github · Angelarajchadha · Oct 16, 2020 · Oct 18, 2020 · Oct 19, 2020 · Oct 19, 2020
diff --git a/.env.example b/.env.example
@@ -1,6 +1,3 @@
 ALGOLIA_API_KEY=
 ALGOLIA_APPLICATION_ID=
 ALLOW_TRANSLATION_COMMITS=
-EARLY_ACCESS_HOSTNAME=
-EARLY_ACCESS_SHARED_SECRET=
-GITHUB_TOKEN=
diff --git a/.github/ISSUE_TEMPLATE/improve-existing-docs.md b/.github/ISSUE_TEMPLATE/improve-existing-docs.md
@@ -7,13 +7,13 @@ labels:
 assignees: ''
 ---
 <!--
-HUBBERS BEWARE! THE GITHUB/DOCS REPO IS PUBLIC TO THE ENTIRE INTERNET. OPEN AN ISSUE IN GITHUB/DOCS-CONTENT https://github.com/github/docs-content/issues/new/choose INSTEAD.
+HUBBERS BEWARE! THE GITHUB/DOCS REPO IS PUBLIC TO THE ENTIRE INTERNET. OPEN AN ISSUE IN GITHUB/DOCS-CONTENT INSTEAD.
 -->
 
 <!--
 For questions, ask in Discussions: https://github.com/github/docs/discussions
 
-Before you file an issue read the: 
+Before you file an issue read the:
 - Code of Conduct: https://github.com/github/docs/blob/main/CODE_OF_CONDUCT.md
 - Contributing guide: https://github.com/github/docs/blob/main/CONTRIBUTING.md
 

diff --git a/.github/ISSUE_TEMPLATE/improve-the-site.md b/.github/ISSUE_TEMPLATE/improve-the-site.md
@@ -7,13 +7,13 @@ assignees: ''
 ---
 
 <!--
-HUBBERS BEWARE! THE GITHUB/DOCS REPO IS PUBLIC TO THE ENTIRE INTERNET. OPEN AN ISSUE IN GITHUB/DOCS-CONTENT https://github.com/github/docs-content/issues/new/choose INSTEAD.
+HUBBERS BEWARE! THE GITHUB/DOCS REPO IS PUBLIC TO THE ENTIRE INTERNET. OPEN AN ISSUE IN GITHUB/DOCS-CONTENT INSTEAD.
 -->
 
 <!--
 For questions, ask in Discussions: https://github.com/github/docs/discussions
 
-Before you file an issue read the: 
+Before you file an issue read the:
 - Code of Conduct: https://github.com/github/docs/blob/main/CODE_OF_CONDUCT.md
 - Contributing guide: https://github.com/github/docs/blob/main/CONTRIBUTING.md
 

diff --git a/.github/workflows/close-unwanted-pull-requests.yml b/.github/workflows/close-unwanted-pull-requests.yml
@@ -0,0 +1,39 @@
+name: Close unwanted pull requests
+on:
+  pull_request:
+    paths:
+      - '.github/workflows/**'
+      - '.github/CODEOWNERS'
+      - 'translations/**'
+      - 'assets/fonts/**'
+      - 'data/graphql/**'
+      - 'lib/graphql/**'
+      - 'lib/redirects/**'
+      - 'lib/webhooks/**'
+jobs:
+  close_unwanted_pull_requests:
+    if: github.repository == 'github/docs' && github.event.pull_request.user.login != 'Octomerger'
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/github-script@626af12fe9a53dc2972b48385e7fe7dec79145c9
+        with:
+          script: |
+            await github.issues.createComment({
+              ...context.repo,
+              issue_number: context.payload.pull_request.number,
+              body:
+            `Thanks for contributing! We do not accept community changes to these files at this time.
+            - '.github/workflows/**'
+            - '.github/CODEOWNERS'
+            - 'translations/**'
+            - 'assets/fonts/**'
+            - 'data/graphql/**'
+            - 'lib/graphql/**'
+            - 'lib/redirects/**'
+            - 'lib/webhooks/**'`
+            })
+            await github.issues.update({
+              ...context.repo,
+              issue_number: context.payload.pull_request.number,
+              state: 'closed'
+            })
diff --git a/.github/workflows/sync-algolia-search-indices.yml b/.github/workflows/sync-algolia-search-indices.yml
@@ -37,4 +37,4 @@ jobs:
         if: failure()
         env:
           SLACK_WEBHOOK: ${{ secrets.DOCS_ALERTS_SLACK_WEBHOOK }}
-          SLACK_MESSAGE: The last Algolia workflow run for ${{github.repository}} failed. See https://github.com/github/docs-internal/actions?query=workflow%3AAlgolia
+          SLACK_MESSAGE: The last Algolia workflow run for ${{github.repository}} failed. Search actions for `workflow:Algolia`
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -27,7 +27,7 @@ jobs:
         with:
           cancel_others: 'false'
           github_token: ${{ github.token }}
-          paths: '[".github/workflows/test.yml",".node-version", ".npmrc", "app.json", "content/**", "data/**","lib/**", "Dockerfile", "feature-flags.json", "Gemfile", "Gemfile.lock", "middleware/**", "node_modules/**","package.json", "package-lock.json", "server.js", "tests/**", "translations/**", "Procfile", "webpack.config.js"]'
+          paths: '[".github/workflows/test.yml", ".node-version", ".npmrc", "app.json", "content/**", "data/**","lib/**", "Dockerfile", "feature-flags.json", "Gemfile", "Gemfile.lock", "middleware/**", "node_modules/**","package.json", "package-lock.json", "server.js", "tests/**", "translations/**", "Procfile", "webpack.config.js"]'
 
