From 39ff40ef9c7debdcb98f5976837434a221485422 Mon Sep 17 00:00:00 2001 From: Kevin Heis Date: Tue, 14 Jul 2026 07:48:21 -0700 Subject: [PATCH 1/5] Update redirected internal links in admin (configuring-settings+data-residency+enforcing-policies+installing-your-enterprise-server) (#62130) Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --- .../about-github-connect.md | 6 ++-- ...c-user-license-sync-for-your-enterprise.md | 6 ++-- ...enabling-dependabot-for-your-enterprise.md | 28 +++++++++---------- .../enabling-github-connect-for-ghecom.md | 4 +-- .../enabling-github-connect-for-githubcom.md | 6 ++-- ...g-server-statistics-for-your-enterprise.md | 2 +- ...ified-contributions-for-your-enterprise.md | 2 +- ...ling-unified-search-for-your-enterprise.md | 2 +- ...changing-the-hostname-for-your-instance.md | 8 +++--- ...onfiguring-an-outbound-web-proxy-server.md | 4 +-- .../configuring-built-in-firewall-rules.md | 2 +- .../configuring-dns-nameservers.md | 2 +- ...figuring-the-hostname-for-your-instance.md | 6 ++-- .../network-ports.md | 8 +++--- ...-enterprise-server-with-a-load-balancer.md | 8 +++--- ...ithub-hosted-runners-in-your-enterprise.md | 2 +- ...ted-compute-products-in-your-enterprise.md | 2 +- ...ithub-hosted-runners-in-your-enterprise.md | 6 ++-- ...actices-for-configuring-api-rate-limits.md | 4 +-- .../configuring-applications.md | 2 +- .../configuring-email-for-notifications.md | 2 +- ...guring-github-pages-for-your-enterprise.md | 4 +-- .../configuring-rate-limits.md | 10 +++---- .../configuring-web-commit-signing.md | 4 +-- ...-approving-a-domain-for-your-enterprise.md | 8 +++--- ...guring-ssh-connections-to-your-instance.md | 2 +- .../configuring-tls.md | 10 +++---- .../enabling-private-mode.md | 4 +-- .../enabling-subdomain-isolation.md | 4 +-- ...ss-to-githubcom-using-a-corporate-proxy.md | 4 +-- ...o-your-enterprise-with-an-ip-allow-list.md | 2 +- .../troubleshooting-tls-errors.md | 2 +- content/admin/configuring-settings/index.md | 2 +- ...ub-enterprise-cloud-with-data-residency.md | 8 +++--- ...ub-enterprise-cloud-with-data-residency.md | 4 +-- ...a-residency-for-github-enterprise-cloud.md | 8 +++--- ...curity-and-analysis-for-your-enterprise.md | 2 +- ...s-for-github-actions-in-your-enterprise.md | 2 +- ...s-for-github-copilot-in-your-enterprise.md | 4 +-- ...-for-github-sponsors-in-your-enterprise.md | 2 +- ...or-security-settings-in-your-enterprise.md | 8 +++--- ...-management-policies-in-your-enterprise.md | 4 +-- ...email-notifications-for-your-enterprise.md | 4 +-- .../creating-a-pre-receive-hook-script.md | 4 +-- ...talling-github-enterprise-server-on-aws.md | 6 ++-- ...lling-github-enterprise-server-on-azure.md | 4 +-- ...erprise-server-on-google-cloud-platform.md | 4 +-- ...ing-github-enterprise-server-on-hyper-v.md | 2 +- ...thub-enterprise-server-on-openstack-kvm.md | 2 +- ...ling-github-enterprise-server-on-vmware.md | 2 +- .../setting-up-a-staging-instance.md | 16 +++++------ 51 files changed, 127 insertions(+), 127 deletions(-) diff --git a/content/admin/configuring-settings/configuring-github-connect/about-github-connect.md b/content/admin/configuring-settings/configuring-github-connect/about-github-connect.md index b566f4f30240..e4707ea8cc2c 100644 --- a/content/admin/configuring-settings/configuring-github-connect/about-github-connect.md +++ b/content/admin/configuring-settings/configuring-github-connect/about-github-connect.md @@ -36,9 +36,9 @@ After you configure the connection between {% data variables.location.product_lo | Feature | Description | More information | | ----------- | ----------- | ----------- | {% data reusables.github-connect.license-sync %} -| {% data variables.product.prodname_dependabot %} | Allow users to find and fix vulnerabilities in code dependencies. | [AUTOTITLE](/admin/configuration/configuring-github-connect/enabling-dependabot-for-your-enterprise) | -| {% data variables.product.prodname_dotcom_the_website %} actions | Allow users to use actions from {% data variables.product.prodname_dotcom_the_website %} in public workflow files. | [AUTOTITLE](/admin/github-actions/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect) | -| {% data variables.product.prodname_server_statistics %} | Analyze your own aggregate data from GitHub Enterprise Server, and help us improve GitHub products. | [AUTOTITLE](/admin/configuration/configuring-github-connect/enabling-server-statistics-for-your-enterprise) | +| {% data variables.product.prodname_dependabot %} | Allow users to find and fix vulnerabilities in code dependencies. | [AUTOTITLE](/admin/configuring-settings/configuring-github-connect/enabling-dependabot-for-your-enterprise) | +| {% data variables.product.prodname_dotcom_the_website %} actions | Allow users to use actions from {% data variables.product.prodname_dotcom_the_website %} in public workflow files. | [AUTOTITLE](/admin/managing-github-actions-for-your-enterprise/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect) | +| {% data variables.product.prodname_server_statistics %} | Analyze your own aggregate data from GitHub Enterprise Server, and help us improve GitHub products. | [AUTOTITLE](/admin/configuring-settings/configuring-github-connect/enabling-server-statistics-for-your-enterprise) | {% data reusables.github-connect.unified-search %} {% data reusables.github-connect.unified-contributions %} diff --git a/content/admin/configuring-settings/configuring-github-connect/enabling-automatic-user-license-sync-for-your-enterprise.md b/content/admin/configuring-settings/configuring-github-connect/enabling-automatic-user-license-sync-for-your-enterprise.md index e7d2fe0b29e7..1bf020a5930e 100644 --- a/content/admin/configuring-settings/configuring-github-connect/enabling-automatic-user-license-sync-for-your-enterprise.md +++ b/content/admin/configuring-settings/configuring-github-connect/enabling-automatic-user-license-sync-for-your-enterprise.md @@ -20,15 +20,15 @@ category: {% data reusables.enterprise-licensing.unique-user-licensing-model %} -{% data reusables.enterprise-licensing.about-license-sync %} For more information, see [AUTOTITLE](/admin/configuration/configuring-github-connect/about-github-connect#data-transmission). +{% data reusables.enterprise-licensing.about-license-sync %} For more information, see [AUTOTITLE](/admin/configuring-settings/configuring-github-connect/about-github-connect#data-transmission). -If you enable automatic user license sync for your enterprise, every week, {% data variables.product.prodname_github_connect %} will automatically synchronize license usage between {% data variables.product.prodname_ghe_server %} and your enterprise on {% data variables.product.prodname_dotcom_the_website %} or {% data variables.enterprise.data_residency_site %}. You can also synchronize your license data at any time outside of the automatic weekly sync, by manually triggering a license sync job. For more information, see [AUTOTITLE](/billing/managing-your-license-for-github-enterprise/syncing-license-usage-between-github-enterprise-server-and-github-enterprise-cloud#triggering-a-license-sync-job). +If you enable automatic user license sync for your enterprise, every week, {% data variables.product.prodname_github_connect %} will automatically synchronize license usage between {% data variables.product.prodname_ghe_server %} and your enterprise on {% data variables.product.prodname_dotcom_the_website %} or {% data variables.enterprise.data_residency_site %}. You can also synchronize your license data at any time outside of the automatic weekly sync, by manually triggering a license sync job. For more information, see [AUTOTITLE](/billing/how-tos/manage-server-licenses/sync-license-usage#triggering-a-license-sync-job). If you use multiple {% data variables.product.prodname_ghe_server %} instances, you can enable automatic license sync between each of your instances and the same enterprise account on {% data variables.product.prodname_ghe_cloud %}. {% data reusables.enterprise-licensing.view-consumed-licenses %} -You can also manually upload {% data variables.product.prodname_ghe_server %} user license information to {% data variables.product.prodname_ghe_cloud %}. For more information, see [AUTOTITLE](/billing/managing-your-license-for-github-enterprise/syncing-license-usage-between-github-enterprise-server-and-github-enterprise-cloud). +You can also manually upload {% data variables.product.prodname_ghe_server %} user license information to {% data variables.product.prodname_ghe_cloud %}. For more information, see [AUTOTITLE](/billing/how-tos/manage-server-licenses/sync-license-usage). {% data reusables.enterprise-licensing.verified-domains-license-sync %} diff --git a/content/admin/configuring-settings/configuring-github-connect/enabling-dependabot-for-your-enterprise.md b/content/admin/configuring-settings/configuring-github-connect/enabling-dependabot-for-your-enterprise.md index ee15a3c6f620..7916d8aaa329 100644 --- a/content/admin/configuring-settings/configuring-github-connect/enabling-dependabot-for-your-enterprise.md +++ b/content/admin/configuring-settings/configuring-github-connect/enabling-dependabot-for-your-enterprise.md @@ -24,7 +24,7 @@ category: {% data variables.product.prodname_dependabot %} helps users find and fix vulnerabilities in their dependencies. You must first set up {% data variables.product.prodname_dependabot %} for your enterprise, and then you can enable {% data variables.product.prodname_dependabot_alerts %} to notify users about vulnerable dependencies and {% data variables.product.prodname_dependabot_updates %} to fix the vulnerabilities and keep dependencies updated to the latest version. -{% data variables.product.prodname_dependabot %} is just one of many features available to harden supply chain security for {% data variables.product.prodname_dotcom %}. For more information about the other features, see [AUTOTITLE](/admin/code-security/managing-supply-chain-security-for-your-enterprise/about-supply-chain-security-for-your-enterprise). +{% data variables.product.prodname_dependabot %} is just one of many features available to harden supply chain security for {% data variables.product.prodname_dotcom %}. For more information about the other features, see [AUTOTITLE](/code-security/concepts/security-at-scale/supply-chain-security). ### About {% data variables.product.prodname_dependabot_alerts %} @@ -34,14 +34,14 @@ With {% data variables.product.prodname_dependabot_alerts %}, {% data variables. After you set up {% data variables.product.prodname_dependabot %} for your enterprise, vulnerability data is synced from the {% data variables.product.prodname_advisory_database %} to your instance once every hour. Only {% data variables.product.company_short %}-reviewed advisories are synchronized. {% data reusables.security-advisory.link-browsing-advisory-db %} -You can also choose to manually sync vulnerability data at any time. For more information, see [AUTOTITLE](/admin/code-security/managing-supply-chain-security-for-your-enterprise/viewing-the-vulnerability-data-for-your-enterprise). +You can also choose to manually sync vulnerability data at any time. For more information, see [AUTOTITLE](/code-security/how-tos/secure-at-scale/configure-enterprise-security/configure-specific-tools/view-vulnerability-data). > [!NOTE] > When you enable {% data variables.product.prodname_dependabot_alerts %}, no code or information about code from {% data variables.product.prodname_ghe_server %} is uploaded to {% data variables.product.prodname_dotcom_the_website %} or {% data variables.enterprise.data_residency_site %}. When {% data variables.product.prodname_ghe_server %} receives information about a vulnerability, it identifies repositories that use the affected version of the dependency and generates {% data variables.product.prodname_dependabot_alerts %}. You can choose whether or not to notify users automatically about new {% data variables.product.prodname_dependabot_alerts %}. -For repositories with {% data variables.product.prodname_dependabot_alerts %} enabled, scanning is triggered on any push to the default branch that contains a manifest file or lock file. Additionally, when a new vulnerability record is added, {% data variables.product.prodname_ghe_server %} scans all existing repositories and generates alerts for any repository that is vulnerable. For more information, see [AUTOTITLE](/code-security/dependabot/dependabot-alerts/about-dependabot-alerts). +For repositories with {% data variables.product.prodname_dependabot_alerts %} enabled, scanning is triggered on any push to the default branch that contains a manifest file or lock file. Additionally, when a new vulnerability record is added, {% data variables.product.prodname_ghe_server %} scans all existing repositories and generates alerts for any repository that is vulnerable. For more information, see [AUTOTITLE](/code-security/concepts/supply-chain-security/dependabot-alerts). {% ifversion dependabot-malware-alerts %} @@ -65,18 +65,18 @@ After you enable {% data variables.product.prodname_dependabot_alerts %}, you ca By default, {% data variables.product.prodname_actions %} runners used by {% data variables.product.prodname_dependabot %} need access to the internet, to download updated packages from upstream package managers. For {% data variables.product.prodname_dependabot_updates %} powered by {% data variables.product.prodname_github_connect %}, internet access provides your runners with a token that allows access to dependencies and advisories hosted on {% data variables.product.prodname_dotcom_the_website %}. -You can enable {% data variables.product.prodname_dependabot_updates %} for specific private registries on {% data variables.product.prodname_ghe_server %} instances with limited, or no, internet access. For more information, see [AUTOTITLE](/admin/code-security/managing-supply-chain-security-for-your-enterprise/configuring-dependabot-to-work-with-limited-internet-access). +You can enable {% data variables.product.prodname_dependabot_updates %} for specific private registries on {% data variables.product.prodname_ghe_server %} instances with limited, or no, internet access. For more