Merge branch 'main' into patch-2

Author: gingzaindy9999-a11y

.github/workflows/link-check-external.yml

@@ -42,18 +42,30 @@ jobs:
           fi
 
       - name: Upload report artifact
-        if: failure()
+        if: always()
         uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
         with:
           name: external-link-report
           path: artifacts/external-link-report.*
           retention-days: 14
+          if-no-files-found: ignore
+
+      - name: Check if report exists
+        if: always()
+        id: check_report
+        run: |
+          if [ -f "artifacts/external-link-report.md" ]; then
+            echo "has_report=true" >> $GITHUB_OUTPUT
+          else
+            echo "has_report=false" >> $GITHUB_OUTPUT
+            echo "No broken link report generated - all links valid!"
+          fi
 
       - name: Create issue if broken links found
-        if: failure()
+        if: always() && steps.check_report.outputs.has_report == 'true'
         uses: peter-evans/create-issue-from-file@fca9117c27cdc29c6c4db3b86c48e4115a786710 # v5
         with:
-          token: ${{ secrets.DOCS_BOT_PAT_WORKFLOW }}
+          token: ${{ secrets.DOCS_BOT_PAT_BASE }}
           repository: github/docs-content
           title: '🌐 Broken External Links Report'
           content-filepath: artifacts/external-link-report.md

.github/workflows/link-check-internal.yml

@@ -78,7 +78,7 @@ jobs:
         if: matrix.language != 'en'
         uses: ./.github/actions/clone-translations
         with:
-          token: ${{ secrets.DOCS_BOT_PAT_READPUBLICKEY }}
+          token: ${{ secrets.DOCS_BOT_PAT_BASE }}
 
       - name: Check internal links
         env:
@@ -125,14 +125,14 @@ jobs:
           # Check if any reports exist
           if ls reports/*.md 1> /dev/null 2>&1; then
             echo "has_reports=true" >> $GITHUB_OUTPUT
-            
+
             # Combine all markdown reports
             echo "# Internal Links Report" > combined-report.md
             echo "" >> combined-report.md
             echo "Generated: $(date -u +'%Y-%m-%d %H:%M UTC')" >> combined-report.md
             echo "[Action run](${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }})" >> combined-report.md
             echo "" >> combined-report.md
-            
+
             for report in reports/*.md; do
               echo "---" >> combined-report.md
               cat "$report" >> combined-report.md
@@ -147,7 +147,7 @@ jobs:
         if: steps.combine.outputs.has_reports == 'true'
         uses: peter-evans/create-issue-from-file@fca9117c27cdc29c6c4db3b86c48e4115a786710 # v5
         with:
-          token: ${{ secrets.DOCS_BOT_PAT_WORKFLOW }}
+          token: ${{ secrets.DOCS_BOT_PAT_BASE }}
           repository: github/docs-content
           title: '🔗 Broken Internal Links Report'
           content-filepath: combined-report.md

content/admin/data-residency/feature-overview-for-github-enterprise-cloud-with-data-residency.md

@@ -20,7 +20,6 @@ The following features are currently unavailable on {% data variables.enterprise
 
 | Feature | Details | More information |
 | :- | :- | :- |
-| {% data variables.product.prodname_copilot_short %} Metrics API | Currently unavailable. | [AUTOTITLE](/rest/copilot/copilot-metrics) |
 | {% data variables.product.prodname_github_codespaces %} | Currently unavailable. | [AUTOTITLE](/codespaces/quickstart) |
 | macOS runners for {% data variables.product.prodname_actions %} | Currently unavailable. | [AUTOTITLE](/actions/using-github-hosted-runners/about-github-hosted-runners/about-github-hosted-runners) |
 | Maven and Gradle support for {% data variables.product.prodname_registry %} | Currently unavailable. | [AUTOTITLE](/packages/working-with-a-github-packages-registry/working-with-the-apache-maven-registry) |

content/code-security/concepts/supply-chain-security/linked-artifacts.md

@@ -38,6 +38,8 @@ Storage records include the repository containing the artifact's source code, th
 
 ![Screenshot of an artifact page. Highlighted fields: storage registry, artifact repository, source repository.](/assets/images/help/security/virtual-registry-storage-record.png)
 
+The _artifact repository_ is not mandatory. It refers to the concept of a repository in certain external package registries: a place where multiple packages can be grouped. By contrast, the _source repository_ refers to the {% data variables.product.github %} repository where the artifact is built. The source repository is mandatory, and is detected automatically if the artifact has a build provenance attestation.
+
 For more information about attestations and SLSA levels, see [AUTOTITLE](/actions/concepts/security/artifact-attestations).
 
