nIf not provided, GitHub will create a new Git tree object from only the entries defined in the <code>tree</code> parameter. If you create a new commit pointing to such a tree, then all files which were a part of the parent commit's tree and were not defined in the <code>tree</code> parameter will be listed as deleted by the new commit.</p>",
         "name": "base_tree",
         "in": "body",
         "rawType": "string",
-        "rawDescription": "The SHA1 of the tree you want to update with new data. If you don't set this, the commit will be created on top of everything; however, it will only contain your change, the rest of your files will show up as deleted.",
+        "rawDescription": "The SHA1 of an existing Git tree object which will be used as the base for the new tree. If provided, a new Git tree object will be created from entries in the Git tree object pointed to by `base_tree` and entries defined in the `tree` parameter. Entries defined in the `tree` parameter will overwrite items from `base_tree` with the same `path`. If you're creating new changes on a branch, then normally you'd set `base_tree` to the SHA1 of the Git tree object of the current latest commit on the branch you're working on.\nIf not provided, GitHub will create a new Git tree object from only the entries defined in the `tree` parameter. If you create a new commit pointing to such a tree, then all files which were a part of the parent commit's tree and were not defined in the `tree` parameter will be listed as deleted by the new commit.\n",
         "childParamsGroups": []
       }
     ]
@@ -80855,7 +80855,7 @@
         "httpStatusCode": "200",
         "httpStatusMessage": "OK",
         "description": "Default response",
-        "payload": "<pre><code class=\"hljs language-json\">[\n  {\n    <span class=\"hljs-attr\">\"billing_cycle\"</span>: <span class=\"hljs-string\">\"monthly\"</span>,\n    <span class=\"hljs-attr\">\"next_billing_date\"</span>: <span class=\"hljs-string\">\"2017-11-11T00:00:00Z\"</span>,\n    <span class=\"hljs-attr\">\"unit_count\"</span>: <span class=\"hljs-literal\">null</span>,\n    <span class=\"hljs-attr\">\"on_free_trial\"</span>: <span class=\"hljs-literal\">true</span>,\n    <span class=\"hljs-attr\">\"free_trial_ends_on\"</span>: <span class=\"hljs-string\">\"2017-11-11T00:00:00Z\"</span>,\n    <span class=\"hljs-attr\">\"updated_at\"</span>: <span class=\"hljs-string\">\"2017-11-02T01:12:12Z\"</span>,\n    <span class=\"hljs-attr\">\"account\"</span>: {\n      <span class=\"hljs-attr\">\"login\"</span>: <span class=\"hljs-string\">\"github\"</span>,\n      <span class=\"hljs-attr\">\"id\"</span>: <span class=\"hljs-number\">4</span>,\n      <span class=\"hljs-attr\">\"url\"</span>: <span class=\"hljs-string\">\"https://api.github.com/orgs/github\"</span>,\n      <span class=\"hljs-attr\">\"email\"</span>: <span class=\"hljs-literal\">null</span>,\n      <span class=\"hljs-attr\">\"organization_billing_email\"</span>: <span class=\"hljs-string\">\"billing@github.com\"</span>,\n      <span class=\"hljs-attr\">\"type\"</span>: <span class=\"hljs-string\">\"Organization\"</span>\n    },\n    <span class=\"hljs-attr\">\"plan\"</span>: {\n      <span class=\"hljs-attr\">\"url\"</span>: <span class=\"hljs-string\">\"https://api.github.com/marketplace_listing/plans/1313\"</span>,\n      <span class=\"hljs-attr\">\"accounts_url\"</span>: <span class=\"hljs-string\">\"https://api.github.com/marketplace_listing/plans/1313/accounts\"</span>,\n      <span class=\"hljs-attr\">\"id\"</span>: <span class=\"hljs-number\">1313</span>,\n      <span class=\"hljs-attr\">\"number\"</span>: <span class=\"hljs-number\">3</span>,\n      <span class=\"hljs-attr\">\"name\"</span>: <span class=\"hljs-string\">\"Pro\"</span>,\n      <span class=\"hljs-attr\">\"description\"</span>: <span class=\"hljs-string\">\"A professional-grade CI solution\"</span>,\n      <span class=\"hljs-attr\">\"monthly_price_in_cents\"</span>: <span class=\"hljs-number\">1099</span>,\n      <span class=\"hljs-attr\">\"yearly_price_in_cents\"</span>: <span class=\"hljs-number\">11870</span>,\n      <span class=\"hljs-attr\">\"price_model\"</span>: <span class=\"hljs-string\">\"flat-rate\"</span>,\n      <span class=\"hljs-attr\">\"has_free_trial\"</span>: <span class=\"hljs-literal\">true</span>,\n      <span class=\"hljs-attr\">\"unit_name\"</span>: <span class=\"hljs-literal\">null</span>,\n      <span class=\"hljs-attr\">\"state\"</span>: <span class=\"hljs-string\">\"published\"</span>,\n      <span class=\"hljs-attr\">\"bullets\"</span>: [\n        <span class=\"hljs-string\">\"Up to 25 private repositories\"</span>,\n        <span class=\"hljs-string\">\"11 concurrent builds\"</span>\n      ]\n    }\n  }\n]\n</code></pre>"
+        "payload": "<pre><code class=\"hljs language-json\">[\n  {\n    <span class=\"hljs-attr\">\"billing_cycle\"</span>: <span class=\"hljs-string\">\"monthly\"</span>,\n    <span class=\"hljs-attr\">\"next_billing_date\"</span>: <span class=\"hljs-string\">\"2017-11-11T00:00:00Z\"</span>,\n    <span class=\"hljs-attr\">\"unit_count\"</span>: <span class=\"hljs-literal\">null</span>,\n    <span class=\"hljs-attr\">\"on_free_trial\"</span>: <span class=\"hljs-literal\">true</span>,\n    <span class=\"hljs-attr\">\"free_trial_ends_on\"</span>: <span class=\"hljs-string\">\"2017-11-11T00:00:00Z\"</span>,\n    <span class=\"hljs-attr\">\"updated_at\"</span>: <span class=\"hljs-string\">\"2017-11-02T01:12:12Z\"</span>,\n    <span class=\"hljs-attr\">\"account\"</span>: {\n      <span class=\"hljs-attr\">\"login\"</span>: <span class=\"hljs-string\">\"github\"</span>,\n      <span class=\"hljs-attr\">\"id\"</span>: <span