Repo sync

content/copilot/how-tos/use-copilot-agents/coding-agent/customize-the-agent-firewall.md

@@ -25,12 +25,31 @@ By default, {% data variables.product.prodname_copilot_short %}'s access to the
 
 Limiting access to the internet helps to manage data exfiltration risks, where surprising behavior from {% data variables.product.prodname_copilot_short %}, or malicious instructions given to it, could lead to code or other sensitive information being leaked to remote locations.
 
-The default firewall rules allow access to a number of hosts that {% data variables.product.prodname_copilot_short %} uses to interact with {% data variables.product.github %} or to download dependencies.
+The firewall always allows access to a number of hosts that {% data variables.product.prodname_copilot_short %} uses to interact with {% data variables.product.github %}. By default, a recommended allowlist is also enabled to allow the agent to download dependencies.
 
 If {% data variables.product.prodname_copilot_short %} tries to make a request which is blocked by the firewall, a warning is added to the pull request body (if {% data variables.product.prodname_copilot_short %} is creating a pull request for the first time) or to a comment (if {% data variables.product.prodname_copilot_short %} is responding to a pull request comment). The warning shows the blocked address and the command that tried to make the request.
 
 ![Screenshot of a warning from {% data variables.product.prodname_copilot_short %} about being blocked by the firewall.](/assets/images/help/copilot/coding-agent/firewall-warning.png)
 
+## Managing the recommended firewall allowlist
+
+The recommended allowlist, enabled by default, allows access to:
+
+* Common operating system package repositories (for example, Debian, Ubuntu, Red Hat).
+* Common container registries (for example, Docker Hub, Azure Container Registry, AWS Elastic Container Registry).
+* Packages registries used by popular programming languages (C#, Dart, Go, Haskell, Java, JavaScript, Perl, PHP, Python, Ruby, Rust, Swift).
+* Common certificate authorities (to allow SSL certificates to be validated).
+* Hosts used to download web browsers for the Playwright MCP server.
+
+You can choose to turn off the recommended allowlist.
+
+{% data reusables.repositories.navigate-to-repo %}
+{% data reusables.repositories.sidebar-settings %}
+1. In the "Code & automation" section of the sidebar, click **{% data variables.product.prodname_copilot_short %}** then **{% data variables.copilot.copilot_coding_agent_short %}**.
+1. Toggle the **Recommended allowlist** setting **off**.
+
+To use the recommended allowlist in addition to your own allowlist, keep the **Recommended allowlist** setting **on**, and add your additional addresses in the **Custom allowlist** page.
+
 ## Allowlisting additional hosts in the agent's firewall
 
 You can allowlist additional addresses in the agent's firewall.
@@ -39,7 +58,7 @@ You can allowlist additional addresses in the agent's firewall.
 {% data reusables.repositories.sidebar-settings %}
 1. In the "Code & automation" section of the sidebar, click **{% data variables.product.prodname_copilot_short %}** then **{% data variables.copilot.copilot_coding_agent_short %}**.
 1. Click **Custom allowlist**
-1. Add the addresses you want to include in the allow list. You can include:
+1. Add the addresses you want to include in the allowlist. You can include:
 
    * **Domains** (for example, `packages.contoso.corp`). Traffic will be allowed to the specified domain and any subdomains.
 
@@ -52,14 +71,6 @@ You can allowlist additional addresses in the agent's firewall.
 1. Click **Add Rule**.
 1. After validating your list, click **Save changes**.
 
-## Overwriting the recommended firewall allowlist
-
-By default, the firewall allows access to a number of hosts that are commonly used to download dependencies or that {% data variables.product.prodname_copilot_short %} uses to interact with {% data variables.product.github %}.
-
-To disable this, toggle the **Recommended allowlist** setting **off**.
-
-To use the recommended allowlist in addition to your own allowlist, keep the **Recommended allowlist** setting **on**, and add your additional addresses in the **Custom allowlist** page.
-
 ### Disabling the firewall
 
 > [!WARNING]

content/migrations/using-github-enterprise-importer/completing-your-migration-with-github-enterprise-importer/accessing-your-migration-logs-for-github-enterprise-importer.md

@@ -23,7 +23,7 @@ The migration log lists the steps that were completed as part of the migration a
 * How long the migration took
 
 > [!IMPORTANT]  
-> Issues should be enabled in the target repository for the migration log to be created. 
+> Issues should be enabled in the target repository for the migration log to be created.
 
