diff --git a/content/billing/how-tos/pay-third-parties/cancel-sponsorship.md b/content/billing/how-tos/pay-third-parties/cancel-sponsorship.md index a61cea210c8b..ac003715cb1a 100644 --- a/content/billing/how-tos/pay-third-parties/cancel-sponsorship.md +++ b/content/billing/how-tos/pay-third-parties/cancel-sponsorship.md @@ -28,7 +28,7 @@ Organizations that pay for {% data variables.product.prodname_sponsors %} by inv {% data reusables.profile.access_org %} {% data reusables.profile.org_settings %} -1. In the "Access" section of the sidebar, click **{% octicon "credit-card" aria-hidden="true" aria-label="credit-card" %} Billing and plans**. +1. In the "Access" section of the sidebar, click **{% octicon "credit-card" aria-hidden="true" aria-label="credit-card" %} Billing and licensing**. 1. Under "{% data variables.product.prodname_sponsors %}", in the yellow banner with the start date, click **Undo**. 1. Review the alert about undoing the activation of the sponsorship, then click **OK**. diff --git a/content/billing/how-tos/set-up-payment/connect-azure-sub.md b/content/billing/how-tos/set-up-payment/connect-azure-sub.md index c201a2fd3623..fd49728417d5 100644 --- a/content/billing/how-tos/set-up-payment/connect-azure-sub.md +++ b/content/billing/how-tos/set-up-payment/connect-azure-sub.md @@ -36,8 +36,8 @@ You can pay for metered usage of {% data variables.product.github %} features th {% data reusables.profile.access_org %} {% data reusables.profile.org_settings %} -1. In the "Access" section of the sidebar, click **{% octicon "credit-card" aria-hidden="true" aria-label="credit-card" %} Billing and plans**. -1. Under "Billing Management", to the right of "Metered billing via Azure", click **Add Azure Subscription**. +1. In the "Access" section of the sidebar, click **{% octicon "credit-card" aria-hidden="true" aria-label="credit-card" %} Billing and licensing**. +1. Under "Payment Information", to the right of "Metered billing via Azure", click **Add Azure Subscription**. 1. Sign in to your Microsoft account. 1. Review the "Permissions requested" prompt. If you agree with the terms, click **Accept**. diff --git a/content/code-security/dependabot/working-with-dependabot/dependabot-options-reference.md b/content/code-security/dependabot/working-with-dependabot/dependabot-options-reference.md index 2d3ab1ad4c43..8b58f8817236 100644 --- a/content/code-security/dependabot/working-with-dependabot/dependabot-options-reference.md +++ b/content/code-security/dependabot/working-with-dependabot/dependabot-options-reference.md @@ -106,7 +106,7 @@ For most package managers, you should define a value that will match the depende | Dependency types | Supported by package managers | Allow updates | |------------------|-------------------------------|--------| | `direct` | All | All explicitly defined dependencies. | -| `indirect` | `bundler`, `pip`, `composer`, `cargo`, `gomod` | Dependencies of direct dependencies (also known as sub-dependencies, or transient dependencies).| +| `indirect` | `bundler`, `pip`, `composer`, `cargo`, `gomod` | Dependencies of direct dependencies (also known as sub-dependencies, or transitive dependencies).| | `all` | All | All explicitly defined dependencies. For `bundler`, `pip`, `composer`, `cargo`, `gomod`, also the dependencies of direct dependencies.| | `production` | `bundler`, `composer`, `mix`, `maven`, `npm`, `pip` (not all managers) | Only to dependencies defined by the package manager as production dependencies. | | `development`| `bundler`, `composer`, `mix`, `maven`, `npm`, `pip` (not all managers) | Only to dependencies defined by the package manager as development dependencies. | diff --git a/content/copilot/how-tos/administer-copilot/configure-mcp-server-access.md b/content/copilot/how-tos/administer-copilot/configure-mcp-server-access.md index bf00998c76fa..b2a16db071b4 100644 --- a/content/copilot/how-tos/administer-copilot/configure-mcp-server-access.md +++ b/content/copilot/how-tos/administer-copilot/configure-mcp-server-access.md @@ -86,7 +86,7 @@ When an enterprise lets child organizations configure their own MCP policies, ea | Eclipse | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %} | | JetBrains | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %} | | {% data variables.product.prodname_vs %} | {% octicon "x" aria-label="Not supported" %} | {% octicon "x" aria-label="Not supported" %} | -| {% data variables.product.prodname_vscode_shortname %} | {% octicon "check" aria-label="Supported" %} | {% octicon "x" aria-label="Not supported" %} | +| {% data variables.product.prodname_vscode_shortname %} | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %} | | {% data variables.product.prodname_vscode_shortname %} Insiders | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %} | | Xcode | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %} | diff --git a/content/organizations/organizing-members-into-teams/about-teams.md b/content/organizations/organizing-members-into-teams/about-teams.md index e909b2496474..65f60763bd4a 100644 --- a/content/organizations/organizing-members-into-teams/about-teams.md +++ b/content/organizations/organizing-members-into-teams/about-teams.md @@ -20,7 +20,8 @@ You can use teams to manage access for people in an organization, and for sendin {% ifversion not ghes %} ->![TIP] If you use an enterprise account, you can also create teams at the enterprise level. For more information, see [AUTOTITLE](/enterprise-cloud@latest/admin/overview/about-teams). +> [!TIP] +> If you use an enterprise account, you can also create teams at the enterprise level. For more information, see [AUTOTITLE](/enterprise-cloud@latest/admin/overview/about-teams). {% endif %} diff --git a/content/sponsors/sponsoring-open-source-contributors/paying-for-github-sponsors-by-invoice.md b/content/sponsors/sponsoring-open-source-contributors/paying-for-github-sponsors-by-invoice.md index 215c253f65bf..ac1f59066d7b 100644 --- a/content/sponsors/sponsoring-open-source-contributors/paying-for-github-sponsors-by-invoice.md +++ b/content/sponsors/sponsoring-open-source-contributors/paying-for-github-sponsors-by-invoice.md @@ -40,7 +40,7 @@ If your organization currently pays for {% data variables.product.prodname_spons {% data reusables.profile.access_org %} {% data reusables.profile.org_settings %} -1. In the "Access" section of the sidebar, click **{% octicon "credit-card" aria-hidden="true" aria-label="credit-card" %} Billing and plans**. +1. In the "Access" section of the sidebar, click **{% octicon "credit-card" aria-hidden="true" aria-label="credit-card" %} Billing and licensing**. 1. Scroll to the "{% data variables.product.prodname_sponsors %}" section and click **Switch to invoiced billing**. 1. Compare credit card and invoice billing on the next page. To proceed with changing to invoiced billing, click **Switch to invoiced billing**. 1. Fill out the form and click **Submit**. diff --git a/data/release-notes/enterprise-server/3-14/17.yml b/data/release-notes/enterprise-server/3-14/17.yml index 8bc2d05017ee..951b432357fd 100644 --- a/data/release-notes/enterprise-server/3-14/17.yml +++ b/data/release-notes/enterprise-server/3-14/17.yml @@ -11,7 +11,7 @@ sections: - | After enabling GitHub Actions or performing an upgrade with GitHub Actions enabled, administrators experienced a delay of approximately 10 minutes longer than they should have due to a faulty connection check. This is fixed for future enablement and upgrades. - | - After upgrading to GHES 3.14.16, GHES 3.15.11, GHES 3.16.7, or GHES 3.17.4, administrators found that draft pull requests for private repositories were no longer available. + After upgrading to GHES 3.14.16, GHES 3.15.11, GHES 3.16.7, or GHES 3.17.4, administrators found that draft pull requests and autolink references for private repositories were no longer available. [Updated: 2025-11-11] changes: - | When administrators run the `ghe-support-bundle` command on an unconfigured node, the output clearly states that metadata collection was skipped, instead of producing misleading `curl` errors. This improves the clarity of support bundle diagnostics. diff --git a/data/release-notes/enterprise-server/3-14/19.yml b/data/release-notes/enterprise-server/3-14/19.yml index 2fa2ac44e1c3..053051930c1a 100644 --- a/data/release-notes/enterprise-server/3-14/19.yml +++ b/data/release-notes/enterprise-server/3-14/19.yml @@ -3,8 +3,6 @@ sections: security_fixes: - | **CRITICAL:** Redis has been upgraded to version 6.2.20 to address CVE-2025-49844 (also known as RediShell). Administrators should apply this update promptly to mitigate potential security risks. - - | - **HIGH:** A privilege escalation vulnerability in GitHub Enterprise Server allowed an authenticated enterprise admin to gain root SSH access. The exploit used a symlink escape in pre-receive hook environments. An attacker could craft a malicious repository and environment to replace system binaries during hook cleanup. This allowed them to execute a payload that added their SSH key to the root user's authorized keys, granting root SSH access. The attacker needed enterprise admin privileges to exploit this vulnerability. This has been assigned CVE-2025-11578 and was reported through the GitHub Bug Bounty program. - | **HIGH:** An attacker could execute arbitrary code in the context of other users' browsers by supplying a malicious `label:` value that was injected into the DOM