class=\"hljs-number\">4</span>,\n      <span class=\"hljs-attr\">\"node_id\"</span>: <span class=\"hljs-string\">\"MDEyOk9yZ2FuaXphdGlvbjE=\"</span>,\n      <span class=\"hljs-attr\">\"url\"</span>: <span class=\"hljs-string\">\"https://api.github.com/orgs/github\"</span>,\n      <span class=\"hljs-attr\">\"email\"</span>: <span class=\"hljs-literal\">null</span>,\n      <span class=\"hljs-attr\">\"organization_billing_email\"</span>: <span class=\"hljs-string\">\"billing@github.com\"</span>,\n      <span class=\"hljs-attr\">\"type\"</span>: <span class=\"hljs-string\">\"Organization\"</span>\n    },\n    <span class=\"hljs-attr\">\"plan\"</span>: {\n      <span class=\"hljs-attr\">\"url\"</span>: <span class=\"hljs-string\">\"https://api.github.com/marketplace_listing/plans/1313\"</span>,\n      <span class=\"hljs-attr\">\"accounts_url\"</span>: <span class=\"hljs-string\">\"https://api.github.com/marketplace_listing/plans/1313/accounts\"</span>,\n      <span class=\"hljs-attr\">\"id\"</span>: <span class=\"hljs-number\">1313</span>,\n      <span class=\"hljs-attr\">\"number\"</span>: <span class=\"hljs-number\">3</span>,\n      <span class=\"hljs-attr\">\"name\"</span>: <span class=\"hljs-string\">\"Pro\"</span>,\n      <span class=\"hljs-attr\">\"description\"</span>: <span class=\"hljs-string\">\"A professional-grade CI solution\"</span>,\n      <span class=\"hljs-attr\">\"monthly_price_in_cents\"</span>: <span class=\"hljs-number\">1099</span>,\n      <span class=\"hljs-attr\">\"yearly_price_in_cents\"</span>: <span class=\"hljs-number\">11870</span>,\n      <span class=\"hljs-attr\">\"price_model\"</span>: <span class=\"hljs-string\">\"flat-rate\"</span>,\n      <span class=\"hljs-attr\">\"has_free_trial\"</span>: <span class=\"hljs-literal\">true</span>,\n      <span class=\"hljs-attr\">\"unit_name\"</span>: <span class=\"hljs-literal\">null</span>,\n      <span class=\"hljs-attr\">\"state\"</span>: <span class=\"hljs-string\">\"published\"</span>,\n      <span class=\"hljs-attr\">\"bullets\"</span>: [\n        <span class=\"hljs-string\">\"Up to 25 private repositories\"</span>,\n        <span class=\"hljs-string\">\"11 concurrent builds\"</span>\n      ]\n    }\n  }\n]\n</code></pre>"
       },
       {
         "httpStatusCode": "304",
@@ -80942,7 +80942,7 @@
         "httpStatusCode": "200",
         "httpStatusMessage": "OK",
         "description": "Default response",
-        "payload": "<pre><code class=\"hljs language-json\">[\n  {\n    <span class=\"hljs-attr\">\"billing_cycle\"</span>: <span class=\"hljs-string\">\"monthly\"</span>,\n    <span class=\"hljs-attr\">\"next_billing_date\"</span>: <span class=\"hljs-string\">\"2017-11-11T00:00:00Z\"</span>,\n    <span class=\"hljs-attr\">\"unit_count\"</span>: <span class=\"hljs-literal\">null</span>,\n    <span class=\"hljs-attr\">\"on_free_trial\"</span>: <span class=\"hljs-literal\">true</span>,\n    <span class=\"hljs-attr\">\"free_trial_ends_on\"</span>: <span class=\"hljs-string\">\"2017-11-11T00:00:00Z\"</span>,\n    <span class=\"hljs-attr\">\"updated_at\"</span>: <span class=\"hljs-string\">\"2017-11-02T01:12:12Z\"</span>,\n    <span class=\"hljs-attr\">\"account\"</span>: {\n      <span class=\"hljs-attr\">\"login\"</span>: <span class=\"hljs-string\">\"github\"</span>,\n      <span class=\"hljs-attr\">\"id\"</span>: <span class=\"hljs-number\">4</span>,\n      <span class=\"hljs-attr\">\"url\"</span>: <span class=\"hljs-string\">\"https://api.github.com/orgs/github\"</span>,\n      <span class=\"hljs-attr\">\"email\"</span>: <span class=\"hljs-literal\">null</span>,\n      <span class=\"hljs-attr\">\"organization_billing_email\"</span>: <span class=\"hljs-string\">\"billing@github.com\"</span>,\n      <span class=\"hljs-attr\">\"type\"</span>: <span class=\"hljs-string\">\"Organization\"</span>\n    },\n    <span class=\"hljs-attr\">\"plan\"</span>: {\n      <span class=\"hljs-attr\">\"url\"</span>: <span class=\"hljs-string\">\"https://api.github.com/marketplace_listing/plans/1313\"</span>,\n      <span class=\"hljs-attr\">\"accounts_url\"</span>: <span class=\"hljs-string\">\"https://api.github.com/marketplace_listing/plans/1313/accounts\"</span>,\n      <span class=\"hljs-attr\">\"id\"</span>: <span class=\"hljs-number\">1313</span>,\n      <span class=\"hljs-attr\">\"number\"</span>: <span class=\"hljs-number\">3</span>,\n      <span class=\"hljs-attr\">\"name\"</span>: <span class=\"hljs-string\">\"Pro\"</span>,\n      <span class=\"hljs-attr\">\"description\"</span>: <span class=\"hljs-string\">\"A professional-grade CI solution\"</span>,\n      <span class=\"hljs-attr\">\"monthly_price_in_cents\"</span>: <span class=\"hljs-number\">1099</span>,\n      <span class=\"hljs-attr\">\"yearly_price_in_cents\"</span>: <span class=\"hljs-number\">11870</span>,\n      <span class=\"hljs-attr\">\"price_model\"</span>: <span class=\"hljs-string\">\"flat-rate\"</span>,\n      <span class=\"hljs-attr\">\"has_free_trial\"</span>: <span class=\"hljs-literal\">true</span>,\n      <span class=\"hljs-attr\">\"unit_name\"</span>: <span class=\"hljs-literal\">null</span>,\n      <span class=\"hljs-attr\">\"state\"</span>: <span class=\"hljs-string\">\"published\"</span>,\n      <span class=\"hljs-attr\">\"bullets\"</span>: [\n        <span class=\"hljs-string\">\"Up to 25 private repositories\"</span>,\n        <span class=\"hljs-string\">\"11 concurrent builds\"</span>\n      ]\n    }\n  }\n]\n</code></pre>"
