Merge pull request #39306 from github/repo-sync

Repo sync

Author: docs-bot

content/billing/managing-your-billing/managing-your-payment-and-billing-information.md

@@ -24,11 +24,24 @@ product: '{% data reusables.billing.enhanced-billing-platform-product %}'
 shortTitle: Manage your payment information
 ---
 
-You can view your payment information and history, and update your billing contacts. Supported payment methods include:
+You can view your payment information and history, and update your billing contacts.
 
-* Credit card
-* PayPal
-* Azure Subscription ID (not available for personal accounts)
+## Supported payment methods
+
+These are the supported payment methods for metered billing:
+
+* Invoice – Managed accounts only
+* Credit card – Unmanaged accounts, or as a nonrecurring method for managed accounts
+* PayPal – Unmanaged accounts, or as a nonrecurring method for managed accounts
+* Azure Subscription ID – Not available for personal accounts
+* Automated Clearing House (ACH) – Managed accounts only
+
+Accounts with volume licenses and metered billing can use multiple payment methods.
+
+* For unmanaged accounts, you might pay for volume licenses with a credit card or PayPal, and metered usage with an Azure Subscription ID.
+* For managed accounts, you might pay for volume licenses via invoice, and metered usage via Azure Subscription ID.
+
+{% data variables.product.prodname_copilot_short %} standalone accounts, which traditionally used Azure Subscription IDs, can now also pay by credit card. Contact your {% data variables.product.github %} representative for details.
 
 {% ifversion fpt %}
 
@@ -101,6 +114,16 @@ You can view and edit your billing information, update your payment method, and
 1. Click **Edit** to edit your payment information or **Remove** to delete your payment method.
 1. Follow the prompts.
 
+>[!NOTE] You may see an authorization hold on your provided payment method once its updated or after accruing significant usage of metered services. Authorization holds are temporary and are released as quickly as possible.
+
+## Troubleshooting payment method issues
+
+If you encounter issues when adding or updating your payment method, you can try the following:
+
+1. Retry adding your payment method.
+1. Try adding a new payment method.
+1. Reach out to {% data variables.contact.github_support %} or your customer representative for additional assistance.
+
 ## Viewing payment history
 
 You can view your payment history, including the date, amount, and payment method. You can also download past payments.

content/copilot/concepts/about-copilot-coding-agent.md

@@ -17,7 +17,6 @@ redirect_from:
 
 > [!NOTE]
 > * {% data reusables.copilot.coding-agent.preview-note-text %}
-> * The setting that blocks suggestions matching public code may not work as intended when using {% data variables.copilot.copilot_coding_agent %}. See [AUTOTITLE](/copilot/managing-copilot/managing-copilot-as-an-individual-subscriber/managing-your-copilot-plan/managing-copilot-policies-as-an-individual-subscriber#enabling-or-disabling-suggestions-matching-public-code).
 
 ## Overview of {% data variables.copilot.copilot_coding_agent %}
 
@@ -31,10 +30,10 @@ With {% data variables.copilot.copilot_coding_agent %}, {% data variables.produc
 * Update documentation
 * Address technical debt
 
-To delegate development tasks to {% data variables.product.prodname_copilot_short %}, you can:
+To delegate tasks to {% data variables.product.prodname_copilot_short %}, you can:
 
 * Assign an issue to {% data variables.product.prodname_copilot_short %}. See [AUTOTITLE](/copilot/using-github-copilot/coding-agent/using-copilot-to-work-on-an-issue).
-* Use {% data variables.copilot.copilot_chat %} to ask {% data variables.product.prodname_copilot_short %} to create a pull request. See [AUTOTITLE](/copilot/using-github-copilot/coding-agent/asking-copilot-to-create-a-pull-request).
+* Ask {% data variables.product.prodname_copilot_short %} to create a pull request from the Agents page on {% data variables.product.github %}, {% data variables.copilot.copilot_chat %} or your favorite IDE or agentic coding tool with MCP support. See [AUTOTITLE](/copilot/using-github-copilot/coding-agent/asking-copilot-to-create-a-pull-request).
 