 You can access the migration log for a repository migration in multiple ways.
 

src/audit-logs/data/fpt/user.json

@@ -7782,7 +7782,7 @@
       "operation_type",
       "request_access_security_header"
     ],
-    "docs_reference_titles": "Showing your private contributions on your profile"
+    "docs_reference_titles": "Manage visibility settings for private contributions"
   },
   {
     "action": "user.login",
@@ -8000,7 +8000,7 @@
       "created_at",
       "request_access_security_header"
     ],
-    "docs_reference_titles": "Showing your private contributions on your profile"
+    "docs_reference_titles": "Manage visibility settings for private contributions"
   },
   {
     "action": "user.sign_in_from_unrecognized_device",

src/audit-logs/data/ghec/user.json

@@ -7782,7 +7782,7 @@
       "operation_type",
       "request_access_security_header"
     ],
-    "docs_reference_titles": "Showing your private contributions on your profile"
+    "docs_reference_titles": "Manage visibility settings for private contributions"
   },
   {
     "action": "user.login",
@@ -8000,7 +8000,7 @@
       "created_at",
       "request_access_security_header"
     ],
-    "docs_reference_titles": "Showing your private contributions on your profile"
+    "docs_reference_titles": "Manage visibility settings for private contributions"
   },
   {
     "action": "user.sign_in_from_unrecognized_device",

src/audit-logs/data/ghes-3.14/enterprise.json

@@ -15154,7 +15154,7 @@
       "operation_type",
       "request_access_security_header"
     ],
-    "docs_reference_titles": "Showing your private contributions on your profile"
+    "docs_reference_titles": "Manage visibility settings for private contributions"
   },
   {
     "action": "user.login",
@@ -15464,7 +15464,7 @@
       "created_at",
       "request_access_security_header"
     ],
-    "docs_reference_titles": "Showing your private contributions on your profile"
+    "docs_reference_titles": "Manage visibility settings for private contributions"
   },
   {
     "action": "user.sign_in_from_unrecognized_device",

src/audit-logs/data/ghes-3.14/user.json

@@ -7340,7 +7340,7 @@
       "operation_type",
       "request_access_security_header"
     ],
-    "docs_reference_titles": "Showing your private contributions on your profile"
+    "docs_reference_titles": "Manage visibility settings for private contributions"
   },
   {
     "action": "user.login",
@@ -7558,7 +7558,7 @@
       "created_at",
       "request_access_security_header"
     ],
-    "docs_reference_titles": "Showing your private contributions on your profile"
+    "docs_reference_titles": "Manage visibility settings for private contributions"
   },
   {
     "action": "user.sign_in_from_unrecognized_device",

src/audit-logs/data/ghes-3.15/enterprise.json

@@ -15353,7 +15353,7 @@
       "operation_type",
       "request_access_security_header"
     ],
-    "docs_reference_titles": "Showing your private contributions on your profile"
+    "docs_reference_titles": "Manage visibility settings for private contributions"
   },
   {
     "action": "user.login",
@@ -15663,7 +15663,7 @@
       "created_at",
       "request_access_security_header"
     ],
-    "docs_reference_titles": "Showing your private contributions on your profile"
+    "docs_reference_titles": "Manage visibility settings for private contributions"
   },
   {
     "action": "user.sign_in_from_unrecognized_device",

src/audit-logs/data/ghes-3.15/user.json

@@ -7539,7 +7539,7 @@
       "operation_type",
       "request_access_security_header"
     ],
-    "docs_reference_titles": "Showing your private contributions on your profile"
+    "docs_reference_titles": "Manage visibility settings for private contributions"
   },
   {
     "action": "user.login",
@@ -7757,7 +7757,7 @@
       "created_at",
       "request_access_security_header"
     ],
-    "docs_reference_titles": "Showing your private contributions on your profile"
+    "docs_reference_titles": "Manage visibility settings for private contributions"
   },
   {
     "action": "user.sign_in_from_unrecognized_device",