+        "payload": "<pre><code class=\"hljs language-json\">[\n  {\n    <span class=\"hljs-attr\">\"billing_cycle\"</span>: <span class=\"hljs-string\">\"monthly\"</span>,\n    <span class=\"hljs-attr\">\"next_billing_date\"</span>: <span class=\"hljs-string\">\"2017-11-11T00:00:00Z\"</span>,\n    <span class=\"hljs-attr\">\"unit_count\"</span>: <span class=\"hljs-literal\">null</span>,\n    <span class=\"hljs-attr\">\"on_free_trial\"</span>: <span class=\"hljs-literal\">true</span>,\n    <span class=\"hljs-attr\">\"free_trial_ends_on\"</span>: <span class=\"hljs-string\">\"2017-11-11T00:00:00Z\"</span>,\n    <span class=\"hljs-attr\">\"updated_at\"</span>: <span class=\"hljs-string\">\"2017-11-02T01:12:12Z\"</span>,\n    <span class=\"hljs-attr\">\"account\"</span>: {\n      <span class=\"hljs-attr\">\"login\"</span>: <span class=\"hljs-string\">\"github\"</span>,\n      <span class=\"hljs-attr\">\"id\"</span>: <span class=\"hljs-number\">4</span>,\n      <span class=\"hljs-attr\">\"node_id\"</span>: <span class=\"hljs-string\">\"MDEyOk9yZ2FuaXphdGlvbjE=\"</span>,\n      <span class=\"hljs-attr\">\"url\"</span>: <span class=\"hljs-string\">\"https://api.github.com/orgs/github\"</span>,\n      <span class=\"hljs-attr\">\"email\"</span>: <span class=\"hljs-literal\">null</span>,\n      <span class=\"hljs-attr\">\"organization_billing_email\"</span>: <span class=\"hljs-string\">\"billing@github.com\"</span>,\n      <span class=\"hljs-attr\">\"type\"</span>: <span class=\"hljs-string\">\"Organization\"</span>\n    },\n    <span class=\"hljs-attr\">\"plan\"</span>: {\n      <span class=\"hljs-attr\">\"url\"</span>: <span class=\"hljs-string\">\"https://api.github.com/marketplace_listing/plans/1313\"</span>,\n      <span class=\"hljs-attr\">\"accounts_url\"</span>: <span class=\"hljs-string\">\"https://api.github.com/marketplace_listing/plans/1313/accounts\"</span>,\n      <span class=\"hljs-attr\">\"id\"</span>: <span class=\"hljs-number\">1313</span>,\n      <span class=\"hljs-attr\">\"number\"</span>: <span class=\"hljs-number\">3</span>,\n      <span class=\"hljs-attr\">\"name\"</span>: <span class=\"hljs-string\">\"Pro\"</span>,\n      <span class=\"hljs-attr\">\"description\"</span>: <span class=\"hljs-string\">\"A professional-grade CI solution\"</span>,\n      <span class=\"hljs-attr\">\"monthly_price_in_cents\"</span>: <span class=\"hljs-number\">1099</span>,\n      <span class=\"hljs-attr\">\"yearly_price_in_cents\"</span>: <span class=\"hljs-number\">11870</span>,\n      <span class=\"hljs-attr\">\"price_model\"</span>: <span class=\"hljs-string\">\"flat-rate\"</span>,\n      <span class=\"hljs-attr\">\"has_free_trial\"</span>: <span class=\"hljs-literal\">true</span>,\n      <span class=\"hljs-attr\">\"unit_name\"</span>: <span class=\"hljs-literal\">null</span>,\n      <span class=\"hljs-attr\">\"state\"</span>: <span class=\"hljs-string\">\"published\"</span>,\n      <span class=\"hljs-attr\">\"bullets\"</span>: [\n        <span class=\"hljs-string\">\"Up to 25 private repositories\"</span>,\n        <span class=\"hljs-string\">\"11 concurrent builds\"</span>\n      ]\n    }\n  }\n]\n</code></pre>"
       },
       {
         "httpStatusCode": "304",

lib/rest/static/decorated/ghes-2.18.json

@@ -34324,11 +34324,11 @@
               },
               "base_tree": {
                 "type": "string",
-                "description": "<p>The SHA1 of the tree you want to update with new data. If you don't set this, the commit will be created on top of everything; however, it will only contain your change, the rest of your files will show up as deleted.</p>",
+                "description": "<p>The SHA1 of an existing Git tree object which will be used as the base for the new tree. If provided, a new Git tree object will be created from entries in the Git tree object pointed to by <code>base_tree</code> and entries defined in the <code>tree</code> parameter. Entries defined in the <code>tree</code> parameter will overwrite items from <code>base_tree</code> with the same <code>path</code>. If you're creating new changes on a branch, then normally you'd set <code>base_tree</code> to the SHA1 of the Git tree object of the current latest commit on the branch you're working on.\nIf not provided, GitHub will create a new Git tree object from only the entries defined in the <code>tree</code> parameter. If you create a new commit pointing to such a tree, then all files which were a part of the parent commit's tree and were not defined in the <code>tree</code> parameter will be listed as deleted by the new commit.</p>",
                 "name": "base_tree",
                 "in": "body",
                 "rawType": "string",
-                "rawDescription": "The SHA1 of the tree you want to update with new data. If you don't set this, the commit will be created on top of everything; however, it will only contain your change, the rest of your files will show up as deleted.",
+                "rawDescription": "The SHA1 of an existing Git tree object which will be used as the base for the new tree. If provided, a new Git tree object will be created from entries in the Git tree object pointed to by `base_tree` and entries defined in the `tree` parameter. Entries defined in the `tree` parameter will overwrite items from `base_tree` with the same `path`. If you're creating new changes on a branch, then normally you'd set `base_tree` to the SHA1 of the Git tree object of the current latest commit on the branch you're working on.\nIf not provided, GitHub will create a new Git tree object from only the entries defined in the `tree` parameter. If you create a new commit pointing to such a tree, then all files which were a part of the parent commit's tree and were not defined in the `tree` parameter will be listed as deleted by the new commit.\n",
                 "childParamsGroups": []
               }
             },
@@ -34528,11 +34528,11 @@
       },
       {
         "type": "string",