information, see [AUTOTITLE](/code-security/how-tos/secure-at-scale/configure-enterprise-security/configure-specific-tools/configure-limited-internet-access). With {% data variables.product.prodname_dependabot_updates %}, {% data variables.product.company_short %} automatically creates pull requests to update dependencies in two ways. -* **{% data variables.product.prodname_dependabot_version_updates %}:** Users add a {% data variables.product.prodname_dependabot %} configuration file to the repository to enable {% data variables.product.prodname_dependabot %} to create pull requests when a new version of a tracked dependency is released. For more information, see [AUTOTITLE](/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates). -* **{% data variables.product.prodname_dependabot_security_updates %}:** Users toggle a repository setting to enable {% data variables.product.prodname_dependabot %} to create pull requests when {% data variables.product.prodname_dotcom %} detects a vulnerability in one of the dependencies of the dependency graph for the repository. For more information, see [AUTOTITLE](/code-security/dependabot/dependabot-alerts/about-dependabot-alerts) and [AUTOTITLE](/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates). +* **{% data variables.product.prodname_dependabot_version_updates %}:** Users add a {% data variables.product.prodname_dependabot %} configuration file to the repository to enable {% data variables.product.prodname_dependabot %} to create pull requests when a new version of a tracked dependency is released. For more information, see [AUTOTITLE](/code-security/concepts/supply-chain-security/dependabot-version-updates). +* **{% data variables.product.prodname_dependabot_security_updates %}:** Users toggle a repository setting to enable {% data variables.product.prodname_dependabot %} to create pull requests when {% data variables.product.prodname_dotcom %} detects a vulnerability in one of the dependencies of the dependency graph for the repository. For more information, see [AUTOTITLE](/code-security/concepts/supply-chain-security/dependabot-alerts) and [AUTOTITLE](/code-security/concepts/supply-chain-security/dependabot-security-updates). ## Enabling {% data variables.product.prodname_dependabot_alerts %} Before you can enable {% data variables.product.prodname_dependabot_alerts %}, you must first set up {% data variables.product.prodname_dependabot %} for your enterprise: -* You must enable {% data variables.product.prodname_github_connect %}. For more information, see [AUTOTITLE](/admin/configuration/configuring-github-connect/managing-github-connect). -* You must enable the dependency graph. For more information, see [AUTOTITLE](/admin/code-security/managing-supply-chain-security-for-your-enterprise/enabling-the-dependency-graph-for-your-enterprise). +* You must enable {% data variables.product.prodname_github_connect %}. For more information, see [AUTOTITLE](/admin/configuring-settings/configuring-github-connect/enabling-github-connect-for-githubcom). +* You must enable the dependency graph. For more information, see [AUTOTITLE](/code-security/how-tos/secure-at-scale/configure-enterprise-security/configure-specific-tools/enable-dependency-graph). {% data reusables.enterprise-accounts.access-enterprise %} {% data reusables.enterprise-accounts.github-connect-tab %} @@ -90,14 +90,14 @@ Before you can enable {% data variables.product.prodname_dependabot_alerts %}, y > [!TIP] > We recommend configuring {% data variables.product.prodname_dependabot_alerts %} without notifications for the first few days to avoid an overload of realtime notifications. After a few days, you can enable notifications to receive {% data variables.product.prodname_dependabot_alerts %} as usual. -You can now enable {% data variables.product.prodname_dependabot_alerts %} for all existing or new private and internal repositories in the enterprise settings page for "{% data variables.product.UI_advanced_security_ent %}." Alternatively, repository administrators and organization owners can enable {% data variables.product.prodname_dependabot_alerts %} for each repository and organization. Public repositories are always enabled by default. For more information, see [AUTOTITLE](/enterprise-server@latest/code-security/dependabot/dependabot-alerts/configuring-dependabot-alerts). +You can now enable {% data variables.product.prodname_dependabot_alerts %} for all existing or new private and internal repositories in the enterprise settings page for "{% data variables.product.UI_advanced_security_ent %}." Alternatively, repository administrators and organization owners can enable {% data variables.product.prodname_dependabot_alerts %} for each repository and organization. Public repositories are always enabled by default. For more information, see [AUTOTITLE](/enterprise-server@latest/code-security/how-tos/secure-your-supply-chain/secure-your-dependencies/configure-dependabot-alerts). ## Enabling {% data variables.product.prodname_dependabot_updates %} Before you can enable {% data variables.product.prodname_dependabot_updates %}: * You must enable {% data variables.product.prodname_dependabot_alerts %} for your enterprise. For more information, see "Enabling {% data variables.product.prodname_dependabot_alerts %}" above. -* You must enable TLS. {% data variables.product.prodname_dependabot_updates %} run on self-hosted runners, which need to have TLS enabled. For more information, see [AUTOTITLE](/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/getting-started-with-self-hosted-runners-for-your-enterprise#prerequisites). -* You must configure {% data variables.product.prodname_ghe_server %} to use {% data variables.product.prodname_actions %} with self-hosted runners. For more information, see [AUTOTITLE](/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/getting-started-with-github-actions-for-github-enterprise-server). +* You must enable TLS. {% data variables.product.prodname_dependabot_updates %} run on self-hosted runners, which need to have TLS enabled. For more information, see [AUTOTITLE](/admin/managing-github-actions-for-your-enterprise/getting-started-with-github-actions-for-your-enterprise/getting-started-with-self-hosted-runners-for-your-enterprise#prerequisites). +* You must configure {% data variables.product.prodname_ghe_server %} to use {% data variables.product.prodname_actions %} with self-hosted runners. For more information, see [AUTOTITLE](/admin/managing-github-actions-for-your-enterprise/getting-started-with-github-actions-for-your-enterprise/getting-started-with-github-actions-for-github-enterprise-server). {% data variables.product.prodname_dependabot_updates %} are not supported on {% data variables.product.prodname_ghe_server %} if your enterprise uses clustering. @@ -111,11 +111,11 @@ Before you can enable {% data variables.product.prodname_dependabot_updates %}: 1. Under "Security", select **{% data variables.product.prodname_dependabot_updates %}**. {% data reusables.enterprise_management_console.save-settings %} 1. Click **Visit your instance**. -1. Configure dedicated self-hosted runners to create the pull requests that will update dependencies. This is required because the workflows use a specific runner label. For more information, see [AUTOTITLE](/admin/github-actions/enabling-github-actions-for-github-enterprise-server/managing-self-hosted-runners-for-dependabot-updates). +1. Configure dedicated self-hosted runners to create the pull requests that will update dependencies. This is required because the workflows use a specific runner label. For more information, see [AUTOTITLE](/admin/managing-github-actions-for-your-enterprise/enabling-github-actions-for-github-enterprise-server/managing-self-hosted-runners-for-dependabot-updates). {% data reusables.enterprise-accounts.access-enterprise %} {% data reusables.enterprise-accounts.github-connect-tab %} 1. Under "{% data variables.product.prodname_dependabot %}", to the right of "Users can easily upgrade to non-vulnerable open source code dependencies", click **Enable**. -When you enable {% data variables.product.prodname_dependabot_alerts %}, you should consider also setting up {% data variables.product.prodname_actions %} for {% data variables.product.prodname_dependabot_security_updates %}. This feature allows developers to fix vulnerabilities in their dependencies. For more information, see [AUTOTITLE](/admin/github-actions/enabling-github-actions-for-github-enterprise-server/managing-self-hosted-runners-for-dependabot-updates). +When you enable {% data variables.product.prodname_dependabot_alerts %}, you should consider also setting up {% data variables.product.prodname_actions %} for {% data variables.product.prodname_dependabot_security_updates %}. This feature allows developers to fix vulnerabilities in their dependencies. For more information, see [AUTOTITLE](/admin/managing-github-actions-for-your-enterprise/enabling-github-actions-for-github-enterprise-server/managing-self-hosted-runners-for-dependabot-updates). -If you need enhanced security, we recommend configuring {% data variables.product.prodname_dependabot %} to use private registries. For more information, see [AUTOTITLE](/code-security/dependabot/working-with-dependabot/configuring-access-to-private-registries-for-dependabot#configuring-private-registries). +If you need enhanced security, we recommend configuring {% data variables.product.prodname_dependabot %} to use private registries. For more information, see [AUTOTITLE](/code-security/how-tos/secure-your-supply-chain/manage-your-dependency-security/configure-access-to-private-registries#configuring-private-registries). diff --git a/content/admin/configuring-settings/configuring-github-connect/enabling-github-connect-for-ghecom.md b/content/admin/configuring-settings/configuring-github-connect/enabling-github-connect-for-ghecom.md index 772fccd02140..b37315a9e6ae 100644 --- a/content/admin/configuring-settings/configuring-github-connect/enabling-github-connect-for-ghecom.md +++ b/content/admin/configuring-settings/configuring-github-connect/enabling-github-connect-for-ghecom.md @@ -12,7 +12,7 @@ category: - Install and configure your instance --- -You can access additional features and workflows on {% data variables.location.product_location %} by enabling {% data variables.product.prodname_github_connect %}. See [AUTOTITLE](/admin/configuration/configuring-github-connect/about-github-connect). +You can access additional features and workflows on {% data variables.location.product_location %} by enabling {% data variables.product.prodname_github_connect %}. See [AUTOTITLE](/admin/configuring-settings/configuring-github-connect/about-github-connect). {% data reusables.github-connect.what-is-available-ghecom %} @@ -30,7 +30,7 @@ You can access additional features and workflows on {% data variables.location.p * `{% data variables.enterprise.data_residency_api %}` * `uploads.{% data variables.enterprise.data_residency_domain %}` - See [AUTOTITLE](/admin/configuration/configuring-network-settings/configuring-an-outbound-web-proxy-server). + See [AUTOTITLE](/admin/configuring-settings/configuring-network-settings/configuring-an-outbound-web-proxy-server). ## Step 1: Enable connection to {% data variables.enterprise.data_residency_site %} diff --git a/content/admin/configuring-settings/configuring-github-connect/enabling-github-connect-for-githubcom.md b/content/admin/configuring-settings/configuring-github-connect/enabling-github-connect-for-githubcom.md index a6d0c0010315..79a505547c56 100644 --- a/content/admin/configuring-settings/configuring-github-connect/enabling-github-connect-for-githubcom.md +++ b/content/admin/configuring-settings/configuring-github-connect/enabling-github-connect-for-githubcom.md @@ -20,7 +20,7 @@ category: - Install and configure your instance --- -You can access additional features and workflows on {% data variables.location.product_location %} by enabling {% data variables.product.prodname_github_connect %}. See [AUTOTITLE](/admin/configuration/configuring-github-connect/about-github-connect). +You can access additional features and workflows on {% data variables.location.product_location %} by enabling {% data variables.product.prodname_github_connect %}. See [AUTOTITLE](/admin/configuring-settings/configuring-github-connect/about-github-connect). ## What happens when {% data variables.product.prodname_github_connect %} is enabled? @@ -30,8 +30,8 @@ You can access additional features and workflows on {% data variables.location.p * You must have an enterprise account on {% data variables.product.prodname_dotcom_the_website %} that uses {% data variables.product.prodname_ghe_cloud %}. * Your enterprise account on {% data variables.product.prodname_dotcom_the_website %} must be invoiced. Enterprise accounts on the free trial of {% data variables.product.prodname_ghe_cloud %} or that pay by credit card cannot be connected to {% data variables.location.product_location %}. -* If your enterprise account on {% data variables.product.prodname_dotcom_the_website %} uses IP allow lists, you must add the IP address or network for {% data variables.location.product_location %} to your IP allow list. See [AUTOTITLE](/enterprise-cloud@latest/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise#managing-allowed-ip-addresses-for-organizations-in-your-enterprise) in the {% data variables.product.prodname_ghe_cloud %} documentation. -* To configure a connection, your proxy configuration must allow connectivity to `github.com`, `api.github.com`, and `uploads.github.com`. For more information, see [AUTOTITLE](/admin/configuration/configuring-network-settings/configuring-an-outbound-web-proxy-server). +* If your enterprise account on {% data variables.product.prodname_dotcom_the_website %} uses IP allow lists, you must add the IP address or network for {% data variables.location.product_location %} to your IP allow list. See [AUTOTITLE](/enterprise-cloud@latest/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise#managing-allowed-ip-addresses-for-organizations-in-your-enterprise) in the {% data variables.product.prodname_ghe_cloud %} documentation. +* To configure a connection, your proxy configuration must allow connectivity to `github.com`, `api.github.com`, and `uploads.github.com`. For more information, see [AUTOTITLE](/admin/configuring-settings/configuring-network-settings/configuring-an-outbound-web-proxy-server). * If you have previously enabled {% data variables.product.prodname_github_connect %} for an enterprise on {% data variables.enterprise.data_residency_site %}, you must change your configuration to allow connections to {% data variables.product.prodname_dotcom_the_website %}. See [AUTOTITLE](/admin/configuring-settings/configuring-github-connect/enabling-github-connect-for-ghecom#reenabling-connections-to-githubcom). ## Enabling {% data variables.product.prodname_github_connect %} diff --git a/content/admin/configuring-settings/configuring-github-connect/enabling-server-statistics-for-your-enterprise.md b/content/admin/configuring-settings/configuring-github-connect/enabling-server-statistics-for-your-enterprise.md index e6193b905c70..ee65be84094b 100644 --- a/content/admin/configuring-settings/configuring-github-connect/enabling-server-statistics-for-your-enterprise.md +++ b/content/admin/configuring-settings/configuring-github-connect/enabling-server-statistics-for-your-enterprise.md @@ -21,7 +21,7 @@ By enabling {% data variables.product.prodname_server_statistics %}, you are als ## Enabling {% data variables.product.prodname_server_statistics %} -Before you can enable {% data variables.product.prodname_server_statistics %}, you must first connect your {% data variables.product.prodname_ghe_server %} instance to {% data variables.product.prodname_dotcom_the_website %} using {% data variables.product.prodname_github_connect %}. For more information, see [AUTOTITLE](/admin/configuration/configuring-github-connect/managing-github-connect). +Before you can enable {% data variables.product.prodname_server_statistics %}, you must first connect your {% data variables.product.prodname_ghe_server %} instance to {% data variables.product.prodname_dotcom_the_website %} using {% data variables.product.prodname_github_connect %}. For more information, see [AUTOTITLE](/admin/configuring-settings/configuring-github-connect/enabling-github-connect-for-githubcom). You can disable {% data variables.product.prodname_server_statistics %} from {% data variables.product.prodname_ghe_server %} at any time. diff --git a/content/admin/configuring-settings/configuring-github-connect/enabling-unified-contributions-for-your-enterprise.md b/content/admin/configuring-settings/configuring-github-connect/enabling-unified-contributions-for-your-enterprise.md index 8a5fb44a96d4..cf701aea8817 100644 --- a/content/admin/configuring-settings/configuring-github-connect/enabling-unified-contributions-for-your-enterprise.md +++ b/content/admin/configuring-settings/configuring-github-connect/enabling-unified-contributions-for-your-enterprise.md @@ -24,7 +24,7 @@ category: As an enterprise owner, you can allow end users to send anonymized contribution counts for their work from {% data variables.location.product_location %} to their contribution graph on {% data variables.product.prodname_dotcom_the_website %} or {% data variables.enterprise.data_residency_site %}. -After you enable {% data variables.enterprise.prodname_unified_contributions %}, before individual users can send contribution counts from {% data variables.location.product_location %} to {% data variables.product.prodname_ghe_cloud %}, each user must also connect their user account on {% data variables.product.prodname_ghe_server %} with an account on {% data variables.product.prodname_ghe_cloud %}. For more information, see [AUTOTITLE](/account-and-profile/setting-up-and-managing-your-github-profile/managing-contribution-settings-on-your-profile/sending-enterprise-contributions-to-your-githubcom-profile). +After you enable {% data variables.enterprise.prodname_unified_contributions %}, before individual users can send contribution counts from {% data variables.location.product_location %} to {% data variables.product.prodname_ghe_cloud %}, each user must also connect their user account on {% data variables.product.prodname_ghe_server %} with an account on {% data variables.product.prodname_ghe_cloud %}. For more information, see [AUTOTITLE](/account-and-profile/how-tos/contribution-settings/sharing-contributions-from-github-enterprise-server). {% data reusables.github-connect.sync-frequency %} diff --git a/content/admin/configuring-settings/configuring-github-connect/enabling-unified-search-for-your-enterprise.md b/content/admin/configuring-settings/configuring-github-connect/enabling-unified-search-for-your-enterprise.md index 947c7b48dc96..8540971b3809 100644 --- a/content/admin/configuring-settings/configuring-github-connect/enabling-unified-search-for-your-enterprise.md +++ b/content/admin/configuring-settings/configuring-github-connect/enabling-unified-search-for-your-enterprise.md @@ -28,7 +28,7 @@ You can choose to allow search results for public repositories on {% data variab Users will never be able to search {% data variables.location.product_location %} from {% data variables.product.prodname_ghe_cloud %}, even if they have access to both environments. -After you enable unified search for {% data variables.location.product_location %}, before individual users can see search results from private repositories on {% data variables.product.prodname_ghe_cloud %} in {% data variables.location.product_location %}, each user must also connect their user account on {% data variables.product.prodname_ghe_server %} with a user account on {% data variables.product.prodname_ghe_cloud %}. For more information, see [AUTOTITLE](/search-github/getting-started-with-searching-on-github/enabling-githubcom-repository-search-from-your-private-enterprise-environment). +After you enable unified search for {% data variables.location.product_location %}, before individual users can see search results from private repositories on {% data variables.product.prodname_ghe_cloud %} in {% data variables.location.product_location %}, each user must also connect their user account on {% data variables.product.prodname_ghe_server %} with a user account on {% data variables.product.prodname_ghe_cloud %}. For more information, see [AUTOTITLE](/search-github/getting-started-with-searching-on-github/enabling-repository-search-across-environments). Searching via the REST and GraphQL APIs does not include {% data variables.product.prodname_ghe_cloud %} search results. Advanced search and searching for wikis in {% data variables.product.prodname_ghe_cloud %} are not supported. diff --git a/content/admin/configuring-settings/configuring-network-settings/changing-the-hostname-for-your-instance.md b/content/admin/configuring-settings/configuring-network-settings/changing-the-hostname-for-your-instance.md index b96f4a36860c..59e736e43352 100644 --- a/content/admin/configuring-settings/configuring-network-settings/changing-the-hostname-for-your-instance.md +++ b/content/admin/configuring-settings/configuring-network-settings/changing-the-hostname-for-your-instance.md @@ -27,16 +27,16 @@ In this article, the term "source instance" refers to the instance with the old 1. Configure a destination instance of {% data variables.product.prodname_ghe_server %} with the new hostname you'd like to use. For more information, see the following documentation. - * [AUTOTITLE](/admin/installation/setting-up-a-github-enterprise-server-instance) - * [AUTOTITLE](/admin/configuration/configuring-network-settings/configuring-the-hostname-for-your-instance) + * [AUTOTITLE](/admin/installing-your-enterprise-server/setting-up-a-github-enterprise-server-instance) + * [AUTOTITLE](/admin/configuring-settings/configuring-network-settings/configuring-the-hostname-for-your-instance) 1. Inform the instance's users of the scheduled downtime. Optionally, you can create a mandatory message that will appear for all users who sign in. For more information, see [Customizing user messages for your enterprise](/admin/managing-accounts-and-repositories/communicating-information-to-users-in-your-enterprise/customizing-user-messages-for-your-enterprise#creating-a-mandatory-message). 1. On the source instance, enable maintenance mode to prevent deltas from occurring. For more information, see [AUTOTITLE](/admin/administering-your-instance/configuring-maintenance-mode/enabling-and-scheduling-maintenance-mode#enabling-maintenance-mode-immediately-or-scheduling-a-maintenance-window-for-a-later-time). 1. Back up the source instance's data and settings using {% data variables.product.prodname_enterprise_backup_service %}. For more information, see [AUTOTITLE](/admin/backing-up-and-restoring-your-instance/about-the-backup-service-for-github-enterprise-server). (This step may take up to several hours to complete.) 1. Copy the backup snapshot to the destination instance. This can be achieved by locating the snapshot on the backup disk (typically mounted at `/data/backup/data`) and copying it to the same directory on the destination appliance via `scp` or `rsync`. -1. If your source instance has {% data variables.product.prodname_actions %} enabled, you must configure the external storage provider for {% data variables.product.prodname_actions %} on the destination instance. See [AUTOTITLE](/admin/github-actions/advanced-configuration-and-troubleshooting/backing-up-and-restoring-github-enterprise-server-with-github-actions-enabled). +1. If your source instance has {% data variables.product.prodname_actions %} enabled, you must configure the external storage provider for {% data variables.product.prodname_actions %} on the destination instance. See [AUTOTITLE](/admin/managing-github-actions-for-your-enterprise/advanced-configuration-and-troubleshooting/backing-up-and-restoring-github-enterprise-server-with-github-actions-enabled). 1. On the destination instance, enable maintenance mode to allow restoration of the backup taken from the source instance. 1. Restore the backup to the destination instance with the desired hostname. Run the `ghe-restore` utility without the `-c` option to prevent overwriting the destination instance's configuration. See [AUTOTITLE](/admin/backing-up-and-restoring-your-instance/restoring-from-a-backup). -1. Finalize configuration of the destination instance. For more information, see [AUTOTITLE](/admin/configuration). +1. Finalize configuration of the destination instance. For more information, see [AUTOTITLE](/admin/configuring-settings). 1. Optionally, while the destination instance is in maintenance mode, validate the instance's configuration and configuration run log (`/data/user/common/ghe-config.log`) and verify that user data is intact. For more information, see [AUTOTITLE](/admin/administering-your-instance/configuring-maintenance-mode/enabling-and-scheduling-maintenance-mode#validating-changes-in-maintenance-mode-using-the-ip-exception-list). 1. To direct traffic to the destination instance, update the DNS `CNAME` record with the source instance's hostname to resolve to the IP address of the destination instance. diff --git a/content/admin/configuring-settings/configuring-network-settings/configuring-an-outbound-web-proxy-server.md b/content/admin/configuring-settings/configuring-network-settings/configuring-an-outbound-web-proxy-server.md index 75f48881b366..a88d705f6c2d 100644 --- a/content/admin/configuring-settings/configuring-network-settings/configuring-an-outbound-web-proxy-server.md +++ b/content/admin/configuring-settings/configuring-network-settings/configuring-an-outbound-web-proxy-server.md @@ -21,9 +21,9 @@ category: When a proxy server is enabled for {% data variables.location.product_location %}, outbound messages sent by {% data variables.product.prodname_ghe_server %} are first sent through the proxy server, unless the destination host is added as an HTTP proxy exclusion. Types of outbound messages include outgoing webhooks, uploading bundles, and fetching legacy avatars. The proxy server's URL is the protocol, domain or IP address, plus the port number, for example `http://127.0.0.1:8123`. > [!NOTE] -> To connect {% data variables.location.product_location %} to {% data variables.product.prodname_dotcom_the_website %}, your proxy configuration must allow connectivity to `github.com` and `api.github.com`. For more information, see [AUTOTITLE](/admin/configuration/configuring-github-connect/managing-github-connect). +> To connect {% data variables.location.product_location %} to {% data variables.product.prodname_dotcom_the_website %}, your proxy configuration must allow connectivity to `github.com` and `api.github.com`. For more information, see [AUTOTITLE](/admin/configuring-settings/configuring-github-connect/enabling-github-connect-for-githubcom). -{% data reusables.actions.proxy-considerations %} For more information about using {% data variables.product.prodname_actions %} with {% data variables.product.prodname_ghe_server %}, see [AUTOTITLE](/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/getting-started-with-github-actions-for-github-enterprise-server). +{% data reusables.actions.proxy-considerations %} For more information about using {% data variables.product.prodname_actions %} with {% data variables.product.prodname_ghe_server %}, see [AUTOTITLE](/admin/managing-github-actions-for-your-enterprise/getting-started-with-github-actions-for-your-enterprise/getting-started-with-github-actions-for-github-enterprise-server). ## Configuring an outbound web proxy server diff --git a/content/admin/configuring-settings/configuring-network-settings/configuring-built-in-firewall-rules.md b/content/admin/configuring-settings/configuring-network-settings/configuring-built-in-firewall-rules.md index 375d07ba88c1..0a5c9215bb44 100644 --- a/content/admin/configuring-settings/configuring-network-settings/configuring-built-in-firewall-rules.md +++ b/content/admin/configuring-settings/configuring-network-settings/configuring-built-in-firewall-rules.md @@ -18,7 +18,7 @@ category: {% data variables.product.prodname_ghe_server %} uses Ubuntu's Uncomplicated Firewall (UFW) on the virtual appliance. For more