From 0eabfa36d47248e1cf1d0b3c4728b25ff2e9d81d Mon Sep 17 00:00:00 2001 From: Reneta Popova Date: Mon, 20 Oct 2025 18:15:30 +0100 Subject: [PATCH] Replace all mentions of we, our, and us with you and yours --- .../manage-privileges.adoc | 19 ++++++++++--------- .../password-and-user-recovery.adoc | 2 +- .../privileges-reads.adoc | 4 ++-- .../multi-data-center-routing.adoc | 18 +++++++++--------- .../pages/clustering/setup/encryption.adoc | 2 +- .../querying-composite-databases.adoc | 6 +++--- .../standard-databases/errors.adoc | 2 +- .../standard-databases/seed-from-uri.adoc | 2 -- .../pages/database-administration/syntax.adoc | 4 ++-- .../ROOT/pages/installation/linux/debian.adoc | 2 +- .../ROOT/pages/installation/linux/rpm.adoc | 2 +- modules/ROOT/pages/kubernetes/monitoring.adoc | 2 +- .../bolt-thread-pool-configuration.adoc | 2 +- modules/ROOT/pages/procedures.adoc | 2 +- .../pages/security/securing-extensions.adoc | 6 +++--- 15 files changed, 37 insertions(+), 38 deletions(-) diff --git a/modules/ROOT/pages/authentication-authorization/manage-privileges.adoc b/modules/ROOT/pages/authentication-authorization/manage-privileges.adoc index a276f2bc3..de242b9e4 100644 --- a/modules/ROOT/pages/authentication-authorization/manage-privileges.adoc +++ b/modules/ROOT/pages/authentication-authorization/manage-privileges.adoc @@ -7,19 +7,20 @@ Role-based access control (_RBAC_) is a method of restricting access to authorized users, by assigning users to specific roles with a particular set of privileges granted to them. Privileges control the access rights to graph elements using a combined allowlist/denylist mechanism. It is possible to grant or deny access, or use a combination of the two. -The user will be able to access the resource if they have a `GRANT` (allowlist) and do not have a `DENY` (denylist) relevant to that resource. -All other combinations of `GRANT` and `DENY` will result in the matching path being inaccessible. -What this means in practice depends on whether we are talking about a xref:authentication-authorization/privileges-reads.adoc[read privilege] or a xref:authentication-authorization/privileges-writes.adoc[write privilege]: +You are able to access a resource if you have a `GRANT` (allowlist) and do not have a `DENY` (denylist) relevant to that resource. +All other combinations of `GRANT` and `DENY` result in the matching path being inaccessible. +What this means in practice depends on whether you have a xref:authentication-authorization/privileges-reads.adoc[read privilege] or a xref:authentication-authorization/privileges-writes.adoc[write privilege]: -* If an entity is not accessible due to xref:authentication-authorization/privileges-reads.adoc[read privileges], the data will become invisible. -It will appear to the user as if they had a smaller database (smaller graph). -* If an entity is not accessible due to xref:authentication-authorization/privileges-writes.adoc[write privileges], an error will occur on any attempt to write that data. +* If an entity is not accessible due to xref:authentication-authorization/privileges-reads.adoc[read privileges], the data is invisible. +It appears to you as if you had a smaller database (smaller graph). +* If an entity is not accessible due to xref:authentication-authorization/privileges-writes.adoc[write privileges], an error occurs on any attempt to write that data. [NOTE] ==== -In this document we will often use the terms _'allows'_ and _'enables'_ in seemingly identical ways. However, there is a subtle difference. -We will use _'enables'_ to refer to the consequences of xref:authentication-authorization/privileges-reads.adoc[read privileges] where a restriction will not cause an error, only a reduction in the apparent graph size. -We will use _'allows'_ to refer to the consequence of xref:authentication-authorization/privileges-writes.adoc[write privileges] where a restriction can result in an error. +This page often uses the terms _'allows'_ and _'enables'_ in seemingly identical ways. +However, there is a subtle difference. +_'enables'_ refers to the consequences of xref:authentication-authorization/privileges-reads.adoc[read privileges] where a restriction will not cause an error, only a reduction in the apparent graph size. +_'allows'_ refers to the consequence of xref:authentication-authorization/privileges-writes.adoc[write privileges] where a restriction can result in an error. ==== [NOTE] diff --git a/modules/ROOT/pages/authentication-authorization/password-and-user-recovery.adoc b/modules/ROOT/pages/authentication-authorization/password-and-user-recovery.adoc