-        "description": "<p>The SHA1 of the tree you want to update with new data. If you don't set this, the commit will be created on top of everything; however, it will only contain your change, the rest of your files will show up as deleted.</p>",
+        "description": "<p>The SHA1 of an existing Git tree object which will be used as the base for the new tree. If provided, a new Git tree object will be created from entries in the Git tree object pointed to by <code>base_tree</code> and entries defined in the <code>tree</code> parameter. Entries defined in the <code>tree</code> parameter will overwrite items from <code>base_tree</code> with the same <code>path</code>. If you're creating new changes on a branch, then normally you'd set <code>base_tree</code> to the SHA1 of the Git tree object of the current latest commit on the branch you're working on.\nIf not provided, GitHub will create a new Git tree object from only the entries defined in the <code>tree</code> parameter. If you create a new commit pointing to such a tree, then all files which were a part of the parent commit's tree and were not defined in the <code>tree</code> parameter will be listed as deleted by the new commit.</p>",
         "name": "base_tree",
         "in": "body",
         "rawType": "string",
-        "rawDescription": "The SHA1 of the tree you want to update with new data. If you don't set this, the commit will be created on top of everything; however, it will only contain your change, the rest of your files will show up as deleted.",
+        "rawDescription": "The SHA1 of an existing Git tree object which will be used as the base for the new tree. If provided, a new Git tree object will be created from entries in the Git tree object pointed to by `base_tree` and entries defined in the `tree` parameter. Entries defined in the `tree` parameter will overwrite items from `base_tree` with the same `path`. If you're creating new changes on a branch, then normally you'd set `base_tree` to the SHA1 of the Git tree object of the current latest commit on the branch you're working on.\nIf not provided, GitHub will create a new Git tree object from only the entries defined in the `tree` parameter. If you create a new commit pointing to such a tree, then all files which were a part of the parent commit's tree and were not defined in the `tree` parameter will be listed as deleted by the new commit.\n",
         "childParamsGroups": []
       }
     ]

lib/rest/static/decorated/ghes-2.19.json

@@ -34983,11 +34983,11 @@
               },
               "base_tree": {
                 "type": "string",
-                "description": "<p>The SHA1 of the tree you want to update with new data. If you don't set this, the commit will be created on top of everything; however, it will only contain your change, the rest of your files will show up as deleted.</p>",
+                "description": "<p>The SHA1 of an existing Git tree object which will be used as the base for the new tree. If provided, a new Git tree object will be created from entries in the Git tree object pointed to by <code>base_tree</code> and entries defined in the <code>tree</code> parameter. Entries defined in the <code>tree</code> parameter will overwrite items from <code>base_tree</code> with the same <code>path</code>. If you're creating new changes on a branch, then normally you'd set <code>base_tree</code> to the SHA1 of the Git tree object of the current latest commit on the branch you're working on.\nIf not provided, GitHub will create a new Git tree object from only the entries defined in the <code>tree</code> parameter. If you create a new commit pointing to such a tree, then all files which were a part of the parent commit's tree and were not defined in the <code>tree</code> parameter will be listed as deleted by the new commit.</p>",
                 "name": "base_tree",
                 "in": "body",
                 "rawType": "string",
-                "rawDescription": "The SHA1 of the tree you want to update with new data. If you don't set this, the commit will be created on top of everything; however, it will only contain your change, the rest of your files will show up as deleted.",
+                "rawDescription": "The SHA1 of an existing Git tree object which will be used as the base for the new tree. If provided, a new Git tree object will be created from entries in the Git tree object pointed to by `base_tree` and entries defined in the `tree` parameter. Entries defined in the `tree` parameter will overwrite items from `base_tree` with the same `path`. If you're creating new changes on a branch, then normally you'd set `base_tree` to the SHA1 of the Git tree object of the current latest commit on the branch you're working on.\nIf not provided, GitHub will create a new Git tree object from only the entries defined in the `tree` parameter. If you create a new commit pointing to such a tree, then all files which were a part of the parent commit's tree and were not defined in the `tree` parameter will be listed as deleted by the new commit.\n",
                 "childParamsGroups": []
               }
             },
@@ -35187,11 +35187,11 @@
       },
       {
         "type": "string",
-        "description": "<p>The SHA1 of the tree you want to update with new data. If you don't set this, the commit will be created on top of everything; however, it will only contain your change, the rest of your files will show up as deleted.</p>",