information see [Firewall](https://documentation.ubuntu.com/server/how-to/security/firewalls/#ufw-uncomplicated-firewall) in the Ubuntu documentation. {% data variables.product.prodname_ghe_server %} automatically updates the firewall allowlist of allowed services with each release. -After you install {% data variables.product.prodname_ghe_server %}, all required network ports are automatically opened to accept connections. Every non-required port is automatically configured as `deny`, and the default outgoing policy is configured as `allow`. Stateful tracking is enabled for any new connections; these are typically network packets with the `SYN` bit set. For more information, see [AUTOTITLE](/admin/configuration/configuring-network-settings/network-ports). +After you install {% data variables.product.prodname_ghe_server %}, all required network ports are automatically opened to accept connections. Every non-required port is automatically configured as `deny`, and the default outgoing policy is configured as `allow`. Stateful tracking is enabled for any new connections; these are typically network packets with the `SYN` bit set. For more information, see [AUTOTITLE](/admin/configuring-settings/configuring-network-settings/network-ports). The UFW firewall also opens several other ports that are required for {% data variables.product.prodname_ghe_server %} to operate properly. For more information on the UFW rule set, see [the UFW README](https://github.com/jbq/ufw/blob/master/README#L213). diff --git a/content/admin/configuring-settings/configuring-network-settings/configuring-dns-nameservers.md b/content/admin/configuring-settings/configuring-network-settings/configuring-dns-nameservers.md index dcbb08b32cd7..63406a903dd9 100644 --- a/content/admin/configuring-settings/configuring-network-settings/configuring-dns-nameservers.md +++ b/content/admin/configuring-settings/configuring-network-settings/configuring-dns-nameservers.md @@ -28,7 +28,7 @@ The nameservers you specify must resolve {% data variables.location.product_loca {% data reusables.enterprise_installation.ssh-into-instance %} -1. To edit your nameservers, use the `ghe-setup-network` command in visual mode. For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/command-line-utilities#ghe-setup-network). +1. To edit your nameservers, use the `ghe-setup-network` command in visual mode. For more information, see [AUTOTITLE](/admin/administering-your-instance/administering-your-instance-from-the-command-line/command-line-utilities#ghe-setup-network). ```shell ghe-setup-network -v diff --git a/content/admin/configuring-settings/configuring-network-settings/configuring-the-hostname-for-your-instance.md b/content/admin/configuring-settings/configuring-network-settings/configuring-the-hostname-for-your-instance.md index 8930644242d7..1563f9072905 100644 --- a/content/admin/configuring-settings/configuring-network-settings/configuring-the-hostname-for-your-instance.md +++ b/content/admin/configuring-settings/configuring-network-settings/configuring-the-hostname-for-your-instance.md @@ -24,7 +24,7 @@ The hostname setting in the {% data variables.enterprise.management_console %} s Hostnames must be less than 63 characters in length per [Section 2.3.4 of the Domain Names Specification RFC](https://datatracker.ietf.org/doc/html/rfc1035#section-2.3.4). -After you configure a hostname, you can enable subdomain isolation to further increase the security of {% data variables.location.product_location %}. For more information, see [AUTOTITLE](/admin/configuration/configuring-network-settings/enabling-subdomain-isolation). +After you configure a hostname, you can enable subdomain isolation to further increase the security of {% data variables.location.product_location %}. For more information, see [AUTOTITLE](/admin/configuring-settings/hardening-security-for-your-enterprise/enabling-subdomain-isolation). {% data variables.product.company_short %} strongly recommends that you do not change the hostname for an existing {% data variables.product.prodname_ghe_server %} instance. Changing the hostname will cause unexpected behavior, up to and including instance outages. Instead, configure a new instance with the desired hostname, and then restore settings and data from the original instance to the new instance. @@ -40,10 +40,10 @@ For more information on the supported hostname types, see [Section 2.1 of the HT {% data reusables.enterprise_management_console.test-domain-settings-failure %} {% data reusables.enterprise_management_console.save-settings %} -To help mitigate various cross-site scripting vulnerabilities, we recommend that you enable subdomain isolation for {% data variables.location.product_location %} after you configure a hostname. For more information, see [AUTOTITLE](/admin/configuration/configuring-network-settings/enabling-subdomain-isolation). +To help mitigate various cross-site scripting vulnerabilities, we recommend that you enable subdomain isolation for {% data variables.location.product_location %} after you configure a hostname. For more information, see [AUTOTITLE](/admin/configuring-settings/hardening-security-for-your-enterprise/enabling-subdomain-isolation). ## Changing the hostname -If you need to change the hostname for {% data variables.location.product_location %}, you must restore a backup of your existing instance to a new instance with the desired hostname. For more information, see [AUTOTITLE](/admin/configuration/configuring-network-settings/changing-the-hostname-for-your-instance). +If you need to change the hostname for {% data variables.location.product_location %}, you must restore a backup of your existing instance to a new instance with the desired hostname. For more information, see [AUTOTITLE](/admin/configuring-settings/configuring-network-settings/changing-the-hostname-for-your-instance). {% data reusables.enterprise_installation.changing-hostname-not-supported %} diff --git a/content/admin/configuring-settings/configuring-network-settings/network-ports.md b/content/admin/configuring-settings/configuring-network-settings/network-ports.md index c1cf419ff27f..893e178fd2c9 100644 --- a/content/admin/configuring-settings/configuring-network-settings/network-ports.md +++ b/content/admin/configuring-settings/configuring-network-settings/network-ports.md @@ -53,19 +53,19 @@ Email ports must be accessible directly or via relay for inbound email support f ## {% data variables.product.prodname_actions %} ports -{% data variables.product.prodname_actions %} ports must be accessible for self-hosted runners to connect to {% data variables.location.product_location %}. For more information, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/communicating-with-self-hosted-runners). +{% data variables.product.prodname_actions %} ports must be accessible for self-hosted runners to connect to {% data variables.location.product_location %}. For more information, see [AUTOTITLE](/actions/reference/runners/self-hosted-runners). | Port | Service | Description | |---|---|---| | 443 | HTTPS | Self-hosted runners connect to {% data variables.location.product_location %} to receive job assignments and to download new versions of the runner application. Required if TLS is configured. | 80 | HTTP | Self-hosted runners connect to {% data variables.location.product_location %} to receive job assignments and to download new versions of the runner application. Required if TLS is not configured. -If you enable automatic access to {% data variables.product.prodname_dotcom_the_website %} actions, {% data variables.product.prodname_actions %} will always search for an action on {% data variables.location.product_location %} first, via these ports, before checking {% data variables.product.prodname_dotcom_the_website %}. For more information, see [AUTOTITLE](/admin/github-actions/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect#about-resolution-for-actions-using-github-connect). +If you enable automatic access to {% data variables.product.prodname_dotcom_the_website %} actions, {% data variables.product.prodname_actions %} will always search for an action on {% data variables.location.product_location %} first, via these ports, before checking {% data variables.product.prodname_dotcom_the_website %}. For more information, see [AUTOTITLE](/admin/managing-github-actions-for-your-enterprise/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect#about-resolution-for-actions-using-github-connect). ## {% data variables.product.prodname_github_connect %} ports -If you enable {% data variables.product.prodname_github_connect %}, the connection between {% data variables.product.prodname_ghe_server %} and {% data variables.product.prodname_dotcom_the_website %} uses HTTPS over ports 443 or 80, and TLS is required. For more information, see [AUTOTITLE](/admin/configuration/configuring-github-connect/about-github-connect). +If you enable {% data variables.product.prodname_github_connect %}, the connection between {% data variables.product.prodname_ghe_server %} and {% data variables.product.prodname_dotcom_the_website %} uses HTTPS over ports 443 or 80, and TLS is required. For more information, see [AUTOTITLE](/admin/configuring-settings/configuring-github-connect/about-github-connect). ## Further reading -* [AUTOTITLE](/admin/configuration/configuring-network-settings/configuring-tls) +* [AUTOTITLE](/admin/configuring-settings/hardening-security-for-your-enterprise/configuring-tls) diff --git a/content/admin/configuring-settings/configuring-network-settings/using-github-enterprise-server-with-a-load-balancer.md b/content/admin/configuring-settings/configuring-network-settings/using-github-enterprise-server-with-a-load-balancer.md index 45484e7e7010..5a73399c2c97 100644 --- a/content/admin/configuring-settings/configuring-network-settings/using-github-enterprise-server-with-a-load-balancer.md +++ b/content/admin/configuring-settings/configuring-network-settings/using-github-enterprise-server-with-a-load-balancer.md @@ -50,7 +50,7 @@ We strongly recommend enabling PROXY protocol support for both your instance and {% data reusables.enterprise_clustering.x-forwarded-for %} > [!WARNING] -> If you configure `X-Forwarded-For` support on {% data variables.location.product_location %} and load balancer, you may not be able to connect to the {% data variables.enterprise.management_console %}. For more information, see [AUTOTITLE](/admin/configuration/configuring-network-settings/using-github-enterprise-server-with-a-load-balancer#error-your-session-has-expired-for-connections-to-the-management-console). +> If you configure `X-Forwarded-For` support on {% data variables.location.product_location %} and load balancer, you may not be able to connect to the {% data variables.enterprise.management_console %}. For more information, see [AUTOTITLE](/admin/configuring-settings/configuring-network-settings/using-github-enterprise-server-with-a-load-balancer#error-your-session-has-expired-for-connections-to-the-management-console). {% data reusables.enterprise_site_admin_settings.access-settings %} {% data reusables.enterprise_site_admin_settings.management-console %} @@ -62,7 +62,7 @@ We strongly recommend enabling PROXY protocol support for both your instance and ## Configuring health checks -Health checks allow a load balancer to stop sending traffic to a node that is not responding if a pre-configured check fails on that node. If the instance is offline due to maintenance or unexpected failure, the load balancer can display a status page. In a High Availability (HA) configuration, a load balancer can be used as part of a failover strategy. However, automatic failover of HA pairs is not supported. You must manually promote the replica instance before it will begin serving requests. For more information, see [AUTOTITLE](/admin/enterprise-management/configuring-high-availability). +Health checks allow a load balancer to stop sending traffic to a node that is not responding if a pre-configured check fails on that node. If the instance is offline due to maintenance or unexpected failure, the load balancer can display a status page. In a High Availability (HA) configuration, a load balancer can be used as part of a failover strategy. However, automatic failover of HA pairs is not supported. You must manually promote the replica instance before it will begin serving requests. For more information, see [AUTOTITLE](/admin/monitoring-and-managing-your-instance/configuring-high-availability). {% data reusables.enterprise_clustering.health_checks %} {% data reusables.enterprise_site_admin_settings.maintenance-mode-status %} @@ -72,11 +72,11 @@ Health checks allow a load balancer to stop sending traffic to a node that is no If you cannot connect to services on {% data variables.location.product_location %} through a load balancer, you can review the following information to troubleshoot the problem. > [!NOTE] -> Always test changes to your network infrastructure and instance configuration in a staging environment. For more information, see [AUTOTITLE](/admin/installation/setting-up-a-github-enterprise-server-instance/setting-up-a-staging-instance). +> Always test changes to your network infrastructure and instance configuration in a staging environment. For more information, see [AUTOTITLE](/admin/installing-your-enterprise-server/setting-up-a-github-enterprise-server-instance/setting-up-a-staging-instance). ### Error: "Your session has expired" for connections to the {% data variables.enterprise.management_console %} -If you enable support for the `X-Forwarded-For` header on your instance and load balancer, you may not be able to access your instance's {% data variables.enterprise.management_console %}. For more information about the {% data variables.enterprise.management_console %} and ports required for connections, see [AUTOTITLE](/admin/configuration/administering-your-instance-from-the-management-console) and [AUTOTITLE](/admin/configuration/configuring-network-settings/network-ports). +If you enable support for the `X-Forwarded-For` header on your instance and load balancer, you may not be able to access your instance's {% data