 {% data variables.product.prodname_copilot_short %} will evaluate the task it has been assigned based on the prompt you give it—whether that's from the issue description or a chat message. Then {% data variables.product.prodname_copilot_short %} will make the required changes and open a pull request. When {% data variables.product.prodname_copilot_short %} finishes, it will request a review from you, and you can leave pull request comments to ask {% data variables.product.prodname_copilot_short %} to iterate.
 
@@ -109,6 +108,7 @@ Users can include hidden messages in issues assigned to {% data variables.produc
 * **{% data variables.product.prodname_copilot_short %} does not work with self-hosted {% data variables.product.prodname_actions %} runners**. {% data variables.product.prodname_copilot_short %} has access to its own development environment, running in {% data variables.product.prodname_actions %}, and must use {% data variables.product.prodname_dotcom %}-hosted runners. See [AUTOTITLE](/copilot/customizing-copilot/customizing-the-development-environment-for-copilot-coding-agent#upgrading-to-larger-github-hosted-github-actions-runners).
 * **{% data variables.copilot.copilot_coding_agent %} does not work in personal repositories owned by {% data variables.enterprise.prodname_managed_users %}**. This is because {% data variables.copilot.copilot_coding_agent %} requires {% data variables.product.company_short %}-hosted runners, which are not available to repositories owned by {% data variables.enterprise.prodname_managed_users %}. See [AUTOTITLE](/actions/using-github-hosted-runners/using-github-hosted-runners/about-github-hosted-runners).
 * **{% data variables.product.prodname_copilot_short %} doesn't account for content exclusions**. Content exclusions allow administrators to configure {% data variables.product.prodname_copilot_short %} to ignore certain files. When using {% data variables.copilot.copilot_coding_agent %}, {% data variables.product.prodname_copilot_short %} will not ignore these files, and will be able to see and update them. See [AUTOTITLE](/copilot/managing-copilot/configuring-and-auditing-content-exclusion/excluding-content-from-github-copilot).
+* **{% data variables.copilot.copilot_coding_agent %} does not apply the "Suggestions matching public code" policy**. {% data variables.product.prodname_copilot_short %} may still produce suggestions matching public code, even if the "Suggestions matching public code" policy is set to "Block." If this happens, {% data variables.product.prodname_copilot_short %} will not provide code references pointing to the original source of the code. See [AUTOTITLE](/copilot/managing-copilot/managing-copilot-as-an-individual-subscriber/managing-your-copilot-plan/managing-copilot-policies-as-an-individual-subscriber#enabling-or-disabling-suggestions-matching-public-code).
 * **{% data variables.copilot.copilot_coding_agent %} is not available in {% data variables.enterprise.data_residency %}**. The agent is only available in {% data variables.product.prodname_dotcom_the_website %}.
 
 ## Hands-on practice

content/copilot/concepts/build-copilot-extensions/index.md

@@ -10,5 +10,6 @@ children:
   - /about-building-copilot-extensions
   - /agents-for-copilot-extensions
   - /skillsets-for-copilot-extensions
+  - /openid-connect
 ---
 