+        "description": "<p>The SHA1 of an existing Git tree object which will be used as the base for the new tree. If provided, a new Git tree object will be created from entries in the Git tree object pointed to by <code>base_tree</code> and entries defined in the <code>tree</code> parameter. Entries defined in the <code>tree</code> parameter will overwrite items from <code>base_tree</code> with the same <code>path</code>. If you're creating new changes on a branch, then normally you'd set <code>base_tree</code> to the SHA1 of the Git tree object of the current latest commit on the branch you're working on.\nIf not provided, GitHub will create a new Git tree object from only the entries defined in the <code>tree</code> parameter. If you create a new commit pointing to such a tree, then all files which were a part of the parent commit's tree and were not defined in the <code>tree</code> parameter will be listed as deleted by the new commit.</p>",
         "name": "base_tree",
         "in": "body",
         "rawType": "string",
-        "rawDescription": "The SHA1 of the tree you want to update with new data. If you don't set this, the commit will be created on top of everything; however, it will only contain your change, the rest of your files will show up as deleted.",
+        "rawDescription": "The SHA1 of an existing Git tree object which will be used as the base for the new tree. If provided, a new Git tree object will be created from entries in the Git tree object pointed to by `base_tree` and entries defined in the `tree` parameter. Entries defined in the `tree` parameter will overwrite items from `base_tree` with the same `path`. If you're creating new changes on a branch, then normally you'd set `base_tree` to the SHA1 of the Git tree object of the current latest commit on the branch you're working on.\nIf not provided, GitHub will create a new Git tree object from only the entries defined in the `tree` parameter. If you create a new commit pointing to such a tree, then all files which were a part of the parent commit's tree and were not defined in the `tree` parameter will be listed as deleted by the new commit.\n",
         "childParamsGroups": []
       }
     ]

lib/rest/static/decorated/ghes-2.20.json

@@ -35450,11 +35450,11 @@
               },
               "base_tree": {
                 "type": "string",
-                "description": "<p>The SHA1 of the tree you want to update with new data. If you don't set this, the commit will be created on top of everything; however, it will only contain your change, the rest of your files will show up as deleted.</p>",
+                "description": "<p>The SHA1 of an existing Git tree object which will be used as the base for the new tree. If provided, a new Git tree object will be created from entries in the Git tree object pointed to by <code>base_tree</code> and entries defined in the <code>tree</code> parameter. Entries defined in the <code>tree</code> parameter will overwrite items from <code>base_tree</code> with the same <code>path</code>. If you're creating new changes on a branch, then normally you'd set <code>base_tree</code> to the SHA1 of the Git tree object of the current latest commit on the branch you're working on.\nIf not provided, GitHub will create a new Git tree object from only the entries defined in the <code>tree</code> parameter. If you create a new commit pointing to such a tree, then all files which were a part of the parent commit's tree and were not defined in the <code>tree</code> parameter will be listed as deleted by the new commit.</p>",
                 "name": "base_tree",
                 "in": "body",
                 "rawType": "string",
-                "rawDescription": "The SHA1 of the tree you want to update with new data. If you don't set this, the commit will be created on top of everything; however, it will only contain your change, the rest of your files will show up as deleted.",
+                "rawDescription": "The SHA1 of an existing Git tree object which will be used as the base for the new tree. If provided, a new Git tree object will be created from entries in the Git tree object pointed to by `base_tree` and entries defined in the `tree` parameter. Entries defined in the `tree` parameter will overwrite items from `base_tree` with the same `path`. If you're creating new changes on a branch, then normally you'd set `base_tree` to the SHA1 of the Git tree object of the current latest commit on the branch you're working on.\nIf not provided, GitHub will create a new Git tree object from only the entries defined in the `tree` parameter. If you create a new commit pointing to such a tree, then all files which were a part of the parent commit's tree and were not defined in the `tree` parameter will be listed as deleted by the new commit.\n",
                 "childParamsGroups": []
               }
             },
@@ -35654,11 +35654,11 @@
       },
       {
         "type": "string",
-        "description": "<p>The SHA1 of the tree you want to update with new data. If you don't set this, the commit will be created on top of everything; however, it will only contain your change, the rest of your files will show up as deleted.</p>",
+        "description": "<p>The SHA1 of an existing Git tree object which will be used as the base for the new tree. If provided, a new Git tree object will be created from entries in the Git tree object pointed to by <code>base_tree</code> and entries defined in the <code>tree</code> parameter. Entries defined in the <code>tree</code> parameter will overwrite items from <code>base_tree</code> with the same <code>path</code>. If you're creating new changes on a branch, then normally you'd set <code>base_tree</code> to the SHA1 of the Git tree object of the current latest commit on the branch you're working on.\nIf not provided, GitHub will create a new Git tree object from only the entries defined in the <code>tree</code> parameter. If you create a new commit pointing to such a tree, then all files which were a part of the parent commit's tree and were not defined in the <code>tree</code> parameter will be listed as deleted by the new commit.</p>",