variables.enterprise.management_console %}. For more information about the {% data variables.enterprise.management_console %} and ports required for connections, see [AUTOTITLE](/admin/administering-your-instance/administering-your-instance-from-the-web-ui) and [AUTOTITLE](/admin/configuring-settings/configuring-network-settings/network-ports). If {% data variables.location.product_location %} indicates that your session has expired when you connect to the {% data variables.enterprise.management_console %} through a load balancer, try one of the following configurations on your load balancer. diff --git a/content/admin/configuring-settings/configuring-private-networking-for-hosted-compute-products/about-azure-private-networking-for-github-hosted-runners-in-your-enterprise.md b/content/admin/configuring-settings/configuring-private-networking-for-hosted-compute-products/about-azure-private-networking-for-github-hosted-runners-in-your-enterprise.md index de88ee2234ae..ed915c47ed95 100644 --- a/content/admin/configuring-settings/configuring-private-networking-for-hosted-compute-products/about-azure-private-networking-for-github-hosted-runners-in-your-enterprise.md +++ b/content/admin/configuring-settings/configuring-private-networking-for-hosted-compute-products/about-azure-private-networking-for-github-hosted-runners-in-your-enterprise.md @@ -50,7 +50,7 @@ For more information about configuring a failover network, see [AUTOTITLE](/admi You can give organization owners in your enterprise the ability to set up and maintain organization-level network configurations for {% data variables.product.company_short %}-hosted runners. -For more information, see [AUTOTITLE](/admin/configuration/configuring-private-networking-for-hosted-compute-products/configuring-private-networking-for-github-hosted-runners-in-your-enterprise#enabling-creation-of-network-configurations-for-organizations). +For more information, see [AUTOTITLE](/admin/configuring-settings/configuring-private-networking-for-hosted-compute-products/configuring-private-networking-for-github-hosted-runners-in-your-enterprise#enabling-creation-of-network-configurations-for-organizations). ## Using {% data variables.product.company_short %}-hosted runners with an Azure VNET diff --git a/content/admin/configuring-settings/configuring-private-networking-for-hosted-compute-products/about-networking-for-hosted-compute-products-in-your-enterprise.md b/content/admin/configuring-settings/configuring-private-networking-for-hosted-compute-products/about-networking-for-hosted-compute-products-in-your-enterprise.md index 6d7f018ee162..063b09e93038 100644 --- a/content/admin/configuring-settings/configuring-private-networking-for-hosted-compute-products/about-networking-for-hosted-compute-products-in-your-enterprise.md +++ b/content/admin/configuring-settings/configuring-private-networking-for-hosted-compute-products/about-networking-for-hosted-compute-products-in-your-enterprise.md @@ -21,6 +21,6 @@ category: {% data reusables.actions.azure-vnet-network-configuration-intro %} -For more information about using {% data variables.product.company_short %}-hosted runners with an Azure VNET, see [AUTOTITLE](/admin/configuration/configuring-private-networking-for-hosted-compute-products/about-azure-private-networking-for-github-hosted-runners-in-your-enterprise). +For more information about using {% data variables.product.company_short %}-hosted runners with an Azure VNET, see [AUTOTITLE](/admin/configuring-settings/configuring-private-networking-for-hosted-compute-products/about-azure-private-networking-for-github-hosted-runners-in-your-enterprise). {% data reusables.actions.azure-vnet-next-steps-links %} diff --git a/content/admin/configuring-settings/configuring-private-networking-for-hosted-compute-products/configuring-private-networking-for-github-hosted-runners-in-your-enterprise.md b/content/admin/configuring-settings/configuring-private-networking-for-hosted-compute-products/configuring-private-networking-for-github-hosted-runners-in-your-enterprise.md index 3c001d0ee813..4144a3c85b8a 100644 --- a/content/admin/configuring-settings/configuring-private-networking-for-hosted-compute-products/configuring-private-networking-for-github-hosted-runners-in-your-enterprise.md +++ b/content/admin/configuring-settings/configuring-private-networking-for-hosted-compute-products/configuring-private-networking-for-github-hosted-runners-in-your-enterprise.md @@ -96,9 +96,9 @@ You can use the following {% data variables.product.prodname_cli %} commands to ### 2. Create a runner group for your enterprise > [!NOTE] -> For the runner group to be accessible by repositories within your organizations, those repositories must have access to that runner group at the organization level. For more information, see [AUTOTITLE](/actions/using-github-hosted-runners/controlling-access-to-larger-runners#changing-which-repositories-can-access-a-runner-group). +> For the runner group to be accessible by repositories within your organizations, those repositories must have access to that runner group at the organization level. For more information, see [AUTOTITLE](/actions/how-tos/manage-runners/larger-runners/control-access#changing-which-repositories-can-access-a-runner-group). -1. Create a new runner group for your enterprise. For more information about how to create a runner group, see [AUTOTITLE](/actions/using-github-hosted-runners/controlling-access-to-larger-runners#creating-a-runner-group-for-an-enterprise). +1. Create a new runner group for your enterprise. For more information about how to create a runner group, see [AUTOTITLE](/actions/how-tos/manage-runners/larger-runners/control-access#creating-a-runner-group-for-an-enterprise). {% data reusables.actions.workflows.runner-groups-enterprise-organization-access %} 1. While configuring your runner group, under "Network configurations," use the dropdown menu to select the network configuration you created for the Azure VNET. 1. To create the group and apply the policy, click **Create group**. @@ -108,7 +108,7 @@ You can use the following {% data variables.product.prodname_cli %} commands to > [!NOTE] > When adding your {% data variables.product.company_short %}-hosted runner to a runner group, select the runner group you created in the previous procedures. -1. Add the {% data variables.product.company_short %}-hosted runner to the runner group. For more information, see [AUTOTITLE](/enterprise-cloud@latest/actions/using-github-hosted-runners/managing-larger-runners#adding-a-larger-runner-to-an-enterprise). +1. Add the {% data variables.product.company_short %}-hosted runner to the runner group. For more information, see [AUTOTITLE](/enterprise-cloud@latest/actions/how-tos/manage-runners/larger-runners/manage-larger-runners#adding-a-larger-runner-to-an-enterprise). ### 4. Optionally, manage network configurations diff --git a/content/admin/configuring-settings/configuring-user-applications-for-your-enterprise/best-practices-for-configuring-api-rate-limits.md b/content/admin/configuring-settings/configuring-user-applications-for-your-enterprise/best-practices-for-configuring-api-rate-limits.md index 4643c075fd55..b47e12499500 100644 --- a/content/admin/configuring-settings/configuring-user-applications-for-your-enterprise/best-practices-for-configuring-api-rate-limits.md +++ b/content/admin/configuring-settings/configuring-user-applications-for-your-enterprise/best-practices-for-configuring-api-rate-limits.md @@ -88,9 +88,9 @@ Review your rate limit data periodically, since usage patterns change as new int ## Additional considerations -* **GraphQL API limits.** The GraphQL API has a separate rate limit (default: 5,000 points per hour) that cannot be bypassed through the exemption list. For more information, see [AUTOTITLE](/graphql/overview/rate-limits-and-node-limits-for-the-graphql-api). +* **GraphQL API limits.** The GraphQL API has a separate rate limit (default: 5,000 points per hour) that cannot be bypassed through the exemption list. For more information, see [AUTOTITLE](/graphql/overview/rate-limits-and-query-limits-for-the-graphql-api). * **Secondary rate limits.** You can also enable secondary rate limits to protect the overall level of service. For more information, see [AUTOTITLE](/admin/configuring-settings/configuring-user-applications-for-your-enterprise/configuring-rate-limits#enabling-secondary-rate-limits). ## Further reading -* [AUTOTITLE](/rest/overview/rate-limits-for-the-rest-api) +* [AUTOTITLE](/rest/using-the-rest-api/rate-limits-for-the-rest-api) diff --git a/content/admin/configuring-settings/configuring-user-applications-for-your-enterprise/configuring-applications.md b/content/admin/configuring-settings/configuring-user-applications-for-your-enterprise/configuring-applications.md index 4a0e7d99223f..3ee7d63a780f 100644 --- a/content/admin/configuring-settings/configuring-user-applications-for-your-enterprise/configuring-applications.md +++ b/content/admin/configuring-settings/configuring-user-applications-for-your-enterprise/configuring-applications.md @@ -25,7 +25,7 @@ You can choose the amount of time that {% data variables.location.product_locati ## Enabling retention policy for checks -You can enable a retention policy for checks, actions, and associated data by setting thresholds for archival and deletion. For more information about configuring actions, see [AUTOTITLE](/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/about-github-actions-for-enterprises). +You can enable a retention policy for checks, actions, and associated data by setting thresholds for archival and deletion. For more information about configuring actions, see [AUTOTITLE](/admin/managing-github-actions-for-your-enterprise/getting-started-with-github-actions-for-your-enterprise/about-github-actions-for-enterprises). {% data reusables.enterprise_site_admin_settings.access-settings %} {% data reusables.enterprise_site_admin_settings.management-console %} diff --git a/content/admin/configuring-settings/configuring-user-applications-for-your-enterprise/configuring-email-for-notifications.md b/content/admin/configuring-settings/configuring-user-applications-for-your-enterprise/configuring-email-for-notifications.md index d36c7be37d96..5690784505b7 100644 --- a/content/admin/configuring-settings/configuring-user-applications-for-your-enterprise/configuring-email-for-notifications.md +++ b/content/admin/configuring-settings/configuring-user-applications-for-your-enterprise/configuring-email-for-notifications.md @@ -66,7 +66,7 @@ If you want to allow email replies to notifications, you must configure your DNS 1. Ensure that port 25 on the instance is accessible to your SMTP server. 1. Create an A record that points to `reply.[hostname]`. Depending on your DNS provider and instance host configuration, you may be able to instead create a single A record that points to `*.[hostname]`. 1. Create an MX record that points to `reply.[hostname]` so that emails to that domain are routed to the instance. -1. Create an MX record that points `noreply.[hostname]` to `[hostname]` so that replies to the `cc` address in notification emails are routed to the instance. For more information, see [AUTOTITLE](/account-and-profile/managing-subscriptions-and-notifications-on-github/setting-up-notifications/configuring-notifications). +1. Create an MX record that points `noreply.[hostname]` to `[hostname]` so that replies to the `cc` address in notification emails are routed to the instance. For more information, see [AUTOTITLE](/subscriptions-and-notifications/get-started/configuring-notifications). ## Troubleshooting email delivery diff --git a/content/admin/configuring-settings/configuring-user-applications-for-your-enterprise/configuring-github-pages-for-your-enterprise.md b/content/admin/configuring-settings/configuring-user-applications-for-your-enterprise/configuring-github-pages-for-your-enterprise.md index c67c53889d8b..151814d2f516 100644 --- a/content/admin/configuring-settings/configuring-user-applications-for-your-enterprise/configuring-github-pages-for-your-enterprise.md +++ b/content/admin/configuring-settings/configuring-user-applications-for-your-enterprise/configuring-github-pages-for-your-enterprise.md @@ -34,7 +34,7 @@ If private mode is enabled on your enterprise, the public cannot access {% data ## Disabling {% data variables.product.prodname_pages %} for your enterprise -If subdomain isolation is disabled for your enterprise, you should also disable {% data variables.product.prodname_pages %} to protect yourself from potential security vulnerabilities. For more information, see [AUTOTITLE](/admin/configuration/configuring-network-settings/enabling-subdomain-isolation). +If subdomain isolation is disabled for your enterprise, you should also disable {% data variables.product.prodname_pages %} to protect yourself from potential security vulnerabilities. For more information, see [AUTOTITLE](/admin/configuring-settings/hardening-security-for-your-enterprise/enabling-subdomain-isolation). {% data reusables.enterprise_site_admin_settings.access-settings %} {% data reusables.enterprise_site_admin_settings.management-console %} @@ -59,4 +59,4 @@ You can add or override response headers for {% data variables.product.prodname_ ## Further reading -* [AUTOTITLE](/admin/configuration/configuring-your-enterprise/enabling-private-mode) +* [AUTOTITLE](/admin/configuring-settings/hardening-security-for-your-enterprise/enabling-private-mode) diff --git a/content/admin/configuring-settings/configuring-user-applications-for-your-enterprise/configuring-rate-limits.md b/content/admin/configuring-settings/configuring-user-applications-for-your-enterprise/configuring-rate-limits.md index 7899ee042ee5..281b786688c7 100644 --- a/content/admin/configuring-settings/configuring-user-applications-for-your-enterprise/configuring-rate-limits.md +++ b/content/admin/configuring-settings/configuring-user-applications-for-your-enterprise/configuring-rate-limits.md @@ -21,13 +21,13 @@ Rate limits help prevent excessive resource use on {% data variables.location.pr Implement rate limits carefully and communicate with your users as you tune them. Start with permissive rate