   test:
     needs: see_if_should_skip
@@ -44,6 +44,9 @@ jobs:
       - if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
         name: Check out repo
         uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
+        with:
+          # Enables cloning the Early Access repo later with the relevant PAT
+          persist-credentials: 'false'
 
       - if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
         name: Setup node
@@ -70,19 +73,19 @@ jobs:
         name: Install dependencies
         run: npm ci
 
-      - if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
-        name: Run build script
+      - name: Clone early access
+        if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' && github.repository == 'github/docs-internal' }}
+        run: npm run heroku-postbuild
+        env:
+          DOCUBOT_REPO_PAT: ${{ secrets.DOCUBOT_REPO_PAT }}
+          GIT_BRANCH: ${{ github.ref }}
+
+      - name: Run build script
+        if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' && github.repository != 'github/docs-internal' }}
         run: npm run build
 
       - if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
         name: Run tests
         run: npx jest tests/${{ matrix.test-group }}/
         env:
           NODE_OPTIONS: '--max_old_space_size=4096'
-
-      - name: Send Slack notification if workflow fails
-        uses: rtCamp/action-slack-notify@e17352feaf9aee300bf0ebc1dfbf467d80438815
-        if: failure() && github.ref == 'early-access'
-        env:
-          SLACK_WEBHOOK: ${{ secrets.DOCS_ALERTS_SLACK_WEBHOOK }}
-          SLACK_MESSAGE: 'Tests are failing on the `early-access` branch. https://github.com/github/docs-internal/tree/early-access'
diff --git a/.gitignore b/.gitignore
@@ -1,9 +1,17 @@
 .algolia-cache
 .DS_Store
 .env
-node_modules
+/node_modules/
 npm-debug.log
-coverage
+coverage/
 .linkinator
-broken_links.md
+/assets/images/early-access
+/content/early-access
+/data/early-access
 dist
+
+# blc: broken link checker
+blc_output.log
+blc_output_internal.log
+/dist/
+broken_links.md
diff --git a/assets/images/octicons/README.md b/assets/images/octicons/README.md
@@ -1,16 +0,0 @@
-## Importing Aftermarket Octicons
-
-#### Background
-Some octicons are missing from the project's current version of the `octicons` gem. Because this project is being replaced soon and updating `octicons` would require [significant changes](https://github.com/github/docs-internal/issues/6250#issuecomment-339730405), new octicons should be added manually as needed, via the following process:
-
-#### How to add
-
-1. Locate the missing octicon `.svg` in [primer/octions](https://github.com/primer/octicons/tree/master/lib/svg) and download it to your local `app/assets/images/octions` folder
-1. Add a line to `app/assets/stylesheets/shared/_octicons.scss` for the new octicon, like so: 
-```apple css
-.octicon-<YOUR OCTICON NAME>:before {
-  content: url("#{$new-octicons-path}/<YOUR OCTICON FILENAME>.svg")
-}
-```
-
-You may now use the new octicon in your content as normal! :tada:

