Merge pull request #35729 from github/repo-sync

Repo sync

Author: docs-bot

content/code-security/dependabot/working-with-dependabot/dependabot-options-reference.md

@@ -233,7 +233,7 @@ By default, a group will include all types of dependencies.
 
 ### `patterns` and `exclude-patterns` (`groups`)
 
-Both options support using `*` as a wild card to define matches with dependency names.
+Both options support using `*` as a wild card to define matches with dependency names. If a dependency matches both a pattern and an exclude-pattern, then it is excluded from the group.
 
 ### `update-types` (`groups`)
 

content/copilot/using-github-copilot/asking-github-copilot-questions-in-github.md

@@ -35,7 +35,7 @@ On {% data variables.product.github %}, you can use {% data variables.product.pr
 
 ## Powered by skills
 
-{% data variables.product.prodname_copilot_short %} is powered by a collection of skills that are dynamically selected based on the question you ask. You can tell which skill {% data variables.product.prodname_copilot_short %} used by clicking {% octicon "chevron-down" aria-label="the down arrow" %} to expand the status information in the chat window.
+When using the GPT-4o and {% data variables.copilot.copilot_claude_sonnet %} models, {% data variables.product.prodname_copilot_short %} has access to a collection of skills to fetch data from {% data variables.product.github %}, which are dynamically selected based on the question you ask. You can tell which skill {% data variables.product.prodname_copilot_short %} used by clicking {% octicon "chevron-down" aria-label="the down arrow" %} to expand the status information in the chat window.
 
 ![Screenshot of the {% data variables.product.prodname_copilot_short %} chat panel with the status information expanded and the skill that was used highlighted with an orange outline.](/assets/images/help/copilot/chat-show-skill.png)
 
@@ -71,7 +71,7 @@ The skills you can use in {% data variables.product.prodname_copilot_chat_dotcom
 
 ### Limitations of AI models for {% data variables.product.prodname_copilot_chat_short %}
 
-* If you want to use the skills listed in the table above{% ifversion ghec %}, or knowledge bases{% endif %}, on the {% data variables.product.github %} website, you must use the `gpt-4o` model.
+* If you want to use the skills listed in the table above{% ifversion ghec %}, or knowledge bases{% endif %}, on the {% data variables.product.github %} website, only the GPT 4o and {% data variables.copilot.copilot_claude_sonnet %} models are supported.
 * Experimental pre-release versions of the models may not interact with all filters correctly, including the duplication detection filter.
 
 ### Changing your AI model

data/reusables/actions/environment-example.md

@@ -21,7 +21,7 @@ jobs:
 
 When the above workflow runs, the `deployment` job will be subject to any rules configured for the `production` environment. For example, if the environment requires reviewers, the job will pause until one of the reviewers approves the job.
 
-You can also specify a URL for the environment. The specified URL will appear on the deployments page for the repository (accessed by clicking **Environments** on the home page of your repository) and in the visualization graph for the workflow run. If a pull request triggered the workflow, the URL is also displayed as a **View deployment** button in the pull request timeline.
+You can also specify a URL for the environment. The specified URL will appear on the deployments page for the repository (accessed by clicking **Environments** on the home page of your repository) and in the visualization graph for the workflow run. If a pull request triggered the workflow, the URL is also displayed as a **View deployment** button in the pull request timeline. When using the "Require deployments to succeed before merging" rule, only the `name` specified is being checked even if a URL has also been specified. See [AUTOTITLE](/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#require-deployments-to-succeed-before-merging).
 
 ```yaml
 name: Deployment

data/reusables/actions/runner-essential-communications.md

@@ -45,6 +45,7 @@ github-registry-files.githubusercontent.com
 