limits and gradually adjust them to suit your environment. -You can also configure rate limits for authentication attempts to the {% data variables.enterprise.management_console %}. For more information, see [AUTOTITLE](/admin/configuration/administering-your-instance-from-the-management-console/managing-access-to-the-management-console#configuring-rate-limits-for-authentication-to-the-management-console). +You can also configure rate limits for authentication attempts to the {% data variables.enterprise.management_console %}. For more information, see [AUTOTITLE](/admin/administering-your-instance/administering-your-instance-from-the-web-ui/managing-access-to-the-management-console#configuring-rate-limits-for-authentication-to-the-management-console). ## Enabling rate limits for the {% data variables.product.prodname_enterprise_api %} -Too many requests to the {% data variables.product.prodname_enterprise_api %} can slow down your instance or make it unavailable. For more information about how API rate limits affect your users, see [AUTOTITLE](/rest/overview/rate-limits-for-the-rest-api). +Too many requests to the {% data variables.product.prodname_enterprise_api %} can slow down your instance or make it unavailable. For more information about how API rate limits affect your users, see [AUTOTITLE](/rest/using-the-rest-api/rate-limits-for-the-rest-api). -You can exempt specific users from API rate limits using the `ghe-config` utility in the administrative shell. For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/command-line-utilities#ghe-config). +You can exempt specific users from API rate limits using the `ghe-config` utility in the administrative shell. For more information, see [AUTOTITLE](/admin/administering-your-instance/administering-your-instance-from-the-command-line/command-line-utilities#ghe-config). > [!NOTE] > The {% data variables.enterprise.management_console %} lists the time period (per minute or per hour) for each rate limit. @@ -64,7 +64,7 @@ If a member of {% data variables.product.company_short %}'s staff has recommende ## Configuring rate limits for {% data variables.product.prodname_actions %} -You can apply a rate limit to {% data variables.product.prodname_actions %} workflow runs. For more information about {% data variables.product.prodname_actions %}, see [AUTOTITLE](/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/about-github-actions-for-enterprises). +You can apply a rate limit to {% data variables.product.prodname_actions %} workflow runs. For more information about {% data variables.product.prodname_actions %}, see [AUTOTITLE](/admin/managing-github-actions-for-your-enterprise/getting-started-with-github-actions-for-your-enterprise/about-github-actions-for-enterprises). ### About rate limits for {% data variables.product.prodname_actions %} @@ -74,7 +74,7 @@ To avoid this, you can configure a rate limit for {% data variables.product.prod > You've exceeded the rate limit for workflow run requests. Please wait before retrying the run. -A good rate limit protects {% data variables.location.product_location %} from unusual spikes in {% data variables.product.prodname_actions %} usage without interfering with day-to-day operations. The right threshold depends on your instance's available resources and typical workload. For more information about hardware requirements for {% data variables.product.prodname_actions %}, see [AUTOTITLE](/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/getting-started-with-github-actions-for-github-enterprise-server#review-hardware-requirements). +A good rate limit protects {% data variables.location.product_location %} from unusual spikes in {% data variables.product.prodname_actions %} usage without interfering with day-to-day operations. The right threshold depends on your instance's available resources and typical workload. For more information about hardware requirements for {% data variables.product.prodname_actions %}, see [AUTOTITLE](/admin/managing-github-actions-for-your-enterprise/getting-started-with-github-actions-for-your-enterprise/getting-started-with-github-actions-for-github-enterprise-server#review-hardware-requirements). By default, the rate limit for {% data variables.product.prodname_actions %} is disabled. {% data variables.product.prodname_ghe_server %} can handle temporary usage spikes without problems, so this rate limit protects against sustained high load. Leave it disabled unless you experience performance problems. In some cases, {% data variables.contact.github_support %} may recommend enabling a rate limit for {% data variables.product.prodname_actions %}. diff --git a/content/admin/configuring-settings/configuring-user-applications-for-your-enterprise/configuring-web-commit-signing.md b/content/admin/configuring-settings/configuring-user-applications-for-your-enterprise/configuring-web-commit-signing.md index 7aed27887878..f65c138b1a64 100644 --- a/content/admin/configuring-settings/configuring-user-applications-for-your-enterprise/configuring-web-commit-signing.md +++ b/content/admin/configuring-settings/configuring-user-applications-for-your-enterprise/configuring-web-commit-signing.md @@ -41,7 +41,7 @@ For information about disabling persistent commit signature verification, see [A ghe-config app.github.web-commit-signing-enabled true ``` -1. Create a new user on {% data variables.location.product_location %} via built-in authentication or external authentication. For more information, see [AUTOTITLE](/admin/identity-and-access-management/managing-iam-for-your-enterprise/about-authentication-for-your-enterprise). +1. Create a new user on {% data variables.location.product_location %} via built-in authentication or external authentication. For more information, see [AUTOTITLE](/admin/concepts/identity-and-access-management/identity-and-access-management-fundamentals). * The user's username must be the same username you used when creating the PGP key in step 1 above, for example, `web-flow`. * The user's email address must be the same address you used when creating the PGP key. {% data reusables.enterprise_site_admin_settings.add-key-to-web-flow-user %} @@ -49,7 +49,7 @@ For information about disabling persistent commit signature verification, see [A 1. Under "No-reply email address", type the same email address you used when creating the PGP key. > [!NOTE] - > The "No-reply email address" field will only be displayed if you've enabled email for {% data variables.location.product_location %}. For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/configuring-email-for-notifications#configuring-smtp-for-your-enterprise). + > The "No-reply email address" field will only be displayed if you've enabled email for {% data variables.location.product_location %}. For more information, see [AUTOTITLE](/admin/configuring-settings/configuring-user-applications-for-your-enterprise/configuring-email-for-notifications#configuring-smtp-for-your-enterprise). {% data reusables.enterprise_management_console.save-settings %} diff --git a/content/admin/configuring-settings/configuring-user-applications-for-your-enterprise/verifying-or-approving-a-domain-for-your-enterprise.md b/content/admin/configuring-settings/configuring-user-applications-for-your-enterprise/verifying-or-approving-a-domain-for-your-enterprise.md index 1ba0c0a09c4e..cad827e05bd6 100644 --- a/content/admin/configuring-settings/configuring-user-applications-for-your-enterprise/verifying-or-approving-a-domain-for-your-enterprise.md +++ b/content/admin/configuring-settings/configuring-user-applications-for-your-enterprise/verifying-or-approving-a-domain-for-your-enterprise.md @@ -29,9 +29,9 @@ You can confirm that the websites and email addresses listed on the profiles of After you verify ownership of your enterprise account's domains, a "Verified" badge will display on the profile of each organization that has the domain listed on its profile. {% data reusables.organizations.verified-domains-details %} -For domains configured at the enterprise level, enterprise owners can verify the identity of organization members by viewing each member's email address within the verified domain. Enterprise owners can also view a list of enterprise members who don't have an email address from a verified domain associated with their user account on {% data variables.product.prodname_dotcom %}. See [AUTOTITLE](/admin/user-management/managing-users-in-your-enterprise/viewing-people-in-your-enterprise#viewing-members-without-an-email-address-from-a-verified-domain). +For domains configured at the enterprise level, enterprise owners can verify the identity of organization members by viewing each member's email address within the verified domain. Enterprise owners can also view a list of enterprise members who don't have an email address from a verified domain associated with their user account on {% data variables.product.prodname_dotcom %}. See [AUTOTITLE](/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/viewing-people-in-your-enterprise#viewing-members-without-an-email-address-from-a-verified-domain). -After you verify domains for your enterprise account, you can restrict email notifications to verified domains for all the organizations owned by your enterprise account. See [AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/restricting-email-notifications-for-your-enterprise). +After you verify domains for your enterprise account, you can restrict email notifications to verified domains for all the organizations owned by your enterprise account. See [AUTOTITLE](/admin/enforcing-policies/enforcing-policies-for-your-enterprise/restricting-email-notifications-for-your-enterprise). Even if you don't restrict email notifications for the enterprise account, if an organization owner has restricted email notifications for the organization, organization members will be able to receive notifications at any domains verified or approved for the enterprise account, in addition to any domains verified or approved for the organization. For more information about restricting notifications for an organization, see [AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/restricting-email-notifications-for-your-organization). @@ -43,9 +43,9 @@ Organization owners can also verify additional domains for their organizations. {% data reusables.enterprise-accounts.approved-domains-about %} -After you approve domains for your enterprise account, you can restrict email notifications for activity within your enterprise account to users with verified email addresses within verified or approved domains. See [AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/restricting-email-notifications-for-your-enterprise). +After you approve domains for your enterprise account, you can restrict email notifications for activity within your enterprise account to users with verified email addresses within verified or approved domains. See [AUTOTITLE](/admin/enforcing-policies/enforcing-policies-for-your-enterprise/restricting-email-notifications-for-your-enterprise). -{% ifversion ghec %}To receive email notifications, the owner of the user account must verify the email address. See [AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-email-preferences/verifying-your-email-address).{% endif %} +{% ifversion ghec %}To receive email notifications, the owner of the user account must verify the email address. See [AUTOTITLE](/account-and-profile/how-tos/email-preferences/verifying-your-email-address).{% endif %} Organization owners can also approve additional domains for their organizations. See [AUTOTITLE](/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization). diff --git a/content/admin/configuring-settings/hardening-security-for-your-enterprise/configuring-ssh-connections-to-your-instance.md b/content/admin/configuring-settings/hardening-security-for-your-enterprise/configuring-ssh-connections-to-your-instance.md index a80eb2fc36bd..b89c9cba69a1 100644 --- a/content/admin/configuring-settings/hardening-security-for-your-enterprise/configuring-ssh-connections-to-your-instance.md +++ b/content/admin/configuring-settings/hardening-security-for-your-enterprise/configuring-ssh-connections-to-your-instance.md @@ -42,7 +42,7 @@ If you use an SSH certificate authority, connections will fail if the certificat For more information, see [{% data variables.product.prodname_blog %}](https://github.blog/2022-06-28-improving-git-protocol-security-on-github-enterprise-server). {% data reusables.enterprise_installation.ssh-into-instance %} -1. Audit your instance's logs for connections that use unsecure algorithms or hash functions using the `ghe-find-insecure-git-operations` utility. For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/command-line-utilities#ghe-find-insecure-git-operations). +1. Audit your instance's logs for connections that use unsecure algorithms or hash functions using the `ghe-find-insecure-git-operations` utility. For more information, see [AUTOTITLE](/admin/administering-your-instance/administering-your-instance-from-the-command-line/command-line-utilities#ghe-find-insecure-git-operations). 1. To configure a cutoff date after which {% data variables.location.product_location %} will deny connections from clients that use an RSA key uploaded after the date if the connection is signed by the SHA-1 hash function, enter the following command. Replace _**RFC-3399-UTC-TIMESTAMP**_ with a valid RFC 3399 UTC timestamp. For example, the default value, August 1, 2022, would be represented as `2022-08-01T00:00:00Z`. For more information, see [RFC 3339](https://datatracker.ietf.org/doc/html/rfc3339) on the IETF website.
diff --git a/content/admin/configuring-settings/hardening-security-for-your-enterprise/configuring-tls.md b/content/admin/configuring-settings/hardening-security-for-your-enterprise/configuring-tls.md
index 5457425828e6..850609a234d8 100644
--- a/content/admin/configuring-settings/hardening-security-for-your-enterprise/configuring-tls.md
+++ b/content/admin/configuring-settings/hardening-security-for-your-enterprise/configuring-tls.md
@@ -27,13 +27,13 @@ To allow users to use FIDO U2F for two-factor authentication or deploy {% data v
 