index 2fb46c5b5..ea7433eb1 100644 --- a/modules/ROOT/pages/authentication-authorization/password-and-user-recovery.adoc +++ b/modules/ROOT/pages/authentication-authorization/password-and-user-recovery.adoc @@ -200,7 +200,7 @@ GRANT ALL ON DATABASE * TO admin; + [NOTE] ==== -Before running the `:exit` command, we suggest granting the newly created role to a user. +Before running the `:exit` command, grant the newly created role to a user. Although this is optional, without this step you will have only collected all admin privileges in a role that no one is assigned to. To grant the role to a user (assuming your existing user is named `neo4j`), you can run `GRANT ROLE admin TO neo4j;` diff --git a/modules/ROOT/pages/authentication-authorization/privileges-reads.adoc b/modules/ROOT/pages/authentication-authorization/privileges-reads.adoc index 1b37465cc..dd3d327f6 100644 --- a/modules/ROOT/pages/authentication-authorization/privileges-reads.adoc +++ b/modules/ROOT/pages/authentication-authorization/privileges-reads.adoc @@ -64,7 +64,7 @@ DENY [IMMUTABLE] TRAVERSE TO role[, ...] ---- -For example, we can disable users with the role `regularUsers` from finding all nodes with the label `Payments`: +For example, you can disable users with the role `regularUsers` from finding all nodes with the label `Payments`: [source, cypher, role=noplay] ---- @@ -146,7 +146,7 @@ DENY [IMMUTABLE] READ "{" { * | property[, ...] } "}" TO role[, ...] ---- -Although we just granted the role `regularUsers` the right to read all properties, we may want to hide the `secret` property. +Although you just granted the role `regularUsers` the right to read all properties, you may want to hide the `secret` property. The following example shows how to do that: [source, cypher, role=noplay] diff --git a/modules/ROOT/pages/clustering/multi-region-deployment/multi-data-center-routing.adoc b/modules/ROOT/pages/clustering/multi-region-deployment/multi-data-center-routing.adoc index d091f2e5b..0f9ed7feb 100644 --- a/modules/ROOT/pages/clustering/multi-region-deployment/multi-data-center-routing.adoc +++ b/modules/ROOT/pages/clustering/multi-region-deployment/multi-data-center-routing.adoc @@ -344,7 +344,7 @@ The DSL is made available by selecting the `user-defined` catch-up strategy as f server.cluster.catchup.upstream_strategy=user-defined ---- -Once the user-defined strategy has been specified, we can add configuration to the xref:configuration/configuration-settings.adoc#config_server.cluster.catchup.user_defined_upstream_strategy[`server.cluster.catchup.user_defined_upstream_strategy`] setting based on the server tags that have been set for the cluster. +Once the user-defined strategy has been specified, you can add configuration to the xref:configuration/configuration-settings.adoc#config_server.cluster.catchup.user_defined_upstream_strategy[`server.cluster.catchup.user_defined_upstream_strategy`] setting based on the server tags that have been set for the cluster. This functionality is described with two examples: @@ -354,7 +354,7 @@ This functionality is described with two examples: For illustrative purposes four regions are proposed: `north`, `south`, `east`, and `west` and within each region there is a number of data centers such as `north1` or `west2`. The server tags are configured so that each data center maps to its own server tag. Additionally it is assumed that each data center fails independently from the others and that a region can act as a supergroup of its constituent data centers. -So a server in the `north` region might have configuration like `initial.server.tags=north2,north` which puts it in two groups that match to our physical topology as shown in the diagram below. +So a server in the `north` region might have configuration like `initial.server.tags=north2,north` which puts it in two groups that match to your physical topology as shown in the diagram below. [[img-nesw-regions-and-dcs]] image::nesw-regions-and-dcs.svg[title="Mapping regions and data centers onto server tags", role="middle"] @@ -406,25 +406,25 @@ The `min()` filter is a simple but reasonable health indicator of a set of serve // === Building upstream strategy plugins using Java // Neo4j supports an API which advanced users may use to enhance upstream recommendations in arbitrary ways: load, subnet, machine size, or anything else accessible from the JVM. -// In such cases we are invited to build our own implementations of `org.neo4j.causalclustering.upstream.UpstreamDatabaseSelectionStrategy` to suit our own needs, and register them with the catch-up