src/audit-logs/data/ghes-3.16/enterprise.json

@@ -16067,7 +16067,7 @@
       "operation_type",
       "request_access_security_header"
     ],
-    "docs_reference_titles": "Showing your private contributions on your profile"
+    "docs_reference_titles": "Manage visibility settings for private contributions"
   },
   {
     "action": "user.login",
@@ -16377,7 +16377,7 @@
       "created_at",
       "request_access_security_header"
     ],
-    "docs_reference_titles": "Showing your private contributions on your profile"
+    "docs_reference_titles": "Manage visibility settings for private contributions"
   },
   {
     "action": "user.sign_in_from_unrecognized_device",

src/audit-logs/data/ghes-3.16/user.json

@@ -7693,7 +7693,7 @@
       "operation_type",
       "request_access_security_header"
     ],
-    "docs_reference_titles": "Showing your private contributions on your profile"
+    "docs_reference_titles": "Manage visibility settings for private contributions"
   },
   {
     "action": "user.login",
@@ -7911,7 +7911,7 @@
       "created_at",
       "request_access_security_header"
     ],
-    "docs_reference_titles": "Showing your private contributions on your profile"
+    "docs_reference_titles": "Manage visibility settings for private contributions"
   },
   {
     "action": "user.sign_in_from_unrecognized_device",

src/audit-logs/data/ghes-3.17/enterprise.json

@@ -16514,7 +16514,7 @@
       "operation_type",
       "request_access_security_header"
     ],
-    "docs_reference_titles": "Showing your private contributions on your profile"
+    "docs_reference_titles": "Manage visibility settings for private contributions"
   },
   {
     "action": "user.login",
@@ -16824,7 +16824,7 @@
       "created_at",
       "request_access_security_header"
     ],
-    "docs_reference_titles": "Showing your private contributions on your profile"
+    "docs_reference_titles": "Manage visibility settings for private contributions"
   },
   {
     "action": "user.sign_in_from_unrecognized_device",

src/audit-logs/data/ghes-3.17/user.json

@@ -7756,7 +7756,7 @@
       "operation_type",
       "request_access_security_header"
     ],
-    "docs_reference_titles": "Showing your private contributions on your profile"
+    "docs_reference_titles": "Manage visibility settings for private contributions"
   },
   {
     "action": "user.login",
@@ -7974,7 +7974,7 @@
       "created_at",
       "request_access_security_header"
     ],
-    "docs_reference_titles": "Showing your private contributions on your profile"
+    "docs_reference_titles": "Manage visibility settings for private contributions"
   },
   {
     "action": "user.sign_in_from_unrecognized_device",

src/audit-logs/data/ghes-3.18/enterprise.json

@@ -16617,7 +16617,7 @@
       "operation_type",
       "request_access_security_header"
     ],
-    "docs_reference_titles": "Showing your private contributions on your profile"
+    "docs_reference_titles": "Manage visibility settings for private contributions"
   },
   {
     "action": "user.login",
@@ -16927,7 +16927,7 @@
       "created_at",
       "request_access_security_header"
     ],
-    "docs_reference_titles": "Showing your private contributions on your profile"
+    "docs_reference_titles": "Manage visibility settings for private contributions"
   },
   {
     "action": "user.sign_in_from_unrecognized_device",

src/audit-logs/data/ghes-3.18/user.json

@@ -7782,7 +7782,7 @@
       "operation_type",
       "request_access_security_header"
     ],
-    "docs_reference_titles": "Showing your private contributions on your profile"
+    "docs_reference_titles": "Manage visibility settings for private contributions"
   },
   {
     "action": "user.login",
@@ -8000,7 +8000,7 @@
       "created_at",
       "request_access_security_header"
     ],
-    "docs_reference_titles": "Showing your private contributions on your profile"
+    "docs_reference_titles": "Manage visibility settings for private contributions"
   },
   {
     "action": "user.sign_in_from_unrecognized_device",