diff --git a/content/actions/index.md b/content/actions/index.md
@@ -37,6 +37,8 @@ changelog:
   - title: Self-Hosted Runner Group Access Changes
     date: '2020-10-16'
     href: https://github.blog/changelog/2020-10-16-github-actions-self-hosted-runner-group-access-changes/
+
+product_video: https://www.youtube-nocookie.com/embed/cP0I9w2coGU
 
 redirect_from:
   - /articles/automating-your-workflow-with-github-actions/

diff --git a/.../admin/enterprise-management/initiating-a-failover-to-your-replica-appliance.md b/.../admin/enterprise-management/initiating-a-failover-to-your-replica-appliance.md
@@ -37,7 +37,7 @@ The time required to failover depends on how long it takes to manually promote t
       ```
     - On the new primary, remove the UUIDs using `ghe-repl-teardown`. Please replace *`UUID`* with a UUID you retrieved in the previous step.
       ```shell
-      $ ghe-repl-teardown -u <em>UUNID</em>
+      $ ghe-repl-teardown -u <em>UUID</em>
       ```
 
 ### Further reading

diff --git a/content/admin/overview/about-enterprise-accounts.md b/content/admin/overview/about-enterprise-accounts.md
@@ -15,7 +15,7 @@ An enterprise account allows you to manage multiple organizations{% if enterpris
 
 - Member access and management (organization members, outside collaborators){% if enterpriseServerVersions contains currentVersion %}
 - Billing and usage ({% data variables.product.prodname_ghe_server %} instances, user licenses, {% data variables.large_files.product_name_short %} packs){% endif %}
-- Security{% if enterpriseServerVersions contains currentVersion %}(single sign-on, two factor authentication)
+- Security {% if enterpriseServerVersions contains currentVersion %}(single sign-on, two factor authentication)
 - Requests {% if enterpriseServerVersions contains currentVersion %}and support bundle sharing {% endif %}with {% data variables.contact.enterprise_support %}{% endif %}
 
 {% if enterpriseServerVersions contains currentVersion %}{% data reusables.enterprise-accounts.enterprise-accounts-billing %} For more information about managing your {% data variables.product.prodname_ghe_cloud %} subscription, see "[Viewing the subscription and usage for your enterprise account](/articles/viewing-the-subscription-and-usage-for-your-enterprise-account)." {% endif %}For more information about managing your {% data variables.product.product_name %} billing settings, see "[Managing billing for your enterprise](/admin/overview/managing-billing-for-your-enterprise)."

diff --git a/content/developers/apps/creating-a-github-app-using-url-parameters.md b/content/developers/apps/creating-a-github-app-using-url-parameters.md
@@ -73,7 +73,9 @@ Permission | Description
 `plan` | Grants access to get information about a user's GitHub plan using the "[Get a user](/rest/reference/users#get-a-user)" endpoint. Can be one of: `none` or `read`.
 [`pull_requests`](/rest/reference/permissions-required-for-github-apps/#permission-on-pull-requests) | Grants access to various pull request endpoints. Can be one of: `none`, `read`, or `write`.
 [`repository_hooks`](/rest/reference/permissions-required-for-github-apps/#permission-on-repository-hooks) | Grants access to the [Repository Webhooks API](/rest/reference/repos#hooks). Can be one of: `none`, `read`, or `write`.
-[`repository_projects`](/rest/reference/permissions-required-for-github-apps/#permission-on-repository-projects) |  Grants access to the [Projects API](/rest/reference/projects). Can be one of: `none`, `read`, `write`, or `admin`.
+[`repository_projects`](/rest/reference/permissions-required-for-github-apps/#permission-on-repository-projects) |  Grants access to the [Projects API](/rest/reference/projects). Can be one of: `none`, `read`, `write`, or `admin`.{% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@3.0" %}
+[`secret_scanning_alerts`](/rest/reference/permissions-required-for-github-apps/#permission-on-secret-scanning-alerts) |  Grants access to the [Secret scanning API](/rest/reference/secret-scanning). Can be one of: `none`, `read`, or `write`.{% endif %}{% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.21" %}
+[`security_events`](/rest/reference/permissions-required-for-github-apps/#permission-on-security-events) |  Grants access to the [Code scanning API](/rest/reference/code-scanning/). Can be one of: `none`, `read`, or `write`.{% endif %}
 [`single_file`](/rest/reference/permissions-required-for-github-apps/#permission-on-single-file) | Grants access to the [Contents API](/rest/reference/repos#contents). Can be one of: `none`, `read`, or `write`.
 [`starring`](/rest/reference/permissions-required-for-github-apps/#permission-on-starring) | Grants access to the [Starring API](/rest/reference/activity#starring). Can be one of: `none`, `read`, or `write`.
 [`statuses`](/rest/reference/permissions-required-for-github-apps/#permission-on-statuses) | Grants access to the [Statuses API](/rest/reference/repos#statuses). Can be one of: `none`, `read`, or `write`.

