Merge pull request #37562 from github/repo-sync

Repo sync

Author: docs-bot

content/account-and-profile/managing-subscriptions-and-notifications-on-github/setting-up-notifications/configuring-notifications.md

@@ -160,6 +160,17 @@ The `reply-to` address on each email notification identifies the thread and the
 
 ## Automatic watching
 
+<!-- expires 2025-05-18 -->
+
+<!-- When this expires, remove the Automatic watching section for FPT/GHEC but keep it for GHES <=3.17 -->
+
+{% ifversion fpt or ghec %}
+
+>[!WARNING] Starting May 18, 2025, {% data variables.product.company_short %} will deprecate automatic watching of repositories and teams. Existing subscriptions will remain unaffected, ensuring you can stay subscribed to repositories or teams that you were previously watching.
+
+{% endif %}
+<!-- end expires 2025-05-18 -->
+
 By default, anytime you gain access to a new repository, you will automatically begin watching that repository. Anytime you join a new team, you will automatically be subscribed to updates and receive notifications when that team is @mentioned. If you don't want to automatically be subscribed, you can unselect the automatic watching options in your notification settings.
 
 {% ifversion update-notification-settings-22 %}

content/actions/security-for-github-actions/security-guides/automatic-token-authentication.md

@@ -92,6 +92,7 @@ The following table shows the permissions granted to the `GITHUB_TOKEN` by defau
 | {% endif %} |
 | issues        | read/write  | none | read |
 | metadata      | read        | read | read |
+| models        | read        | none | none |
 | packages      | read/write  | read | read |
 | pages         | read/write  | none | read |
 | pull-requests | read/write  | none | read |

content/actions/security-for-github-actions/using-artifact-attestations/enforcing-artifact-attestations-with-a-kubernetes-admission-controller.md

@@ -55,7 +55,7 @@ First, install the Helm chart that deploys the Sigstore Policy Controller:
 helm upgrade policy-controller --install --atomic \
   --create-namespace --namespace artifact-attestations \
   oci://ghcr.io/github/artifact-attestations-helm-charts/policy-controller \
-  --version v0.12.0-github10
+  --version v0.12.0-github12
 ```
 
 This installs the Policy Controller into the `artifact-attestations` namespace. At this point, no policies have been configured, and it will not enforce any attestations.
@@ -139,7 +139,7 @@ To see the full set of options you may configure with the Helm chart, you can ru
 For policy controller options:
 
 ```bash copy
-helm show values oci://ghcr.io/github/artifact-attestations-helm-charts/policy-controller --version v0.12.0-github10
+helm show values oci://ghcr.io/github/artifact-attestations-helm-charts/policy-controller --version v0.12.0-github12
 ```
 
 For trust policy options:

src/audit-logs/data/fpt/organization.json

@@ -2814,6 +2814,16 @@
     "description": "Branch protections were enabled for this repository.",
     "docs_reference_links": "/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/managing-a-branch-protection-rule"
   },
+  {
+    "action": "repository_code_security.disable",
+    "description": "Code security was disabled for a repository.",
+    "docs_reference_links": "N/A"
+  },
+  {
+    "action": "repository_code_security.enable",
+    "description": "Code security was enabled for a repository.",
+    "docs_reference_links": "N/A"
+  },
   {
     "action": "repository_content_analysis.disable",
     "description": "Data use settings were disabled for a private repository.",

src/audit-logs/data/ghec/enterprise.json

@@ -222,12 +222,12 @@
   {
     "action": "business.code_scanning_autofix_third_party_tools_policy_update",
     "description": "The policy for Code scanning autofix third party tools was updated for an enterprise.",
-    "docs_reference_links": "N/A"
+    "docs_reference_links": "/code-security/getting-started/github-security-features#available-with-github-code-security"
   },
   {
     "action": "business.code_security_enablement_policy_update",
     "description": "The policy for Code Security enablement was updated for an enterprise.",
-    "docs_reference_links": "N/A"
+    "docs_reference_links": "/code-security/getting-started/github-security-features#available-with-github-code-security"
   },
   {
     "action": "business.connect_usage_metrics_export",
@@ -3569,6 +3569,16 @@
     "description": "Branch protections were enabled for this repository.",
     "docs_reference_links": "/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/managing-a-branch-protection-rule"
   },
+  {
+    "action": "repository_code_security.disable",
+    "description": "Code security was disabled for a repository.",
+    "docs_reference_links": "N/A"
+  },
+  {
+    "action": "repository_code_security.enable",
+    "description": "Code security was enabled for a repository.",
+    "docs_reference_links": "N/A"
+  },
   {
     "action": "repository_content_analysis.disable",
     "description": "Data use settings were disabled for a private repository.",

src/audit-logs/data/ghec/organization.json

@@ -2814,6 +2814,16 @@
     "description": "Branch protections were enabled for this repository.",
     "docs_reference_links": "/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/managing-a-branch-protection-rule"
   },
+  {
+    "action": "repository_code_security.disable",
+    "description": "Code security was disabled for a repository.",
+    "docs_reference_links": "N/A"
+  },
+  {
+    "action": "repository_code_security.enable",
+    "description": "Code security was enabled for a repository.",
+    "docs_reference_links": "N/A"
+  },
   {
     "action": "repository_content_analysis.disable",
     "description": "Data use settings were disabled for a private repository.",

src/audit-logs/data/ghes-3.16/enterprise.json

@@ -167,7 +167,7 @@
   {
     "action": "business.code_scanning_autofix_third_party_tools_policy_update",
     "description": "The policy for Code scanning autofix third party tools was updated for an enterprise.",
-    "docs_reference_links": "N/A"
+    "docs_reference_links": "/code-security/getting-started/github-security-features#available-with-github-code-security"
   },
   {
     "action": "business.create",

src/audit-logs/data/ghes-3.17/enterprise.json

@@ -167,12 +167,12 @@
   {
     "action": "business.code_scanning_autofix_third_party_tools_policy_update",
     "description": "The policy for Code scanning autofix third party tools was updated for an enterprise.",
-    "docs_reference_links": "N/A"
+    "docs_reference_links": "/code-security/getting-started/github-security-features#available-with-github-code-security"
   },
   {
     "action": "business.code_security_enablement_policy_update",
     "description": "The policy for Code Security enablement was updated for an enterprise.",
-    "docs_reference_links": "N/A"
+    "docs_reference_links": "/code-security/getting-started/github-security-features#available-with-github-code-security"
   },
   {
     "action": "business.create",

src/audit-logs/lib/config.json

@@ -3,6 +3,5 @@
     "apiOnlyEvents": "This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.",
     "apiRequestEvent": "This event is only available via audit log streaming."
   },
-  "sha": "d6aa2c08e5ced4ad92d2d6563fabaa683a9a7663"
-}
-
+  "sha": "ae4d8faa66c3986541a6db3a45bcf66e839fd773"
+}

src/graphql/data/fpt/changelog.json

@@ -1,4 +1,18 @@
 [
+  {
+    "schemaChanges": [
+      {
+        "title": "The GraphQL schema includes these changes:",
+        "changes": [
+          "<p>Type <code>RepositorySuggestedActorFilter</code> was added</p>",
+          "<p>Argument 'capabilities: [RepositorySuggestedActorFilter!]!<code>added to field</code>Repository.suggestedActors'</p>"
+        ]
+      }
+    ],
+    "previewChanges": [],
+    "upcomingChanges": [],
+    "date": "2025-04-15"
+  },
   {
     "schemaChanges": [
       {