without proper sanitization. This could be triggered when a user visits a crafted Issues search URL, enabling session hijacking, account takeover, and recovery code exfiltration. GitHub has requested CVE ID [CVE-2025-11892](https://www.cve.org/cverecord?id=CVE-2025-11892) for this vulnerability, which was reported via the [GitHub Bug Bounty program](https://bounty.github.com/). - | diff --git a/data/release-notes/enterprise-server/3-15/12.yml b/data/release-notes/enterprise-server/3-15/12.yml index 09d015d99b4a..9437c6a31077 100644 --- a/data/release-notes/enterprise-server/3-15/12.yml +++ b/data/release-notes/enterprise-server/3-15/12.yml @@ -27,7 +27,7 @@ sections: - | Site administrators observed that uploading a license failed to restart GitHub services after upgrading GitHub Enterprise Server due to file permission issues in `/var/log/license-upgrade`. - | - After upgrading to GHES 3.15.11, GHES 3.16.7, or GHES 3.17.4, administrators found that draft pull requests for private repositories were no longer available. + After upgrading to GHES 3.15.11, GHES 3.16.7, or GHES 3.17.4, administrators found that draft pull requests and autolink references for private repositories were no longer available. [Updated: 2025-11-11] changes: - | When administrators run the `ghe-support-bundle` command on an unconfigured node, the output clearly states that metadata collection was skipped, instead of producing misleading `curl` errors. This improves the clarity of support bundle diagnostics. diff --git a/data/release-notes/enterprise-server/3-15/14.yml b/data/release-notes/enterprise-server/3-15/14.yml index 7e8b7ce52c6e..7b3cf404675f 100644 --- a/data/release-notes/enterprise-server/3-15/14.yml +++ b/data/release-notes/enterprise-server/3-15/14.yml @@ -3,8 +3,6 @@ sections: security_fixes: - | **CRITICAL:** Redis has been upgraded to version 6.2.20 to address CVE-2025-49844 (also known as RediShell). Administrators should apply this update promptly to mitigate potential security risks. - - | - **HIGH:** A privilege escalation vulnerability in GitHub Enterprise Server allowed an authenticated enterprise admin to gain root SSH access. The exploit used a symlink escape in pre-receive hook environments. An attacker could craft a malicious repository and environment to replace system binaries during hook cleanup. This allowed them to execute a payload that added their SSH key to the root user's authorized keys, granting root SSH access. The attacker needed enterprise admin privileges to exploit this vulnerability. This has been assigned CVE-2025-11578 and was reported through the GitHub Bug Bounty program. - | **HIGH:** An attacker could execute arbitrary code in the context of other users' browsers by supplying a malicious `label:` value that was injected into the DOM without proper sanitization. This could be triggered when a user visits a crafted Issues search URL, enabling session hijacking, account takeover, and recovery code exfiltration. GitHub has requested CVE ID [CVE-2025-11892](https://www.cve.org/cverecord?id=CVE-2025-11892) for this vulnerability, which was reported via the [GitHub Bug Bounty program](https://bounty.github.com/). - | diff --git a/data/release-notes/enterprise-server/3-16/10.yml b/data/release-notes/enterprise-server/3-16/10.yml index 701c3cbfafc3..0544b5569c14 100644 --- a/data/release-notes/enterprise-server/3-16/10.yml +++ b/data/release-notes/enterprise-server/3-16/10.yml @@ -3,8 +3,6 @@ sections: security_fixes: - | **CRITICAL:** Redis has been upgraded to version 6.2.20 to address CVE-2025-49844 (also known as RediShell). Administrators should apply this update promptly to mitigate potential security risks. - - | - **HIGH:** A privilege escalation vulnerability in GitHub Enterprise Server allowed an authenticated enterprise admin to gain root SSH access. The exploit used a symlink escape in pre-receive hook environments. An attacker could craft a malicious repository and environment to replace system binaries during hook cleanup. This allowed them to execute a payload that added their SSH key to the root user's authorized keys, granting root SSH access. The attacker needed enterprise admin privileges to exploit this vulnerability. This has been assigned CVE-2025-11578 and was reported through the GitHub Bug Bounty program. - | **HIGH:** An attacker could execute arbitrary code in the context of other users' browsers by supplying a malicious `label:` value that was injected into the DOM without proper sanitization. This could be triggered when a user visits a crafted Issues search URL, enabling session hijacking, account takeover, and recovery code exfiltration. GitHub has requested CVE ID [CVE-2025-11892](https://www.cve.org/cverecord?id=CVE-2025-11892) for