diff --git a/content/developers/apps/scopes-for-oauth-apps.md b/content/developers/apps/scopes-for-oauth-apps.md
@@ -45,7 +45,8 @@ Name | Description
 &emsp;`repo:status`| Grants read/write access to public and private repository commit statuses. This scope is only necessary to grant other users or services access to private repository commit statuses *without* granting access to the code.
 &emsp;`repo_deployment`| Grants access to [deployment statuses](/rest/reference/repos#deployments) for public and private repositories. This scope is only necessary to grant other users or services access to deployment statuses, *without* granting access to the code.
 &emsp;`public_repo`| Limits access to public repositories. That includes read/write access to code, commit statuses, repository projects, collaborators, and deployment statuses for public repositories and organizations. Also required for starring public repositories.
-&emsp;`repo:invite` | Grants accept/decline abilities for invitations to collaborate on a repository. This scope is only necessary to grant other users or services access to invites *without* granting access to the code.{% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.21" or currentVersion == "github-ae@latest"%}
+&emsp;`repo:invite` | Grants accept/decline abilities for invitations to collaborate on a repository. This scope is only necessary to grant other users or services access to invites *without* granting access to the code.{% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@3.0" %}
+&emsp;`security_events` | Grants: <br/> read and write access to security events in the [{% data variables.product.prodname_code_scanning %} API](/rest/reference/code-scanning). <br/> read and write access to security events in the [{% data variables.product.prodname_secret_scanning %} API](/rest/reference/secret-scanning).{% endif %}{% if currentVersion ver_gt "enterprise-server@2.21" and currentVersion ver_lt "enterprise-server@3.1" %}
 &emsp;`security_events` | Grants read and write access to security events in the [{% data variables.product.prodname_code_scanning %} API](/rest/reference/code-scanning).{% endif %}
 **`admin:repo_hook`** | Grants read, write, ping, and delete access to repository hooks in public and private repositories. The `repo` and `public_repo` scopes grants full access to repositories, including repository hooks. Use the `admin:repo_hook` scope to limit access to only repository hooks.
 &emsp;`write:repo_hook` | Grants read, write, and ping access to hooks in public or private repositories.

diff --git a/content/developers/overview/about-githubs-apis.md b/content/developers/overview/about-githubs-apis.md
@@ -9,11 +9,7 @@ versions:
   github-ae: '*'
 ---
 
-There are two stable versions of the GitHub API: the [REST API](/rest) and the [GraphQL API](/graphql).
-
-When using the REST API, we encourage you to [request v3 via the `Accept` header](/rest/overview/media-types#request-specific-version).
-
-For information on using the GraphQL API, see the [v4 docs](/graphql).
+There are two stable versions of the GitHub API: the [REST API](/rest) and the [GraphQL API](/graphql). When using the REST API, we encourage you to [request v3 via the `Accept` header](/v3/media/#request-specific-version). For information on using the GraphQL API, see the [v4 docs](/graphql).
 
 ## Deprecated versions
 

diff --git a/content/developers/webhooks-and-events/webhook-events-and-payloads.md b/content/developers/webhooks-and-events/webhook-events-and-payloads.md
@@ -145,7 +145,7 @@ Also, the `User-Agent` for the requests will have the prefix `GitHub-Hookshot/`.
 