 ```shell copy
 *.pkg.github.com
+pkg-containers.githubusercontent.com
 ghcr.io
 ```
 

data/reusables/dependabot/private-dependencies-note.md

@@ -1 +1 @@
-When running security or version updates, some ecosystems must be able to resolve all dependencies from their source to verify that updates have been successful. If your manifest or lock files contain any private dependencies, {% data variables.product.prodname_dependabot %} must be able to access the location at which those dependencies are hosted. Organization owners can grant {% data variables.product.prodname_dependabot %} access to private repositories containing dependencies for a project within the same organization. For more information, see "[AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#allowing-dependabot-to-access-private{% ifversion ghec or ghes %}-or-internal{% endif %}-dependencies)." You can configure access to private registries in a repository's `dependabot.yml` configuration file. For more information, see "[AUTOTITLE](/code-security/dependabot/working-with-dependabot/dependabot-options-reference#configuration-options-for-private-registries)."
+When running security or version updates, some ecosystems must be able to resolve all dependencies from their source to verify that updates have been successful. If your manifest or lock files contain any private dependencies, {% data variables.product.prodname_dependabot %} must be able to access the location at which those dependencies are hosted. Organization owners can grant {% data variables.product.prodname_dependabot %} access to private repositories containing dependencies for a project within the same organization. For more information, see [AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#allowing-dependabot-to-access-private{% ifversion ghec or ghes %}-or-internal{% endif %}-dependencies). You can configure access to private registries in a repository's `dependabot.yml` configuration file. For more information, see [AUTOTITLE](/code-security/dependabot/working-with-dependabot/configuring-access-to-private-registries-for-dependabot).

src/secret-scanning/data/public-docs.yml

@@ -955,6 +955,17 @@
   hasPushProtection: true
   hasValidityCheck: false
   isduplicate: false
+- provider: Databento
+  supportedSecret: Databento API Key
+  secretType: databento_api_key
+  versions:
+    fpt: '*'
+    ghec: '*'
+  isPublic: true
+  isPrivateWithGhas: false
+  hasPushProtection: false
+  hasValidityCheck: false
+  isduplicate: false
 - provider: Databricks
   supportedSecret: Databricks Access Token
   secretType: databricks_access_token
@@ -1998,6 +2009,28 @@
   hasPushProtection: false
   hasValidityCheck: false
   isduplicate: false
+- provider: Lichess
+  supportedSecret: Lichess OAuth Access Token
+  secretType: lichess_oauth_access_token
+  versions:
+    fpt: '*'
+    ghec: '*'
+  isPublic: true
+  isPrivateWithGhas: false
+  hasPushProtection: false
+  hasValidityCheck: false
+  isduplicate: false
+- provider: Lichess
+  supportedSecret: Lichess Personal Access Token
+  secretType: lichess_personal_access_token
+  versions:
+    fpt: '*'
+    ghec: '*'
+  isPublic: true
+  isPrivateWithGhas: false
+  hasPushProtection: false
+  hasValidityCheck: false
+  isduplicate: false
 - provider: Lightspeed
   supportedSecret: Lightspeed Personal Access Token
   secretType: lightspeed_xs_pat
@@ -2488,6 +2521,17 @@
   hasPushProtection: true
   hasValidityCheck: '{% ifversion fpt or ghes %}false{% else %}true{% endif %}'
   isduplicate: true
+- provider: OpenRouter
+  supportedSecret: OpenRouter API Key
+  secretType: openrouter_api_key
+  versions:
+    fpt: '*'
+    ghec: '*'
+  isPublic: true
+  isPrivateWithGhas: false
+  hasPushProtection: false
+  hasValidityCheck: false
+  isduplicate: false
 - provider: Orbit
   supportedSecret: Orbit API Token
   secretType: orbit_api_token

src/secret-scanning/lib/config.json

@@ -1,5 +1,5 @@
 {
-  "sha": "e6054aab2e4808013fc252da4eecc896e43a5ffc",
-  "blob-sha": "ad9b0dbbff0337145d4929b99b65877c4b1ebeed",
+  "sha": "cc2ad2addc1a78be626037470b48db546e8a35ec",
+  "blob-sha": "7cd3674e6d0419376506fc41828588bd3eaed01d",
   "targetFilename": "code-security/secret-scanning/introduction/supported-secret-scanning-patterns"
 }