strategy selection pipeline just like the pre-packaged plugins. +// In such cases you are invited to build your own implementations of `org.neo4j.causalclustering.upstream.UpstreamDatabaseSelectionStrategy` to suit your own needs, and register them with the catch-up strategy selection pipeline just like the pre-packaged plugins. -// We have to override the `org.neo4j.causalclustering.upstream.UpstreamDatabaseSelectionStrategy#upstreamDatabase()` method in our code. -// Overriding that class gives us access to the following items: +// You have to override the `org.neo4j.causalclustering.upstream.UpstreamDatabaseSelectionStrategy#upstreamDatabase()` method in your code. +// Overriding that class gives you access to the following items: // [options="header"] // |=== // | Resource | Description // | `org.neo4j.causalclustering.discovery.TopologyService` | This is a directory service which provides access to the addresses of all servers and server groups in the cluster. // | `org.neo4j.kernel.configuration.Config` | This provides the configuration from _neo4j.conf_ for the local instance. -// Configuration for our own plugin can reside here. +// Configuration for your own plugin can reside here. // | `org.neo4j.causalclustering.identity.MemberId` | This provides the unique cluster `MemberId` of the current instance. // |=== -// Once our code is written and tested, we have to prepare it for deployment. +// Once your code is written and tested, you have to prepare it for deployment. // `UpstreamDatabaseSelectionStrategy` plugins are loaded via the Java Service Loader. -// This means when we package our code into a jar file, we'll have to create a file _META-INF.services/org.neo4j.upstream.readreplica.UpstreamDatabaseSelectionStrategy_ in which we write the fully qualified class name(s) of the plugins, e.g. `org.example.myplugins.PreferServersWithHighIOPS`. +// This means when you package your code into a jar file, you'll have to create a file _META-INF.services/org.neo4j.upstream.readreplica.UpstreamDatabaseSelectionStrategy_ in which you write the fully qualified class name(s) of the plugins, e.g. `org.example.myplugins.PreferServersWithHighIOPS`. -// To deploy this jar into the Neo4j server we copy it into the xref:configuration/file-locations.adoc[_plugins_] directory and restart the instance. +// To deploy this jar into the Neo4j server you copy it into the xref:configuration/file-locations.adoc[_plugins_] directory and restart the instance. [[mdc-favoring-data-centers]] === Favoring data centers diff --git a/modules/ROOT/pages/clustering/setup/encryption.adoc b/modules/ROOT/pages/clustering/setup/encryption.adoc index d8c006fb1..f033e51ea 100644 --- a/modules/ROOT/pages/clustering/setup/encryption.adoc +++ b/modules/ROOT/pages/clustering/setup/encryption.adoc @@ -50,7 +50,7 @@ This could be verified from within the certificate details: ---- openssl x509 -in public.crt -noout -text ---- -We should see that the X509v3 Extended Key Usage section shows both the usages listed: +You should see that the X509v3 Extended Key Usage section shows both the usages listed: ---- X509v3 Extended Key Usage: diff --git a/modules/ROOT/pages/database-administration/composite-databases/querying-composite-databases.adoc b/modules/ROOT/pages/database-administration/composite-databases/querying-composite-databases.adoc index 6c9f3611d..94cefa9e9 100644 --- a/modules/ROOT/pages/database-administration/composite-databases/querying-composite-databases.adoc +++ b/modules/ROOT/pages/database-administration/composite-databases/querying-composite-databases.adoc @@ -5,7 +5,7 @@ = Set up and query composite databases //Make an image that sets up the example? -//The query examples assume that we have a setup similar to that in <>. +//The query examples assume that you have a setup similar to that in <>. The examples featured in this section make use of the two Cypher clauses: link:{neo4j-docs-base-uri}/cypher-manual/current/clauses/use[`USE`] and link:{neo4j-docs-base-uri}/cypher-manual/current/subqueries/call-subquery/[`CALL {}`]. @@ -147,7 +147,7 @@ RETURN movie.title AS title ---- ==== In the example above, the part of the query accessing graph data, `MATCH (movie:Movie)`, is wrapped in a sub-query with a dynamic `USE` clause. -`UNWIND` is used to get the names of our graphs, each on one row. +`UNWIND` is used to get the names of your graphs, each on one row. The `CALL {}` sub-query executes once per input row. In this case, once selecting `cineasts.latest`, and once selecting `cineasts.upcoming`. @@ -239,7 +239,7 @@ RETURN movie ==== The first part