 ## Prerequisites
 
-To use TLS in production, you must have a certificate in an unencrypted PEM format signed by a trusted certificate authority. To use a certificate signed by an internal certificate authority, you must install the root certificate and any intermediate certificates. For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/troubleshooting-tls-errors#installing-self-signed-or-untrusted-certificate-authority-ca-root-certificates).
+To use TLS in production, you must have a certificate in an unencrypted PEM format signed by a trusted certificate authority. To use a certificate signed by an internal certificate authority, you must install the root certificate and any intermediate certificates. For more information, see [AUTOTITLE](/admin/configuring-settings/hardening-security-for-your-enterprise/troubleshooting-tls-errors#installing-self-signed-or-untrusted-certificate-authority-ca-root-certificates).
 
-Your certificate will also need Subject Alternative Names configured for the subdomains listed in [AUTOTITLE](/admin/configuration/configuring-network-settings/enabling-subdomain-isolation#about-subdomain-isolation) and will need to include the full certificate chain if it has been signed by an intermediate certificate authority. For more information, see [Subject Alternative Name](https://en.wikipedia.org/wiki/SubjectAltName) on Wikipedia.
+Your certificate will also need Subject Alternative Names configured for the subdomains listed in [AUTOTITLE](/admin/configuring-settings/hardening-security-for-your-enterprise/enabling-subdomain-isolation#about-subdomain-isolation) and will need to include the full certificate chain if it has been signed by an intermediate certificate authority. For more information, see [Subject Alternative Name](https://en.wikipedia.org/wiki/SubjectAltName) on Wikipedia.
 
-You can generate a certificate signing request (CSR) for your instance using the `ghe-ssl-generate-csr` command. For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/command-line-utilities#ghe-ssl-generate-csr).
+You can generate a certificate signing request (CSR) for your instance using the `ghe-ssl-generate-csr` command. For more information, see [AUTOTITLE](/admin/administering-your-instance/administering-your-instance-from-the-command-line/command-line-utilities#ghe-ssl-generate-csr).
 
-Your key must be an RSA key and must not have a passphrase. For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/troubleshooting-tls-errors#removing-the-passphrase-from-your-key-file).
+Your key must be an RSA key and must not have a passphrase. For more information, see [AUTOTITLE](/admin/configuring-settings/hardening-security-for-your-enterprise/troubleshooting-tls-errors#removing-the-passphrase-from-your-key-file).
 