this vulnerability, which was reported via the [GitHub Bug Bounty program](https://bounty.github.com/). - | diff --git a/data/release-notes/enterprise-server/3-16/8.yml b/data/release-notes/enterprise-server/3-16/8.yml index 4bef2029d948..68149a886079 100644 --- a/data/release-notes/enterprise-server/3-16/8.yml +++ b/data/release-notes/enterprise-server/3-16/8.yml @@ -27,7 +27,7 @@ sections: - | Administrators debugging Elasticsearch index repairs previously did not see a "starting" log entry before a repair began, making it harder to track repair initiation in logs. - | - After upgrading to GHES 3.16.7, or GHES 3.17.4, administrators found that draft pull requests for private repositories were no longer available. + After upgrading to GHES 3.16.7, or GHES 3.17.4, administrators found that draft pull requests and autolink references for private repositories were no longer available. [Updated: 2025-11-11] - | Site administrators experienced crashes in MySQL when running data backfills, such as during database maintenance or upgrades. changes: diff --git a/data/release-notes/enterprise-server/3-17/5.yml b/data/release-notes/enterprise-server/3-17/5.yml index f2462e0cbfdb..c37f1458f97d 100644 --- a/data/release-notes/enterprise-server/3-17/5.yml +++ b/data/release-notes/enterprise-server/3-17/5.yml @@ -35,7 +35,7 @@ sections: - | Audit log entries for some Dependabot-related events were missing for administrators and security teams due to an outdated allowlist configuration. - | - After upgrading to GHES 3.17.4, administrators found that draft pull requests for private repositories were no longer available. + After upgrading to GHES 3.17.4, administrators found that draft pull requests and autolink references for private repositories were no longer available. [Updated: 2025-11-11] - | Site administrators experienced crashes in MySQL when running data backfills, such as during database maintenance or upgrades. changes: diff --git a/data/release-notes/enterprise-server/3-17/7.yml b/data/release-notes/enterprise-server/3-17/7.yml index 3ed940e5fb20..ca274d4f3e80 100644 --- a/data/release-notes/enterprise-server/3-17/7.yml +++ b/data/release-notes/enterprise-server/3-17/7.yml @@ -3,8 +3,6 @@ sections: security_fixes: - | **CRITICAL:** Redis has been upgraded to version 6.2.20 to address CVE-2025-49844 (also known as RediShell). Administrators should apply this update promptly to mitigate potential security risks. - - | - **HIGH:** A privilege escalation vulnerability in GitHub Enterprise Server allowed an authenticated enterprise admin to gain root SSH access. The exploit used a symlink escape in pre-receive hook environments. An attacker could craft a malicious repository and environment to replace system binaries during hook cleanup. This allowed them to execute a payload that added their SSH key to the root user's authorized keys, granting root SSH access. The attacker needed enterprise admin privileges to exploit this vulnerability. This has been assigned CVE-2025-11578 and was reported through the GitHub Bug Bounty program. - | **HIGH:** An attacker could execute arbitrary code in the context of other users' browsers by supplying a malicious `label:` value that was injected into the DOM without proper sanitization. This could be triggered when a user visits a crafted Issues search URL, enabling session hijacking, account takeover, and recovery code exfiltration. GitHub has requested CVE ID [CVE-2025-11892](https://www.cve.org/cverecord?id=CVE-2025-11892) for this vulnerability, which was reported via the [GitHub Bug Bounty program](https://bounty.github.com/). - | diff --git a/data/release-notes/enterprise-server/3-18/1.yml b/data/release-notes/enterprise-server/3-18/1.yml index fe55f4526551..112fab8c4cde 100644 --- a/data/release-notes/enterprise-server/3-18/1.yml +++ b/data/release-notes/enterprise-server/3-18/1.yml @@ -3,8 +3,6 @@ sections: security_fixes: - | **CRITICAL:** Redis has been upgraded to version 6.2.20 to address CVE-2025-49844 (also known as RediShell). Administrators should apply this update promptly to mitigate potential security risks. - - | - **HIGH:** A privilege escalation vulnerability in GitHub Enterprise Server allowed an authenticated enterprise admin to gain root SSH access. The exploit used a symlink escape in pre-receive hook environments. An attacker could craft a malicious repository and environment to replace system binaries during hook cleanup. This allowed them to execute a payload that added their SSH key to the root user's authorized keys, granting root SSH access. The attacker needed enterprise admin privileges to exploit this vulnerability. This has been assigned CVE-2025-11578 and