content/copilot/concepts/build-copilot-extensions/openid-connect.md

@@ -0,0 +1,90 @@
+---
+title: OpenID Connect (OIDC) for Copilot Extensions
+intro: 'Learn how OpenID Connect (OIDC) enables {% data variables.copilot.copilot_extensions_short %} to securely authenticate users and access cloud resources without storing long-lived credentials.'
+versions:
+  feature: copilot-extensions
+topics:
+  - Copilot
+shortTitle: OpenID Connect
+allowTitleToDifferFromFilename: true
+type: overview
+---
+
+## About OpenID Connect (OIDC) for {% data variables.copilot.copilot_extensions_short %}
+
+OpenID Connect (OIDC) allows {% data variables.copilot.copilot_extensions_short %} to exchange short-lived tokens directly from their cloud provider instead of storing long-lived {% data variables.product.github %} credentials. This feature enables both Copilot agents and skillsets to more securely authenticate users and access cloud resources.
+
+### Overview of OIDC
+
+{% data variables.copilot.copilot_extensions_short %} often need to access third-party resources or APIs on behalf of users. Traditionally, this required storing {% data variables.product.github %} tokens as secrets and making additional API calls to map these tokens to user identities in your system. With OIDC, your extension can request short-lived access tokens directly from your authentication service by exchanging {% data variables.product.github %} identity information.
+
+When enabled, {% data variables.product.github %}'s OIDC provider automatically generates a token containing claims about the user and the request context. Your authentication service can validate these claims and exchange them for an access token scoped specifically for your service.
+
+Using OIDC is especially valuable for {% data variables.product.prodname_copilot_short %} skillsets development because it allows you to leverage your existing API endpoints without maintaining separate {% data variables.product.github %}-specific endpoints. Instead of duplicating endpoints to accept {% data variables.product.github %} tokens, you can use OIDC to translate {% data variables.product.github %} identities into your service’s native authentication tokens.
+
+### Benefits of using OIDC
+
+By implementing OIDC token exchange in your {% data variables.copilot.copilot_extension_short %}, you can:
+
+* Avoid storing long-lived {% data variables.product.github %} tokens or maintain a mapping between {% data variables.product.github %} and your service's identities.
+* Use short-lived tokens that automatically expire and can be scoped specifically to your service's needs.
+* Avoid making additional calls to {% data variables.product.github %}'s API to validate tokens and fetch user information.
+* Enable direct integration for {% data variables.product.prodname_copilot_short %} Skills with your existing APIs without maintaining separate endpoints for {% data variables.product.github %}.
+* Reuse existing API endpoints by translating {% data variables.product.github %} authentication into your service's native tokens.
+
+## About token exchange flow
+
+The following outlines how the {% data variables.copilot.copilot_extensibility_platform_short %} exchanges an OIDC token for an access token to authenticate requests to your extension.
+
+### Initial request
+
+1. The user sends a message to your {% data variables.copilot.copilot_extension_short %}.
+1. GitHub generates an OIDC token containing user identity information.
+1. GitHub calls your token exchange endpoint with the OIDC token.
+1. Your service validates the token and returns an access token.
+1. GitHub includes your access token in the request to your extension.
+
+```http request
+# HTTP header
+Authorization: Bearer <your-service-token>
+X-GitHub-Token: <github-token>
+```
+
+### Subsequent requests
+
+1. {% data variables.product.github %} caches your access token for up to 10 minutes.
+1. The cached token is reused for subsequent requests.
+1. If the token expires or becomes invalid, {% data variables.product.github %} requests a new one.
+
+## Understanding OIDC tokens
+
+The OIDC token from {% data variables.product.github %} is a JWT containing claims about the user and request context:
+
+```json
+{
+  "jti": "<unique-token-id>",
+  "sub": "<github-user-id>",
+  "aud": "<your-client-id>",
+  "iss": "https://github.com/login/oauth",
+  "nbf": 1632492967,
+  "exp": 1632493867,
+  "iat": 1632493567,
+  "act": {
+    "sub": "api.copilotchat.com"
+  }
+}
+```
+
+## Best practices
+
+* Scope tokens to the minimum required permissions.
+* Implement proper error handling and logging.
+* Monitor token exchange patterns for security anomalies.
+* Keep tokens short-lived to minimize security risks.
+* Validate all claims before issuing access tokens.
+* Consider implementing rate limiting on your token exchange endpoint.
+* Use HTTPS for all token exchange communications.
+
+## Next steps
+
+* [AUTOTITLE](/copilot/how-tos/build-copilot-extensions/set-up-oidc)

