Repo sync

CHANGELOG.md

@@ -12,6 +12,12 @@ Get started at [Achieving your company's engineering goals with GitHub Copilot](
 
 **27 June 2025**
 
+We've published a new guide about how to combine use of GitHub Copilot's agent mode with Model Context Protocol (MCP) servers to complete complex tasks through agentic "loops" - illustrated through an accessibility compliance example. The guide also discusses best practices and benefits around using these two features together. See [Enhancing Copilot agent mode with MCP](https://docs.github.com/copilot/tutorials/enhancing-copilot-agent-mode-with-mcp).
+
+<hr>
+
+**27 June 2025**
+
 We’ve published a new set of new documentation articles designed to help users make the most of the **Dependabot metrics page** in the organization’s security overview.
 
 These clear, actionable guides help users:

content/actions/how-tos/managing-workflow-runs-and-deployments/managing-workflow-runs/manually-running-a-workflow.md

@@ -10,6 +10,7 @@ redirect_from:
   - /actions/managing-workflow-runs/manually-running-a-workflow
   - /actions/using-workflows/manually-running-a-workflow
   - /actions/managing-workflow-runs-and-deployments/managing-workflow-runs/manually-running-a-workflow
+  - /articles/configuring-a-workflow
 ---
 
 {% data reusables.actions.enterprise-github-hosted-runners %}

content/admin/configuring-settings/configuring-network-settings/configuring-built-in-firewall-rules.md

@@ -19,7 +19,7 @@ shortTitle: Configure firewall rules
 ---
 ## About {% data variables.location.product_location %}'s firewall
 
-{% data variables.product.prodname_ghe_server %} uses Ubuntu's Uncomplicated Firewall (UFW) on the virtual appliance. For more information see [UFW](https://help.ubuntu.com/community/UFW) in the Ubuntu documentation. {% data variables.product.prodname_ghe_server %} automatically updates the firewall allowlist of allowed services with each release.
+{% data variables.product.prodname_ghe_server %} uses Ubuntu's Uncomplicated Firewall (UFW) on the virtual appliance. For more information see [Firewall](https://documentation.ubuntu.com/server/how-to/security/firewalls/#ufw-uncomplicated-firewall) in the Ubuntu documentation. {% data variables.product.prodname_ghe_server %} automatically updates the firewall allowlist of allowed services with each release.
 
 After you install {% data variables.product.prodname_ghe_server %}, all required network ports are automatically opened to accept connections. Every non-required port is automatically configured as `deny`, and the default outgoing policy is configured as `allow`. Stateful tracking is enabled for any new connections; these are typically network packets with the `SYN` bit set. For more information, see [AUTOTITLE](/admin/configuration/configuring-network-settings/network-ports).
 

content/admin/enforcing-policies/enforcing-policy-with-pre-receive-hooks/creating-a-pre-receive-hook-environment.md

@@ -44,13 +44,13 @@ You can use a Linux container management tool to build a pre-receive hook enviro
    ```shell
    $ docker build -f Dockerfile.debian -t pre-receive.debian .
    > [+] Building 0.6s (6/6) FINISHED                                                                   docker:desktop-linux
-   > => [internal] load build definition from Dockerfile.debian                                                              
-   > => [1/2] FROM docker.io/library/debian:latest@sha256:80dd3c3b9c6cecb9f1667e9290b3bc61b78c2678c02cbdae5f0fea92cc6  
-   > => [2/2] RUN apt-get update && apt-get install -y git bash curl                                            
-   > => exporting to image                                                                                             
-   > => => exporting layers                                                                                            
-   > => => writing image sha256:b57af4e24082f3a30a34c0fe652a336444a3608f76833f5c5fdaf4d81d20c3cc                       
-   > => => naming to docker.io/library/pre-receive.debian 
+   > => [internal] load build definition from Dockerfile.debian
+   > => [1/2] FROM docker.io/library/debian:latest@sha256:80dd3c3b9c6cecb9f1667e9290b3bc61b78c2678c02cbdae5f0fea92cc6
+   > => [2/2] RUN apt-get update && apt-get install -y git bash curl
+   > => exporting to image
+   > => => exporting layers
+   > => => writing image sha256:b57af4e24082f3a30a34c0fe652a336444a3608f76833f5c5fdaf4d81d20c3cc
+   > => => naming to docker.io/library/pre-receive.debian
    ```
 
 1. Create a container:
@@ -82,7 +82,7 @@ You can use a Linux container management tool to build a pre-receive hook enviro
    > * `/bin/sh` must exist and be executable, as the entry point into the chroot environment.
    > * Unlike traditional chroots, the `dev` directory is not required by the chroot environment for pre-receive hooks.
 
-For more information about creating a chroot environment see [Chroot](https://wiki.debian.org/chroot) from the _Debian Wiki_ or [BasicChroot](https://help.ubuntu.com/community/BasicChroot) from the _Ubuntu Community Help Wiki_.
+For more information about creating a chroot environment, see [Chroot](https://wiki.debian.org/chroot) from the Debian Wiki.
 