         "name": "base_tree",
         "in": "body",
         "rawType": "string",
-        "rawDescription": "The SHA1 of the tree you want to update with new data. If you don't set this, the commit will be created on top of everything; however, it will only contain your change, the rest of your files will show up as deleted.",
+        "rawDescription": "The SHA1 of an existing Git tree object which will be used as the base for the new tree. If provided, a new Git tree object will be created from entries in the Git tree object pointed to by `base_tree` and entries defined in the `tree` parameter. Entries defined in the `tree` parameter will overwrite items from `base_tree` with the same `path`. If you're creating new changes on a branch, then normally you'd set `base_tree` to the SHA1 of the Git tree object of the current latest commit on the branch you're working on.\nIf not provided, GitHub will create a new Git tree object from only the entries defined in the `tree` parameter. If you create a new commit pointing to such a tree, then all files which were a part of the parent commit's tree and were not defined in the `tree` parameter will be listed as deleted by the new commit.\n",
         "childParamsGroups": []
       }
     ]

lib/rest/static/decorated/ghes-2.21.json

@@ -39099,11 +39099,11 @@
               },
               "base_tree": {
                 "type": "string",
-                "description": "<p>The SHA1 of the tree you want to update with new data. If you don't set this, the commit will be created on top of everything; however, it will only contain your change, the rest of your files will show up as deleted.</p>",
+                "description": "<p>The SHA1 of an existing Git tree object which will be used as the base for the new tree. If provided, a new Git tree object will be created from entries in the Git tree object pointed to by <code>base_tree</code> and entries defined in the <code>tree</code> parameter. Entries defined in the <code>tree</code> parameter will overwrite items from <code>base_tree</code> with the same <code>path</code>. If you're creating new changes on a branch, then normally you'd set <code>base_tree</code> to the SHA1 of the Git tree object of the current latest commit on the branch you're working on.\nIf not provided, GitHub will create a new Git tree object from only the entries defined in the <code>tree</code> parameter. If you create a new commit pointing to such a tree, then all files which were a part of the parent commit's tree and were not defined in the <code>tree</code> parameter will be listed as deleted by the new commit.</p>",
                 "name": "base_tree",
                 "in": "body",
                 "rawType": "string",
-                "rawDescription": "The SHA1 of the tree you want to update with new data. If you don't set this, the commit will be created on top of everything; however, it will only contain your change, the rest of your files will show up as deleted.",
+                "rawDescription": "The SHA1 of an existing Git tree object which will be used as the base for the new tree. If provided, a new Git tree object will be created from entries in the Git tree object pointed to by `base_tree` and entries defined in the `tree` parameter. Entries defined in the `tree` parameter will overwrite items from `base_tree` with the same `path`. If you're creating new changes on a branch, then normally you'd set `base_tree` to the SHA1 of the Git tree object of the current latest commit on the branch you're working on.\nIf not provided, GitHub will create a new Git tree object from only the entries defined in the `tree` parameter. If you create a new commit pointing to such a tree, then all files which were a part of the parent commit's tree and were not defined in the `tree` parameter will be listed as deleted by the new commit.\n",
                 "childParamsGroups": []
               }
             },
@@ -39303,11 +39303,11 @@
       },
       {
         "type": "string",
-        "description": "<p>The SHA1 of the tree you want to update with new data. If you don't set this, the commit will be created on top of everything; however, it will only contain your change, the rest of your files will show up as deleted.</p>",
+        "description": "<p>The SHA1 of an existing Git tree object which will be used as the base for the new tree. If provided, a new Git tree object will be created from entries in the Git tree object pointed to by <code>base_tree</code> and entries defined in the <code>tree</code> parameter. Entries defined in the <code>tree</code> parameter will overwrite items from <code>base_tree</code> with the same <code>path</code>. If you're creating new changes on a branch, then normally you'd set <code>base_tree</code> to the SHA1 of the Git tree object of the current latest commit on the branch you're working on.\nIf not provided, GitHub will create a new Git tree object from only the entries defined in the <code>tree</code> parameter. If you create a new commit pointing to such a tree, then all files which were a part of the parent commit's tree and were not defined in the <code>tree</code> parameter will be listed as deleted by the new commit.</p>",
         "name": "base_tree",
         "in": "body",
         "rawType": "string",
-        "rawDescription": "The SHA1 of the tree you want to update with new data. If you don't set this, the commit will be created on top of everything; however, it will only contain your change, the rest of your files will show up as deleted.",