of the query finds the movie with the longest running time from `cineasts.latest`, and returns its release month. -The second part of the query finds all movies in `cineasts.upcoming` that fulfill our condition and returns them. +The second part of the query finds all movies in `cineasts.upcoming` that fulfill your condition and returns them. The sub-query imports the `monthOfLongest` variable using `WITH monthOfLongest`, to make it accessible. [[composite-databases-queries-updates]] diff --git a/modules/ROOT/pages/database-administration/standard-databases/errors.adoc b/modules/ROOT/pages/database-administration/standard-databases/errors.adoc index 284d89c0f..d1a1c8bb3 100644 --- a/modules/ROOT/pages/database-administration/standard-databases/errors.adoc +++ b/modules/ROOT/pages/database-administration/standard-databases/errors.adoc @@ -190,7 +190,7 @@ The possible values for the optional operation are: If you choose to clear the current cluster state, the server will try to join as a new member, but this joining can succeed if and only if there is a majority of old members "letting" the new members in. -Let's assume our cluster has a topology with three primaries. +Let's assume your cluster has a topology with three primaries. If there is only one server in `QUARANTINED` mode, then it is safe to choose `replaceStateKeepStore` or `replaceStateReplaceStore`. If there are two servers in `QUARANTINED` mode, then you should not use concurrently `replaceStateKeepStore` or `replaceStateReplaceStore` for both servers because there would be no majority to let them in. diff --git a/modules/ROOT/pages/database-administration/standard-databases/seed-from-uri.adoc b/modules/ROOT/pages/database-administration/standard-databases/seed-from-uri.adoc index 570c19d4b..e76568b77 100644 --- a/modules/ROOT/pages/database-administration/standard-databases/seed-from-uri.adoc +++ b/modules/ROOT/pages/database-administration/standard-databases/seed-from-uri.adoc @@ -187,8 +187,6 @@ CREATE DATABASE foo OPTIONS { seedURI: 'azb://myStorageAccount/myContainer/myBac [[s3-seed-provider]] === S3SeedProvider -// When Cypher 25 is released, we have to label this section 'Cypher 5' as this functionality is only available in Cypher 5. - The `S3SeedProvider` supports: ** `s3:` label:deprecated[Deprecated in 5.26] diff --git a/modules/ROOT/pages/database-administration/syntax.adoc b/modules/ROOT/pages/database-administration/syntax.adoc index 957f2d37e..553c36f4a 100644 --- a/modules/ROOT/pages/database-administration/syntax.adoc +++ b/modules/ROOT/pages/database-administration/syntax.adoc @@ -34,7 +34,7 @@ Needs to be part of a grouping. | `[` and `]` | Used to indicate an optional part of the command. It also groups alternatives together, when there can be either of the alternatives or nothing. -| If a keyword in the syntax can either be in singular or plural, we can indicate that the `S` is optional with `GRAPH[S]`. +| If a keyword in the syntax can either be in singular or plural, you can indicate that the `S` is optional with `GRAPH[S]`. | `+...+` | @@ -43,7 +43,7 @@ Related to the command part immediately before this is repeated. | A comma separated list of names would be `+name[, ...]+`. | `"` -| When a special character is part of the syntax itself, we surround it with `"` to indicate this. +| When a special character is part of the syntax itself, surround it with `"` to indicate this. | To include `+{+` in the syntax use `+"{" { * \| name } "}"+`. In this case, you will get either `+{ * }+` or `+{ name }+`. diff --git a/modules/ROOT/pages/installation/linux/debian.adoc b/modules/ROOT/pages/installation/linux/debian.adoc index 614988e80..2cf66c704 100644 --- a/modules/ROOT/pages/installation/linux/debian.adoc +++ b/modules/ROOT/pages/installation/linux/debian.adoc @@ -10,7 +10,7 @@ You can install Neo4j on Debian, and Debian-based distributions like Ubuntu, usi Neo4j {neo4j-version} requires the Java 21 runtime. === OpenJDK Java 21 -Most of our supported Linux distributions have OpenJDK Java 21 available by default. +Most of the supported Linux distributions have OpenJDK Java 21 available by default. Consequently, no extra setup is required if you are using OpenJDK Java, the correct Java dependency will be installed by the package manager when installing Neo4j. [[debian-prerequisites-notopenjdk]] diff --git a/modules/ROOT/pages/installation/linux/rpm.adoc b/modules/ROOT/pages/installation/linux/rpm.adoc index 4846cb94f..8d1070ef4 100644 --- a/modules/ROOT/pages/installation/linux/rpm.adoc +++ b/modules/ROOT/pages/installation/linux/rpm.adoc @@ -10,7 +10,7 @@ You can deploy Neo4j on Red Hat, CentOS, Fedora, or Amazon Linux distributions u Neo4j {neo4j-version} requires the Java 21 runtime. === OpenJDK Java 21 -Most of our supported Linux distributions have OpenJDK Java 21 available by default. +Most of the supported Linux distributions have OpenJDK Java 21 available by default. Consequently, no extra setup is required if you are using OpenJDK Java, the correct Java dependency will be installed by the package manager when installing Neo4j. === Zulu JDK 21 or Corretto 21 diff --git a/modules/ROOT/pages/kubernetes/monitoring.adoc b/modules/ROOT/pages/kubernetes/monitoring.adoc index 9b7f1d960..888f3c845 100644 --- a/modules/ROOT/pages/kubernetes/monitoring.adoc +++ b/modules/ROOT/pages/kubernetes/monitoring.adoc @@ -33,7 +33,7 @@ debug.log neo4j.log query.log security.log == Log collection The Neo4j log output can be collected from the log files and sent to a unified location using tools, such as Fluentd (https://www.fluentd.org) or Logstash (https://www.elastic.co/logstash). -We recommend running these either as "sidecar" containers in the Neo4j pods or as separate DaemonSets. +It is recommended to run these either as "sidecar" containers in the Neo4j pods or as separate DaemonSets. * For more information about Pods and the sidecar pattern, see link:https://kubernetes.io/docs/concepts/workloads/pods/[Kubernetes Pod documentation]. * For more information about DaemonSets, see link:https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/[Kubernetes DaemonSet documentation]. diff --git a/modules/ROOT/pages/performance/bolt-thread-pool-configuration.adoc b/modules/ROOT/pages/performance/bolt-thread-pool-configuration.adoc index 3ff75bd87..b4a8248c3 100644 --- a/modules/ROOT/pages/performance/bolt-thread-pool-configuration.adoc +++ b/modules/ROOT/pages/performance/bolt-thread-pool-configuration.adoc @@ -60,7 +60,7 @@ You should also account for non-transaction operations that will take place on t .Configure the thread pool for a Bolt connector ==== -In this example we configure the Bolt thread pool to be of minimum size `5`, maximum size `100`, and have a keep-alive time of `10 minutes`. +In this example, you configure the Bolt thread pool to be of minimum size `5`, maximum size `100`, and have a keep-alive time of `10 minutes`. [source, properties] ---- diff --git a/modules/ROOT/pages/procedures.adoc b/modules/ROOT/pages/procedures.adoc index 5580ff4af..8e5ac9cb8 100644 --- a/modules/ROOT/pages/procedures.adoc +++ b/modules/ROOT/pages/procedures.adoc @@ -1175,7 +1175,7 @@ The possible values for the optional operation are: If you choose to clear the current cluster state, the server will try to join as a new member, but this joining can succeed if and only if there is a majority of old members "letting" the new members in. -Let's assume our cluster has a topology with three primaries. +Let's assume your cluster has a topology with three primaries. If there is only one server in `QUARANTINED` mode, then it is safe to choose `replaceStateKeepStore` or `replaceStateReplaceStore`. If there are two servers in `QUARANTINED` mode, then you should not use concurrently `replaceStateKeepStore` or `replaceStateReplaceStore` for both servers because there would be no majority to let them in. ==== diff --git a/modules/ROOT/pages/security/securing-extensions.adoc b/modules/ROOT/pages/security/securing-extensions.adoc index 736017065..32d336cb8 100644 --- a/modules/ROOT/pages/security/securing-extensions.adoc +++ b/modules/ROOT/pages/security/securing-extensions.adoc @@ -20,8 +20,8 @@ The list may contain both fully qualified procedure names, and partial names wit .Allow listing ==== -In this example, we need to allow the use of the method `apoc.load.json` as well as all the methods under `apoc.coll`. -We do not want to make available any additional extensions from the `apoc` library, other than the ones matching these criteria. +In this example, you need to allow the use of the method `apoc.load.json` as well as all the methods under `apoc.coll`. +You do not want any additional extensions from the `apoc` library to become available, other than the ones matching these criteria. [source, properties] ---- @@ -56,7 +56,7 @@ The list may contain both fully qualified procedure and function names, and part .Unrestricting ==== -In this example, we need to unrestict the use of the procedures `apoc.cypher.runFirstColumn` and `apoc.cypher.doIt`. +In this example, you need to unrestict the use of the procedures `apoc.cypher.runFirstColumn` and `apoc.cypher.doIt`. [source, properties] ----