 ### Deployment records

content/code-security/how-tos/secure-at-scale/configure-organization-security/index.md

@@ -1,5 +1,6 @@
 ---
-title: Configure organization security
+title: Configuring security features in your organization
+shortTitle: Configure organization security
 intro: Configure security across your organization by establishing coverage, managing settings, and controlling access to code security tools at scale.
 versions:
   fpt: '*'

content/code-security/how-tos/secure-your-supply-chain/manage-your-dependency-security/guidance-for-the-configuration-of-private-registries-for-dependabot.md

@@ -18,15 +18,13 @@ redirect_from:
 contentType: how-tos
 ---
 
-## About configuring private registries for {% data variables.product.prodname_dependabot %}
-
 This article contains recommendations and advice to help you configure {% data variables.product.prodname_dependabot %} to access your private registry, along with:
 
-* Detailed snippets of the `dependabot.yml` configuration file for each package manager.
-* Important limitations or caveats.
-* Steps explaining how to test that the configuration is working.
-* Extra configuration options, wherever appropriate (for example, npm has a configuration file that needs to be set).
-* Advice about configuring registry hosts.
+* Detailed snippets of the `dependabot.yml` configuration file for each package manager
+* Important limitations or caveats
+* Steps explaining how to test that the configuration is working
+* Extra configuration options, wherever appropriate (for example, npm has a configuration file that needs to be set)
+* Advice about configuring registry hosts
 
 You'll find detailed guidance for the setup of the following package managers:
 

…cies/configuring-the-dependency-graph.md …dencies/enabling-the-dependency-graph.mdcontent/code-security/how-tos/secure-your-supply-chain/secure-your-dependencies/configuring-the-dependency-graph.md renamed to content/code-security/how-tos/secure-your-supply-chain/secure-your-dependencies/enabling-the-dependency-graph.md content/code-security/how-tos/secure-your-supply-chain/secure-your-dependencies/configuring-the-dependency-graph.md renamed to content/code-security/how-tos/secure-your-supply-chain/secure-your-dependencies/enabling-the-dependency-graph.md

@@ -1,10 +1,11 @@
 ---
-title: Configuring the dependency graph
+title: Enabling the dependency graph
 intro: You can allow users to identify their projects' dependencies by enabling the dependency graph.
 permissions: '{% data reusables.permissions.dependency-graph %}'
 redirect_from:
   - /code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph#enabling-the-dependency-graph
   - /code-security/supply-chain-security/understanding-your-software-supply-chain/configuring-the-dependency-graph
+  - /code-security/how-tos/secure-your-supply-chain/secure-your-dependencies/configuring-the-dependency-graph
 versions:
   fpt: '*'
   ghes: '*'
@@ -13,38 +14,41 @@ topics:
   - Dependency graph
   - Dependencies
   - Repositories
-shortTitle: Configure dependency graph
+shortTitle: Enable dependency graph
 contentType: how-tos
 ---
-## About the dependency graph
 
-{% data reusables.dependabot.about-the-dependency-graph %}
+The dependency graph is a summary of the manifest and lock files stored in a repository and any dependencies that are submitted for the repository using the {% data variables.dependency-submission-api.name %}. For more information, see [AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph).
 
-For more information, see [AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph).
+When the dependency graph is first enabled, any manifest and lock files for supported ecosystems are parsed immediately. The graph is usually populated within minutes but this may take longer for repositories with many dependencies. Once enabled, the graph is automatically updated with every push to the repository{% ifversion fpt or ghec %} and every push to other repositories in the graph{% endif %}.
 
 {% ifversion ghes %}
 
-## Enabling the dependency graph
+## Enabling the dependency graph for a {% data variables.product.prodname_ghe_server %} instance
 
 {% data reusables.dependabot.ghes-enabling-dependency-graph %}
 
-{% endif %}
+{% else %}
 
-{% ifversion fpt or ghec %}
+## Enabling the dependency graph for a repository
 
-## Configuring the dependency graph
+Enabling the dependency graph gives {% data variables.product.github %} read-only access to the dependency manifest and lock files for a repository.
 