content/copilot/concepts/content-exclusion-for-github-copilot.md

@@ -0,0 +1,62 @@
+---
+title: Content exclusion for GitHub Copilot
+shortTitle: Content exclusion
+intro: 'You can prevent {% data variables.product.prodname_copilot_short %} from accessing certain files.'
+product: '{% data reusables.gated-features.copilot-business-and-enterprise %}'
+versions:
+  feature: copilot
+topics:
+  - Copilot
+---
+
+## About content exclusion for {% data variables.product.prodname_copilot_short %}
+
+You can use content exclusion to configure {% data variables.product.prodname_copilot_short %} to ignore certain files. When you exclude content from {% data variables.product.prodname_copilot_short %}:
+
+* Code completion will not be available in the affected files.
+* The content in affected files will not inform code completion suggestions in other files.
+* The content in affected files will not inform {% data variables.copilot.copilot_chat %}'s responses.
+* Affected files will not be reviewed in a {% data variables.product.prodname_copilot_short %} code review.
+
+### Who can configure content exclusion
+
+Repository administrators, organization owners, and enterprise owners can configure content exclusion.
+
+{% data reusables.copilot.content-exclusions-scope %}
+
+### Availability of content exclusion
+
+The {% data variables.copilot.copilot_business_short %} and {% data variables.copilot.copilot_enterprise_short %} plans provide the following level of support for content exclusion.
+
+| Tool                                            |            Code completion support            | {% data variables.copilot.copilot_chat_short %} support |
+|-------------------------------------------------|:---------------------------------------------:|:----------------------------------------------------------------:|
+| {% data variables.product.prodname_vs %}        | {% octicon "check" aria-label="Supported" %}  |           {% octicon "check" aria-label="Supported" %}           |
+| {% data variables.product.prodname_vscode %}    | {% octicon "check" aria-label="Supported" %}  |           {% octicon "check" aria-label="Supported" %}           |
+| JetBrains IDEs                                  | {% octicon "check" aria-label="Supported" %}  |           {% octicon "check" aria-label="Supported" %}           |
+| Vim/Neovim                                      | {% octicon "check" aria-label="Supported" %}  |                          Not applicable                          |
+| Xcode                                           | {% octicon "check" aria-label="Supported" %}  |           {% octicon "x" aria-label="Not supported" %}           |
+| Eclipse                                         | {% octicon "check" aria-label="Supported" %}  |           {% octicon "x" aria-label="Not supported" %}           |
+| Azure Data Studio                               | {% octicon "x" aria-label="Not supported" %}  |                          Not applicable                          |
+| The {% data variables.product.github %} website |                Not applicable                 |           {% octicon "check" aria-label="Supported" %}           |
+| {% data variables.product.prodname_mobile %}    |                Not applicable                 |           {% octicon "check" aria-label="Supported" %}           |
+
+Content exclusions also apply to {% data variables.copilot.copilot_code-review_short %} on the {% data variables.product.github %} website.
+
+> [!NOTE]
+> * Content exclusion is in {% data variables.release-phases.public_preview %} on the {% data variables.product.github %} website and in {% data variables.product.prodname_mobile %} and is subject to change.
+> * Content exclusion is currently not supported in Edit and Agent modes of {% data variables.copilot.copilot_chat_short %} in {% data variables.product.prodname_vscode %}.
+
+### Limitations of content exclusion
+
+{% data reusables.copilot.content-exclusion-limitations %}
+
+Currently, content exclusions do not apply to symbolic links (symlinks).
+
+### Data sent to {% data variables.product.prodname_dotcom %}
+
+After you configure content exclusion, the client (for example, the {% data variables.product.prodname_copilot_short %} extension for {% data variables.product.prodname_vscode_shortname %}) sends the current repository URL to the {% data variables.product.prodname_dotcom %} server so that the server can return the correct policy to the client. These URLs are not logged anywhere.
+
+## Further reading
+
+* [AUTOTITLE](/copilot/how-tos/content-exclusion/excluding-content-from-github-copilot)
+* [AUTOTITLE](/copilot/how-tos/content-exclusion/reviewing-changes-to-content-exclusions-for-github-copilot)

content/copilot/concepts/index.md

@@ -10,8 +10,9 @@ children:
   - /copilot-billing
   - /prompt-engineering-for-copilot-chat
   - /about-customizing-github-copilot-chat-responses
-  - /about-copilot-coding-agent
+  - /content-exclusion-for-github-copilot
   - /indexing-repositories-for-copilot-chat
+  - /about-copilot-coding-agent
   - /about-organizing-and-sharing-context-with-copilot-spaces
   - /build-copilot-extensions
 ---

content/copilot/how-tos/administer/organizations/index.md

@@ -13,7 +13,6 @@ topics:
 children:
   - /managing-the-copilot-plan-for-your-organization
   - /managing-policies-for-copilot-in-your-organization
-  - /configuring-your-proxy-server-or-firewall-for-copilot
   - /managing-access-to-github-copilot-in-your-organization
   - /adding-copilot-coding-agent-to-organization
   - /reviewing-activity-related-to-github-copilot-in-your-organization