 {{ webhookPayloadsForCurrentVersion.check_suite.completed }}
 
-{% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.21" or currentVersion == "github-ae@latest" %}
+{% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.21" %}
 ### code_scanning_alert
 
 {% data reusables.webhooks.code_scanning_alert_event_short_desc %}
@@ -1099,6 +1099,31 @@ Key | Type | Description
 
 {% endif %}
 
+{% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@3.0" %}
+
+### secret_scanning_alert
+
+{% data reusables.webhooks.secret_scanning_alert_event_short_desc %}
+
+#### Availability
+
+- Repository webhooks
+- Organization webhooks
+- {% data variables.product.prodname_github_app %}s with the `secret_scanning_alerts:read` permission
+
+#### Webhook payload object
+
+{% data reusables.webhooks.secret_scanning_alert_event_properties %}
+{% data reusables.webhooks.repo_desc %}
+{% data reusables.webhooks.org_desc %}
+{% data reusables.webhooks.app_desc %}
+`sender` | `object` | If the `action` is `resolved` or `reopened`, the `sender` object will be the user that triggered the event. The `sender` object is empty for all other actions.
+
+#### Webhook payload example
+
+{{ webhookPayloadsForCurrentVersion.secret_scanning_alert.reopened }}
+{% endif %}
+
 ### security_advisory
 
 Activity related to a security advisory. A security advisory provides information about security-related vulnerabilities in software on GitHub. The security advisory dataset also powers the GitHub security alerts, see "[About security alerts for vulnerable dependencies](/articles/about-security-alerts-for-vulnerable-dependencies/)."

diff --git a/content/github/administering-a-repository/about-secret-scanning.md b/content/github/administering-a-repository/about-secret-scanning.md
@@ -80,6 +80,8 @@ When {% data variables.product.prodname_secret_scanning %} detects a secret in a
 
 Repository administrators and organization owners can grant users and team access to {% data variables.product.prodname_secret_scanning %} alerts. For more information, see "[Managing security and analysis settings for your repository](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository#granting-access-to-security-alerts)."
 
+To monitor results from {% data variables.product.prodname_secret_scanning %} across your private repositories or your organization, you can use the {% data variables.product.prodname_secret_scanning %} API. For more information about API endpoints, see "[{% data variables.product.prodname_secret_scanning_caps %}](/rest/reference/secret-scanning)."
+
 {% data variables.product.product_name %} currently scans private repositories for secrets issued by the following service providers.
 
 - Adafruit

diff --git a/content/github/creating-cloning-and-archiving-repositories/https-cloning-errors.md b/content/github/creating-cloning-and-archiving-repositories/https-cloning-errors.md
@@ -46,16 +46,16 @@ typing `git remote -v`:
 ```shell
 $ git remote -v
 # View existing remotes
-> origin  https://github.com/github/reactivecocoa.git (fetch)
-> origin  https://github.com/github/reactivecocoa.git (push)
+> origin  https://github.com/ghost/reactivecocoa.git (fetch)
+> origin  https://github.com/ghost/reactivecocoa.git (push)
 
-$ git remote set-url origin https://github.com/github/ReactiveCocoa.git
+$ git remote set-url origin https://github.com/ghost/ReactiveCocoa.git
 # Change the 'origin' remote's URL
 
 $ git remote -v
 # Verify new remote URL
-> origin  https://github.com/github/ReactiveCocoa.git (fetch)
-> origin  https://github.com/github/ReactiveCocoa.git (push)
+> origin  https://github.com/ghost/ReactiveCocoa.git (fetch)
+> origin  https://github.com/ghost/ReactiveCocoa.git (push)
 ```
 
 Alternatively, you can change the URL through our
@@ -73,7 +73,7 @@ When prompted for a username and password, make sure you use an account that has
 
 {% tip %}
 
-**Tip**: If you don't want to enter your credentials every time you interact with the remote repository, you can turn on [credential caching](/github/using-git/caching-your-github-credentials-in-git). If you are already using credential caching, please make sure that your computer has the correct credentials cached. Incorrect or out of date credentials will cause authentication to fail. 
+**Tip**: If you don't want to enter your credentials every time you interact with the remote repository, you can turn on [credential caching](/github/using-git/caching-your-github-credentials-in-git). If you are already using credential caching, please make sure that your computer has the correct credentials cached. Incorrect or out of date credentials will cause authentication to fail.
 
 {% endtip %}