-To generate a dependency graph, {% data variables.product.github %} needs read-only access to the dependency manifest and lock files for a repository. The dependency graph can be enabled or disabled for all repositories. For more information on viewing the dependency graph, see [AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository).
+{% data reusables.dependabot.enabling-disabling-dependency-graph-private-repo-public-fork %}
 
-{% data reusables.dependency-submission.dependency-submission-link %}
+## Enabling the dependency graph for multiple repositories
 
-### Enabling and disabling the dependency graph
+You can enable or disable the dependency graph for all repositories owned by your user account, regardless of their visibility. See [AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-user-account-settings/managing-security-and-analysis-settings-for-your-personal-account).
 
-{% data reusables.dependabot.enabling-disabling-dependency-graph-private-repo-public-fork %}
+You can also enable the dependency graph for multiple repositories in an organization at the same time. For more information, see {% ifversion security-configurations %}[AUTOTITLE](/code-security/securing-your-organization).{% else %}[AUTOTITLE](/code-security/getting-started/quickstart-for-securing-your-organization).{% endif %}
 
 {% endif %}
 
-When the dependency graph is first enabled, any manifest and lock files for supported ecosystems are parsed immediately. The graph is usually populated within minutes but this may take longer for repositories with many dependencies. Once enabled, the graph is automatically updated with every push to the repository{% ifversion fpt or ghec %} and every push to other repositories in the graph{% endif %}.
+## Next steps
+
+{% data reusables.dependency-submission.dependency-submission-link %}
+
+For more information on viewing the dependency graph, see [AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository).
 
 ## Further reading
 

content/code-security/how-tos/secure-your-supply-chain/secure-your-dependencies/index.md

@@ -12,7 +12,7 @@ children:
   - /configuring-dependabot-security-updates
   - /configuring-dependabot-version-updates
   - /keeping-your-actions-up-to-date-with-dependabot
-  - /configuring-the-dependency-graph
+  - /enabling-the-dependency-graph
   - /exploring-the-dependencies-of-a-repository
   - /configuring-automatic-dependency-submission-for-your-repository
   - /using-the-dependency-submission-api

content/code-security/reference/supply-chain-security/dependabot-options-reference.md

@@ -682,7 +682,8 @@ Examples : `0 9 * * *`, `every day at 5pm`
 `0 9 * * *` is equivalent to "every day at 9am". `every day at 5pm` is equivalent to `0 17 * * *`.
 
 > [!NOTE]
-> A `cronjob` type schedule is required to use a `cron` interval.
+> * Timezones must be specified in the [`timezone`](#timezone) parameter and not in the `cronjob`.
+> * A `cronjob` type schedule is required to use a `cron` interval.
 
 ```yaml copy
 

content/copilot/how-tos/provide-context/use-copilot-spaces/create-copilot-spaces.md

@@ -49,6 +49,14 @@ You can add two types of context to your space:
   * **{% octicon "upload" aria-hidden="true" aria-label="upload" %} Upload a file**: You can upload files directly from your local machine. This includes images, text files, rich documents, and spreadsheets.
   * **{% octicon "paste" aria-hidden="true" aria-label="paste" %} Add text content**: You can type or paste free-text content, such as transcripts, notes, or any other relevant information that can help {% data variables.product.prodname_copilot_short %} understand the context of your space.
 
+## Choosing repositories or files as context
+
+When adding sources to your space, you can choose to attach entire repositories or individual files. Understanding how each option works can help you get the best results from {% data variables.product.prodname_copilot_short %}.
+
+* **Attach a repository**: When you attach a repository, {% data variables.product.prodname_copilot_short %} doesn't load the entire project into memory. Instead, it searches the repository and retrieves only the most relevant content needed to answer your question. This is recommended for large-scale use cases (for example, answering questions across all documentation in a repository).
+
+* **Attach individual files**: When you attach a file, its full contents are loaded into {% data variables.product.prodname_copilot_short %}'s context window and considered for every query in that space. This is best when you want {% data variables.product.prodname_copilot_short %} to consistently prioritize a specific document or small set of files.
+
 ## Adding context as you're working
 
 You can add files to a space directly from the code view on {% data variables.product.github %}, so you don't need to break your flow when building context for your space.