src/audit-logs/lib/config.json

@@ -9,5 +9,5 @@
     "git": "Note: Git events have special access requirements and retention policies that differ from other audit log events. For GitHub Enterprise Cloud, access Git events via the REST API only with 7-day retention. For GitHub Enterprise Server, Git events must be enabled in audit log configuration and are not included in search results.",
     "sso_redirect": "Note: Automatically redirecting users to sign in is currently in beta for Enterprise Managed Users and subject to change."
   },
-  "sha": "702197225c7719a9451017b7efcf672693a020e0"
+  "sha": "1fd7e8dc57f677be202bb6e7024a2ec4b16fd469"
 }

src/secret-scanning/data/public-docs.yml

@@ -109,7 +109,7 @@
     ghec: '*'
   isPublic: false
   isPrivateWithGhas: true
-  hasPushProtection: false
+  hasPushProtection: true
   hasValidityCheck: false
   base64Supported: false
   isduplicate: false
@@ -133,7 +133,7 @@
     ghec: '*'
   isPublic: false
   isPrivateWithGhas: true
-  hasPushProtection: false
+  hasPushProtection: true
   hasValidityCheck: false
   base64Supported: false
   isduplicate: false
@@ -1513,7 +1513,7 @@
     ghec: '*'
   isPublic: true
   isPrivateWithGhas: true
-  hasPushProtection: false
+  hasPushProtection: true
   hasValidityCheck: false
   base64Supported: false
   isduplicate: false
@@ -1525,7 +1525,7 @@
     ghec: '*'
   isPublic: true
   isPrivateWithGhas: true
-  hasPushProtection: false
+  hasPushProtection: true
   hasValidityCheck: false
   base64Supported: false
   isduplicate: false
@@ -1537,7 +1537,7 @@
     ghec: '*'
   isPublic: true
   isPrivateWithGhas: true
-  hasPushProtection: false
+  hasPushProtection: true
   hasValidityCheck: false
   base64Supported: false
   isduplicate: false
@@ -1561,7 +1561,7 @@
     ghec: '*'
   isPublic: true
   isPrivateWithGhas: true
-  hasPushProtection: false
+  hasPushProtection: true
   hasValidityCheck: false
   base64Supported: false
   isduplicate: false
@@ -1573,7 +1573,7 @@
     ghec: '*'
   isPublic: true
   isPrivateWithGhas: true
-  hasPushProtection: false
+  hasPushProtection: true
   hasValidityCheck: false
   base64Supported: false
   isduplicate: false
@@ -1585,7 +1585,7 @@
     ghec: '*'
   isPublic: true
   isPrivateWithGhas: true
-  hasPushProtection: false
+  hasPushProtection: true
   hasValidityCheck: false
   base64Supported: false
   isduplicate: false
@@ -2828,7 +2828,7 @@
     ghec: '*'
   isPublic: true
   isPrivateWithGhas: true
-  hasPushProtection: false
+  hasPushProtection: true
   hasValidityCheck: false
   base64Supported: false
   isduplicate: false
@@ -2840,7 +2840,7 @@
     ghec: '*'
   isPublic: true
   isPrivateWithGhas: true
-  hasPushProtection: false
+  hasPushProtection: true
   hasValidityCheck: false
   base64Supported: false
   isduplicate: false
@@ -5454,7 +5454,7 @@
     ghec: '*'
   isPublic: true
   isPrivateWithGhas: true
-  hasPushProtection: false
+  hasPushProtection: true
   hasValidityCheck: '{% ifversion fpt or ghes %}false{% else %}true{% endif %}'
   base64Supported: false
   isduplicate: false

src/secret-scanning/lib/config.json

@@ -1,5 +1,5 @@
 {
-  "sha": "ae0af3739bfc23949e0cf24101edb7952cbdf8a8",
-  "blob-sha": "ec6452075cc3fa2334a2677e3492d59c1bfa4cdf",
+  "sha": "8169480d878c6b1f1697f6281d9b9d8715dc1fb5",
+  "blob-sha": "3c81b74365d7beab8e483b7c8b54557cdf02ed56",
   "targetFilename": "code-security/secret-scanning/introduction/supported-secret-scanning-patterns"
 }