+        "rawDescription": "The SHA1 of an existing Git tree object which will be used as the base for the new tree. If provided, a new Git tree object will be created from entries in the Git tree object pointed to by `base_tree` and entries defined in the `tree` parameter. Entries defined in the `tree` parameter will overwrite items from `base_tree` with the same `path`. If you're creating new changes on a branch, then normally you'd set `base_tree` to the SHA1 of the Git tree object of the current latest commit on the branch you're working on.\nIf not provided, GitHub will create a new Git tree object from only the entries defined in the `tree` parameter. If you create a new commit pointing to such a tree, then all files which were a part of the parent commit's tree and were not defined in the `tree` parameter will be listed as deleted by the new commit.\n",
         "childParamsGroups": []
       }
     ]

lib/rest/static/decorated/ghes-2.22.json

@@ -46564,11 +46564,11 @@
               },
               "base_tree": {
                 "type": "string",
-                "description": "<p>The SHA1 of the tree you want to update with new data. If you don't set this, the commit will be created on top of everything; however, it will only contain your change, the rest of your files will show up as deleted.</p>",
+                "description": "<p>The SHA1 of an existing Git tree object which will be used as the base for the new tree. If provided, a new Git tree object will be created from entries in the Git tree object pointed to by <code>base_tree</code> and entries defined in the <code>tree</code> parameter. Entries defined in the <code>tree</code> parameter will overwrite items from <code>base_tree</code> with the same <code>path</code>. If you're creating new changes on a branch, then normally you'd set <code>base_tree</code> to the SHA1 of the Git tree object of the current latest commit on the branch you're working on.\nIf not provided, GitHub will create a new Git tree object from only the entries defined in the <code>tree</code> parameter. If you create a new commit pointing to such a tree, then all files which were a part of the parent commit's tree and were not defined in the <code>tree</code> parameter will be listed as deleted by the new commit.</p>",
                 "name": "base_tree",
                 "in": "body",
                 "rawType": "string",
-                "rawDescription": "The SHA1 of the tree you want to update with new data. If you don't set this, the commit will be created on top of everything; however, it will only contain your change, the rest of your files will show up as deleted.",
+                "rawDescription": "The SHA1 of an existing Git tree object which will be used as the base for the new tree. If provided, a new Git tree object will be created from entries in the Git tree object pointed to by `base_tree` and entries defined in the `tree` parameter. Entries defined in the `tree` parameter will overwrite items from `base_tree` with the same `path`. If you're creating new changes on a branch, then normally you'd set `base_tree` to the SHA1 of the Git tree object of the current latest commit on the branch you're working on.\nIf not provided, GitHub will create a new Git tree object from only the entries defined in the `tree` parameter. If you create a new commit pointing to such a tree, then all files which were a part of the parent commit's tree and were not defined in the `tree` parameter will be listed as deleted by the new commit.\n",
                 "childParamsGroups": []
               }
             },
@@ -46768,11 +46768,11 @@
       },
       {
         "type": "string",
-        "description": "<p>The SHA1 of the tree you want to update with new data. If you don't set this, the commit will be created on top of everything; however, it will only contain your change, the rest of your files will show up as deleted.</p>",
+        "description": "<p>The SHA1 of an existing Git tree object which will be used as the base for the new tree. If provided, a new Git tree object will be created from entries in the Git tree object pointed to by <code>base_tree</code> and entries defined in the <code>tree</code> parameter. Entries defined in the <code>tree</code> parameter will overwrite items from <code>base_tree</code> with the same <code>path</code>. If you're creating new changes on a branch, then normally you'd set <code>base_tree</code> to the SHA1 of the Git tree object of the current latest commit on the branch you're working on.\nIf not provided, GitHub will create a new Git tree object from only the entries defined in the <code>tree</code> parameter. If you create a new commit pointing to such a tree, then all files which were a part of the parent commit's tree and were not defined in the <code>tree</code> parameter will be listed as deleted by the new commit.</p>",
         "name": "base_tree",
         "in": "body",
         "rawType": "string",
-        "rawDescription": "The SHA1 of the tree you want to update with new data. If you don't set this, the commit will be created on top of everything; however, it will only contain your change, the rest of your files will show up as deleted.",