was reported through the GitHub Bug Bounty program. - | **HIGH:** An attacker could execute arbitrary code in the context of other users' browsers by supplying a malicious `label:` value that was injected into the DOM without proper sanitization. This could be triggered when a user visits a crafted Issues search URL, enabling session hijacking, account takeover, and recovery code exfiltration. GitHub has requested CVE ID [CVE-2025-11892](https://www.cve.org/cverecord?id=CVE-2025-11892) for this vulnerability, which was reported via the [GitHub Bug Bounty program](https://bounty.github.com/). - | diff --git a/data/reusables/copilot/custom-agents-example-profiles.md b/data/reusables/copilot/custom-agents-example-profiles.md index d678e673c301..eefa55511c1f 100644 --- a/data/reusables/copilot/custom-agents-example-profiles.md +++ b/data/reusables/copilot/custom-agents-example-profiles.md @@ -1,4 +1,4 @@ -The following examples demonstrate what an {% data variables.copilot.agent_profile %} could look like for the common tasks of writing tests or planning the implementation of a project. For additional inspiration, see the [{% data variables.copilot.custom_agents_caps_short %}](/copilot/tutorials/customization-library/custom-agents) examples in the customization library. You can also find examples in the [awesome-copilot](https://github.com/github/awesome-copilot/tree/main/chatmodes?utm_source=docs-web-copilot-coding-agent&utm_medium=docs&utm_campaign=universe25post) community collection, though note that the community examples are designed for {% data variables.product.prodname_vscode_shortname %} chat modes, so the syntax may differ slightly from the {% data variables.copilot.custom_agents_short %} syntax. +The following examples demonstrate what an {% data variables.copilot.agent_profile %} could look like for the common tasks of writing tests or planning the implementation of a project. For additional inspiration, see the [{% data variables.copilot.custom_agents_caps_short %}](/copilot/tutorials/customization-library/custom-agents) examples in the customization library. You can also find examples in the [awesome-copilot](https://github.com/github/awesome-copilot/tree/main/agents) community collection, though note that the community examples are designed for {% data variables.product.prodname_vscode_shortname %} chat modes, so the syntax may differ slightly from the {% data variables.copilot.custom_agents_short %} syntax. ### Testing specialist diff --git a/data/reusables/organizations/billing_plans.md b/data/reusables/organizations/billing_plans.md index 2e8fc1795a4b..1295334b8c9e 100644 --- a/data/reusables/organizations/billing_plans.md +++ b/data/reusables/organizations/billing_plans.md @@ -1 +1 @@ -1. In the "Access" section of the sidebar, click **{% octicon "credit-card" aria-hidden="true" aria-label="credit-card" %} Billing and plans**. +1. In the "Access" section of the sidebar, click **{% octicon "credit-card" aria-hidden="true" aria-label="credit-card" %} Billing and licensing**. diff --git a/data/reusables/user-settings/billing-plans-two-platforms.md b/data/reusables/user-settings/billing-plans-two-platforms.md index cdc0193948f4..9b5a6a03eef5 100644 --- a/data/reusables/user-settings/billing-plans-two-platforms.md +++ b/data/reusables/user-settings/billing-plans-two-platforms.md @@ -1 +1 @@ -1. In the "Access" section of the sidebar, click **{% octicon "credit-card" aria-hidden="true" aria-label="credit-card" %} Billing & licensing** and then **Licensing** (new platform). Alternatively, click **{% octicon "credit-card" aria-hidden="true" aria-label="credit-card" %} Billing and plans**, then click **Plans and usage** (original platform). +1. In the "Access" section of the sidebar, click **{% octicon "credit-card" aria-hidden="true" aria-label="credit-card" %} Billing & licensing** and then **Licensing** (new platform). Alternatively, click **{% octicon "credit-card" aria-hidden="true" aria-label="credit-card" %} Billing and licensing**, then click **Plans and usage** (original platform). diff --git a/data/reusables/user-settings/billing_plans_payment.md b/data/reusables/user-settings/billing_plans_payment.md index f5d30d61d454..0f3f8bb52361 100644 --- a/data/reusables/user-settings/billing_plans_payment.md +++ b/data/reusables/user-settings/billing_plans_payment.md @@ -1 +1 @@ -1. In the "Access" section of the sidebar, click **{% octicon "credit-card" aria-hidden="true" aria-label="credit-card" %} Billing and plans**, then click **Payment information**. +1. In the "Access" section of the sidebar, click **{% octicon "credit-card" aria-hidden="true" aria-label="credit-card" %} Billing and licensing**, then click **Payment information**.