 ## Uploading a pre-receive hook environment on {% data variables.product.prodname_ghe_server %}
 

content/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-authentication-and-provisioning-with-pingfederate.md

@@ -54,7 +54,7 @@ In addition:
 * You may need to configure the firewall in PingFederate to allow outbound connections to {% ifversion ghes %}the `https://HOSTNAME/api/v3/scim/v2` endpoint on your {% data variables.product.prodname_ghe_server %} instance.{% else %}the SCIM endpoints on {% data variables.product.github %}:
   * For **{% data variables.product.prodname_dotcom_the_website %}**: `https://api.github.com/scim/v2/enterprises/ENTERPRISE`
   * For **{% data variables.enterprise.data_residency_site %}**: `https://api.SUBDOMAIN.ghe.com/scim/v2/enterprises/SUBDOMAIN`{% endif %}
-* PingFederate's "provisioner mode" must be set to a value that allows SCIM provisioning. See the "Before you begin" section in PingIdentity's [Configuring outbound provisioning settings](https://docs.pingidentity.com/pingfederate/11.2/administrators_reference_guide/help_protocolsettingstasklet_saasglobalprovisioningsettingsstate.html) guide.
+* PingFederate's "provisioner mode" must be set to a value that allows SCIM provisioning. See the "Before you begin" section in PingIdentity's [Configuring outbound provisioning settings](https://docs.pingidentity.com/pingfederate/latest/administrators_reference_guide/help_protocolsettingstasklet_saasglobalprovisioningsettingsstate.html) guide.
 * During this procedure, you will need to upload an X509 certificate to PingFederate. You may want to create and store the certificate before proceeding. You will also need the challenge password for the certificate. See the [Example of creating an X509 certificate](#example-of-creating-an-x509-certificate) section later in this article.
 {%- ifversion ghec %}
 * During this procedure, you will need to upload a SAML metadata file to PingFederate. If you're setting up an enterprise that uses **{% data variables.enterprise.data_residency_short %} on {% data variables.enterprise.data_residency_site %}**, it is easiest to create this file before you start. See [Creating a SAML metadata file for {% data variables.enterprise.data_residency_site %}](#creating-a-saml-metadata-file-for-ghecom).

content/admin/managing-iam/reconfiguring-iam-for-enterprise-managed-users/migrating-your-enterprise-to-a-new-identity-provider-or-tenant.md

@@ -72,7 +72,7 @@ If you don't already have single sign-on recovery codes for your enterprise, dow
 1. On your current IdP, deactivate provisioning in the application for {% data variables.product.prodname_emus %}.
     * If you use Entra ID, navigate to the "Provisioning" tab of the application, and then click **Stop provisioning**.
     * If you use Okta, navigate to the "Provisioning" tab of the application, click the **Integration** tab, and then click **Edit**. Deselect **Enable API integration**.
-    * If you use PingFederate, navigate to the channel settings in the application. From the **Activation & Summary** tab, click **Active** or **Inactive** to toggle the provisioning status, and then click **Save**. For more information about managing provisioning, see [Reviewing channel settings](https://docs.pingidentity.com/pingfederate/11.2/administrators_reference_guide/help_saaschanneltasklet_saasactivationstate.html) and [Managing channels](https://docs.pingidentity.com/pingfederate/latest/administrators_reference_guide/help_saasmanagementtasklet_saasmanagementstate.html) in the PingFederate documentation.
+    * If you use PingFederate, navigate to the channel settings in the application. From the **Activation & Summary** tab, click **Active** or **Inactive** to toggle the provisioning status, and then click **Save**. For more information about managing provisioning, see [Reviewing channel settings](https://docs.pingidentity.com/pingfederate/latest/administrators_reference_guide/help_saaschanneltasklet_saasactivationstate.html) and [Managing channels](https://docs.pingidentity.com/pingfederate/latest/administrators_reference_guide/help_saasmanagementtasklet_saasmanagementstate.html) in the PingFederate documentation.
     * If you use another identity management system, consult the system's documentation, support team, or other resources.
 