+        "rawDescription": "The SHA1 of an existing Git tree object which will be used as the base for the new tree. If provided, a new Git tree object will be created from entries in the Git tree object pointed to by `base_tree` and entries defined in the `tree` parameter. Entries defined in the `tree` parameter will overwrite items from `base_tree` with the same `path`. If you're creating new changes on a branch, then normally you'd set `base_tree` to the SHA1 of the Git tree object of the current latest commit on the branch you're working on.\nIf not provided, GitHub will create a new Git tree object from only the entries defined in the `tree` parameter. If you create a new commit pointing to such a tree, then all files which were a part of the parent commit's tree and were not defined in the `tree` parameter will be listed as deleted by the new commit.\n",
         "childParamsGroups": []
       }
     ]

lib/rest/static/decorated/github.ae.json

@@ -36969,11 +36969,11 @@
               },
               "base_tree": {
                 "type": "string",
-                "description": "<p>The SHA1 of the tree you want to update with new data. If you don't set this, the commit will be created on top of everything; however, it will only contain your change, the rest of your files will show up as deleted.</p>",
+                "description": "<p>The SHA1 of an existing Git tree object which will be used as the base for the new tree. If provided, a new Git tree object will be created from entries in the Git tree object pointed to by <code>base_tree</code> and entries defined in the <code>tree</code> parameter. Entries defined in the <code>tree</code> parameter will overwrite items from <code>base_tree</code> with the same <code>path</code>. If you're creating new changes on a branch, then normally you'd set <code>base_tree</code> to the SHA1 of the Git tree object of the current latest commit on the branch you're working on.\nIf not provided, GitHub will create a new Git tree object from only the entries defined in the <code>tree</code> parameter. If you create a new commit pointing to such a tree, then all files which were a part of the parent commit's tree and were not defined in the <code>tree</code> parameter will be listed as deleted by the new commit.</p>",
                 "name": "base_tree",
                 "in": "body",
                 "rawType": "string",
-                "rawDescription": "The SHA1 of the tree you want to update with new data. If you don't set this, the commit will be created on top of everything; however, it will only contain your change, the rest of your files will show up as deleted.",
+                "rawDescription": "The SHA1 of an existing Git tree object which will be used as the base for the new tree. If provided, a new Git tree object will be created from entries in the Git tree object pointed to by `base_tree` and entries defined in the `tree` parameter. Entries defined in the `tree` parameter will overwrite items from `base_tree` with the same `path`. If you're creating new changes on a branch, then normally you'd set `base_tree` to the SHA1 of the Git tree object of the current latest commit on the branch you're working on.\nIf not provided, GitHub will create a new Git tree object from only the entries defined in the `tree` parameter. If you create a new commit pointing to such a tree, then all files which were a part of the parent commit's tree and were not defined in the `tree` parameter will be listed as deleted by the new commit.\n",
                 "childParamsGroups": []
               }
             },
@@ -37173,11 +37173,11 @@
       },
       {
         "type": "string",
-        "description": "<p>The SHA1 of the tree you want to update with new data. If you don't set this, the commit will be created on top of everything; however, it will only contain your change, the rest of your files will show up as deleted.</p>",
+        "description": "<p>The SHA1 of an existing Git tree object which will be used as the base for the new tree. If provided, a new Git tree object will be created from entries in the Git tree object pointed to by <code>base_tree</code> and entries defined in the <code>tree</code> parameter. Entries defined in the <code>tree</code> parameter will overwrite items from <code>base_tree</code> with the same <code>path</code>. If you're creating new changes on a branch, then normally you'd set <code>base_tree</code> to the SHA1 of the Git tree object of the current latest commit on the branch you're working on.\nIf not provided, GitHub will create a new Git tree object from only the entries defined in the <code>tree</code> parameter. If you create a new commit pointing to such a tree, then all files which were a part of the parent commit's tree and were not defined in the <code>tree</code> parameter will be listed as deleted by the new commit.</p>",
         "name": "base_tree",
         "in": "body",
         "rawType": "string",
-        "rawDescription": "The SHA1 of the tree you want to update with new data. If you don't set this, the commit will be created on top of everything; however, it will only contain your change, the rest of your files will show up as deleted.",
+        "rawDescription": "The SHA1 of an existing Git tree object which will be used as the base for the new tree. If provided, a new Git tree object will be created from entries in the Git tree object pointed to by `base_tree` and entries defined in the `tree` parameter. Entries defined in the `tree` parameter will overwrite items from `base_tree` with the same `path`. If you're creating new changes on a branch, then normally you'd set `base_tree` to the SHA1 of the Git tree object of the current latest commit on the branch you're working on.\nIf not provided, GitHub will create a new Git tree object from only the entries defined in the `tree` parameter. If you create a new commit pointing to such a tree, then all files which were a part of the parent commit's tree and were not defined in the `tree` parameter will be listed as deleted by the new commit.\n",
         "childParamsGroups": []
       }
     ]