 ### 4. Disable authentication for your enterprise

content/copilot/tutorials/index.md

@@ -18,7 +18,7 @@ children:
   - /learning-a-new-programming-language-with-github-copilot
   - /modernizing-legacy-code-with-github-copilot
   - /using-copilot-to-migrate-a-project
-  - /upgrading-java-projects-with-github-copilot
+  - /upgrading-projects-with-github-copilot
   - /rolling-out-github-copilot-at-scale
 redirect_from:
   - /copilot/using-github-copilot/guides-on-using-github-copilot

content/copilot/tutorials/upgrading-projects-with-github-copilot.md

@@ -0,0 +1,39 @@
+---
+title: Upgrading projects with GitHub Copilot
+shortTitle: Upgrade projects
+intro: 'You can use {% data variables.product.prodname_copilot %} to upgrade your Maven and Gradle Java applications and .NET applications.'
+versions:
+  feature: copilot
+topics:
+  - Copilot
+redirect_from:
+  - /copilot/using-github-copilot/guides-on-using-github-copilot/upgrading-java-projects-with-github-copilot
+  - /copilot/tutorials/upgrading-java-projects-with-github-copilot
+---
+
+> [!NOTE]
+> "GitHub Copilot app modernization – upgrade for Java" and "GitHub Copilot app modernization – Upgrade for .NET" are currently in {% data variables.release-phases.public_preview %} and subject to change.
+
+## Introduction
+
+{% data variables.product.prodname_copilot %} can help streamline the process of modernizing and upgrading your Java and .NET applications. {% data variables.product.prodname_copilot_short %} will analyze the project, generate a plan, automatically fix issues it encounters when carrying out the plan, and produce a summary.
+
+## Upgrading Java projects
+
+You can upgrade a Git-based Maven or Gradle Java project using {% data variables.product.prodname_copilot %} in {% data variables.product.prodname_vscode %}. You will need:
+
+* Either a **{% data variables.copilot.copilot_for_business %}** or **{% data variables.copilot.copilot_enterprise %}** [subscription plan](/copilot/about-github-copilot/subscription-plans-for-github-copilot).
+* The latest version of [{% data variables.product.prodname_vscode %}](https://code.visualstudio.com/).
+* For Maven-based projects, access to the public Maven Central repository.
+* Installed versions of both the source and target JDKs.
+
+For the next steps, see [Quickstart: upgrade a Java project with GitHub Copilot App Modernization - upgrade for Java (preview)](https://learn.microsoft.com/en-gb/java/upgrade/quickstart-upgrade) on Microsoft Learn.
+
+## Upgrading .NET projects
+
+You can also upgrade a .NET project using {% data variables.product.prodname_copilot %} in {% data variables.product.prodname_vs %}. You will need:
+
+* Either a **{% data variables.copilot.copilot_pro %}**, **{% data variables.copilot.copilot_pro_plus %}**, **{% data variables.copilot.copilot_for_business %}** or **{% data variables.copilot.copilot_enterprise %}** [subscription plan](/copilot/about-github-copilot/subscription-plans-for-github-copilot).
+* The latest release of {% data variables.product.prodname_vs %} Enterprise, Professional or Community 2022.
+
+For the next steps, see [GitHub Copilot app modernization - upgrade for .NET](https://marketplace.visualstudio.com/items?itemName=ms-dotnettools.GitHubCopilotUpgradeAgent) on Microsoft Visual Studio Marketplace.

content/github-models/github-models-at-scale/set-up-custom-model-integration-models-byok.md

@@ -38,16 +38,16 @@ You must first add the relevant API keys for the organization. After that, your
 {% data reusables.profile.access_org %}
 {% data reusables.profile.org_settings %}
 {% data reusables.organizations.custom-models %}
-1. Click **Add custom key**.
-1. In the "Add a custom key" dialog, provide details about your key. **Name** and **Key** are compulsory fields.
+1. Click **Add API key**.
+1. In the "Add the API key" dialog, provide details about your key. **Name** and **API key** are compulsory fields.
 1. Click **Save**.
 
 ## Enabling custom models
 
 {% data reusables.profile.access_org %}
 {% data reusables.profile.org_settings %}
 {% data reusables.organizations.models-development %}
-1. Under "Models permissions", select **All publishers** to enable models added by custom keys.
+1. Under "Models permissions", select **All publishers** to enable models added by API keys.
    * If this option isn't available, you need to allow the use of the model in the organization. See [AUTOTITLE](/github-models/github-models-at-scale/manage-models-at-scale#controlling-model-usage-in-your-organization).
 1. Optionally, select **Only select models** to create a custom list of enabled or disabled models. This allows you to control which models are available to your organization.  
 

content/rest/code-scanning/alert-dismissal-requests.md

@@ -0,0 +1,13 @@
+---
+title: REST API endpoints for {% data variables.product.prodname_code_scanning %} alert dismissal requests
+shortTitle: Alert dismissal requests
+intro: Use the REST API to interact with {% data variables.product.prodname_code_scanning %} alert dismissal requests from a repository.
+versions: # DO NOT MANUALLY EDIT. CHANGES WILL BE OVERWRITTEN BY A 🤖
+  ghec: '*'
+topics:
+  - API
+autogenerated: rest
+allowTitleToDifferFromFilename: true
+---
+
+<!-- Content after this section is automatically generated -->

content/rest/code-scanning/index.md

@@ -14,6 +14,7 @@ topics:
   - Code scanning
   - REST
 children:
+  - /alert-dismissal-requests
   - /code-scanning
 autogenerated: rest
 ---