 ## Uploading a custom TLS certificate
 
@@ -57,7 +57,7 @@ Let's Encrypt is a public certificate authority that issues free, automated TLS
 
 When you enable automation of TLS certificate management using Let's Encrypt, {% data variables.location.product_location %} will contact the Let's Encrypt servers to obtain a certificate. To renew a certificate, Let's Encrypt servers must validate control of the configured domain name with inbound HTTP requests.
 
-You can also use the `ghe-ssl-acme` command line utility on {% data variables.location.product_location %} to automatically generate a Let's Encrypt certificate. For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/command-line-utilities#ghe-ssl-acme).
+You can also use the `ghe-ssl-acme` command line utility on {% data variables.location.product_location %} to automatically generate a Let's Encrypt certificate. For more information, see [AUTOTITLE](/admin/administering-your-instance/administering-your-instance-from-the-command-line/command-line-utilities#ghe-ssl-acme).
 
 ## Configuring TLS using Let's Encrypt
 
diff --git a/content/admin/configuring-settings/hardening-security-for-your-enterprise/enabling-private-mode.md b/content/admin/configuring-settings/hardening-security-for-your-enterprise/enabling-private-mode.md
index b58709b3cb95..2f29892919b8 100644
--- a/content/admin/configuring-settings/hardening-security-for-your-enterprise/enabling-private-mode.md
+++ b/content/admin/configuring-settings/hardening-security-for-your-enterprise/enabling-private-mode.md
@@ -16,11 +16,11 @@ contentType: how-tos
 category:
   - Secure and govern your enterprise
 ---
-You must enable private mode if {% data variables.location.product_location %} is publicly accessible over the Internet. In private mode, users cannot anonymously clone repositories. If built-in authentication is also enabled, an administrator must invite new users to create an account on the instance. For more information, see [AUTOTITLE](/admin/identity-and-access-management/using-built-in-authentication/configuring-built-in-authentication).
+You must enable private mode if {% data variables.location.product_location %} is publicly accessible over the Internet. In private mode, users cannot anonymously clone repositories. If built-in authentication is also enabled, an administrator must invite new users to create an account on the instance. For more information, see [AUTOTITLE](/admin/managing-iam/using-built-in-authentication/configuring-built-in-authentication).
 
 {% data reusables.enterprise_installation.image-urls-viewable-warning %}
 
-With private mode enabled, you can allow unauthenticated Git operations (and anyone with network access to {% data variables.location.product_location %}) to read a public repository's code on your instance with anonymous Git read access enabled. For more information, see [AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise).
+With private mode enabled, you can allow unauthenticated Git operations (and anyone with network access to {% data variables.location.product_location %}) to read a public repository's code on your instance with anonymous Git read access enabled. For more information, see [AUTOTITLE](/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise).
 
 {% data reusables.enterprise_site_admin_settings.access-settings %}
 {% data reusables.enterprise_site_admin_settings.management-console %}
diff --git a/content/admin/configuring-settings/hardening-security-for-your-enterprise/enabling-subdomain-isolation.md b/content/admin/configuring-settings/hardening-security-for-your-enterprise/enabling-subdomain-isolation.md
index 6f516f8d3e22..ef72cca235da 100644
--- a/content/admin/configuring-settings/hardening-security-for-your-enterprise/enabling-subdomain-isolation.md
+++ b/content/admin/configuring-settings/hardening-security-for-your-enterprise/enabling-subdomain-isolation.md
@@ -47,13 +47,13 @@ When subdomain isolation is enabled, {% data variables.product.prodname_ghe_serv
 
 Before you enable subdomain isolation, you must configure your network settings for your new domain.
 
-* Specify a valid domain name as your hostname, instead of an IP address. For more information, see [AUTOTITLE](/admin/configuration/configuring-network-settings/configuring-a-hostname).
+* Specify a valid domain name as your hostname, instead of an IP address. For more information, see [AUTOTITLE](/admin/configuring-settings/configuring-network-settings/configuring-the-hostname-for-your-instance).
 
 {% data reusables.enterprise_installation.changing-hostname-not-supported %}
 
 * Set up a wildcard Domain Name System (DNS) record or individual DNS records for the subdomains listed above. We recommend creating an A record for `*.HOSTNAME` that points to your server's IP address so you don't have to create multiple records for each subdomain.
 * Get a wildcard Transport Layer Security (TLS) certificate for `*.HOSTNAME` with a Subject Alternative Name (SAN) for both `HOSTNAME` and the wildcard domain `*.HOSTNAME`. For example, if your hostname is `github.octoinc.com`, get a certificate with the Common Name value set to `*.github.octoinc.com` and a SAN value set to both `github.octoinc.com` and `*.github.octoinc.com`.
-* Enable TLS on your appliance. For more information, see [AUTOTITLE](/admin/configuration/configuring-network-settings/configuring-tls).
+* Enable TLS on your appliance. For more information, see [AUTOTITLE](/admin/configuring-settings/hardening-security-for-your-enterprise/configuring-tls).
 
 ## Enabling subdomain isolation
 
diff --git a/content/admin/configuring-settings/hardening-security-for-your-enterprise/restricting-access-to-githubcom-using-a-corporate-proxy.md b/content/admin/configuring-settings/hardening-security-for-your-enterprise/restricting-access-to-githubcom-using-a-corporate-proxy.md
index a573bd30a2d7..a84953510a3a 100644
--- a/content/admin/configuring-settings/hardening-security-for-your-enterprise/restricting-access-to-githubcom-using-a-corporate-proxy.md
+++ b/content/admin/configuring-settings/hardening-security-for-your-enterprise/restricting-access-to-githubcom-using-a-corporate-proxy.md
@@ -98,7 +98,7 @@ Because this restriction only applies to requests that are sent via a proxy that
 | SSH access | Port 22 on {% data variables.product.prodname_dotcom_the_website %} | To restrict access, block the endpoint entirely. |
 | SSH over HTTPS        | `ssh.github.com`          | To restrict access, block the endpoint entirely. |
 | {% data variables.product.github %}-hosted runners | Various | To enforce specific routing, use Azure private networking. See [AUTOTITLE](/admin/configuring-settings/configuring-private-networking-for-hosted-compute-products/about-azure-private-networking-for-github-hosted-runners-in-your-enterprise). |
-| Self-hosted runners | Various | To enforce specific routing, utilize a proxy server. See [AUTOTITLE](/actions/how-tos/manage-runners/self-hosted-runners/use-proxy-servers). |
+| Self-hosted runners | Various | To enforce specific routing, utilize a proxy server. See [AUTOTITLE](/actions/how-tos/manage-runners/use-proxy-servers). |
 
 ### Endpoints that don't require restriction
 
@@ -221,4 +221,4 @@ Generally, `400` errors occur in the following situations.
 
 ## Further reading
 
-* [AUTOTITLE](/copilot/managing-copilot/managing-github-copilot-in-your-organization/managing-access-to-github-copilot-in-your-organization/managing-github-copilot-access-to-your-organizations-network#configuring-copilot-subscription-based-network-routing-for-your-organization)
+* [AUTOTITLE](/copilot/how-tos/administer-copilot/manage-for-organization/manage-access/manage-network-access#configuring-copilot-subscription-based-network-routing-for-your-enterprise-or-organization)
diff --git a/content/admin/configuring-settings/hardening-security-for-your-enterprise/restricting-network-traffic-to-your-enterprise-with-an-ip-allow-list.md b/content/admin/configuring-settings/hardening-security-for-your-enterprise/restricting-network-traffic-to-your-enterprise-with-an-ip-allow-list.md
index e8cc5e89932f..ae0085329a1d 100644
--- a/content/admin/configuring-settings/hardening-security-for-your-enterprise/restricting-network-traffic-to-your-enterprise-with-an-ip-allow-list.md
+++ b/content/admin/configuring-settings/hardening-security-for-your-enterprise/restricting-network-traffic-to-your-enterprise-with-an-ip-allow-list.md
@@ -42,7 +42,7 @@ Using your IdP's allow list deactivates the {% data variables.product.company_sh
 
 By default, your IdP runs the CAP on the initial interactive SAML or OIDC sign-in to {% data variables.product.company_short %} for any IP allow list configuration you choose.
 
-The OIDC CAP applies to web requests and requests to the API using a user token, such as an OAuth token for an {% data variables.product.prodname_oauth_app %} or a user access token for a {% data variables.product.prodname_github_app %} acting on behalf of a user. The OIDC CAP does not apply when a {% data variables.product.prodname_github_app %} uses an installation access token. See [AUTOTITLE](/apps/creating-github-apps/authenticating-with-a-github-app/about-authentication-with-a-github-app) and [AUTOTITLE](/enterprise-cloud@latest/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/about-support-for-your-idps-conditional-access-policy#github-apps-and-oauth-apps).
+The OIDC CAP applies to web requests and requests to the API using a user token, such as an OAuth token for an {% data variables.product.prodname_oauth_app %} or a user access token for a {% data variables.product.prodname_github_app %} acting on behalf of a user. The OIDC CAP does not apply when a {% data variables.product.prodname_github_app %} uses an installation access token. See [AUTOTITLE](/apps/creating-github-apps/authenticating-with-a-github-app/about-authentication-with-a-github-app) and [AUTOTITLE](/enterprise-cloud@latest/admin/managing-iam/configuring-authentication-for-enterprise-managed-users/about-support-for-your-idps-conditional-access-policy#github-apps-and-oauth-apps).
 
 {% data reusables.enterprise-accounts.emu-cap-public-preview %}
 
diff --git a/content/admin/configuring-settings/hardening-security-for-your-enterprise/troubleshooting-tls-errors.md b/content/admin/configuring-settings/hardening-security-for-your-enterprise/troubleshooting-tls-errors.md
index 3b026f2efc8c..459530510fe9 100644
--- a/content/admin/configuring-settings/hardening-security-for-your-enterprise/troubleshooting-tls-errors.md
+++ b/content/admin/configuring-settings/hardening-security-for-your-enterprise/troubleshooting-tls-errors.md
@@ -90,7 +90,7 @@ If your {% data variables.product.prodname_ghe_server %} appliance interacts wit
 
 ## Updating a TLS certificate
 
-You can generate a new self-signed certificate or update an existing TLS certificate for {% data variables.location.product_location %} with the `ghe-ssl-certificate-setup` command line utility. For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/command-line-utilities#ghe-ssl-ca-certificate-setup).
+You can generate a new self-signed certificate or update an existing TLS certificate for {% data variables.location.product_location %} with the `ghe-ssl-certificate-setup` command line utility. For more information, see [AUTOTITLE](/admin/administering-your-instance/administering-your-instance-from-the-command-line/command-line-utilities#ghe-ssl-certificate-setup).
 
 ### Troubleshooting problems with server communications after updating a TLS certificate
 
diff --git a/content/admin/configuring-settings/index.md b/content/admin/configuring-settings/index.md
index d529a163447e..a14e0cc62419 100644
--- a/content/admin/configuring-settings/index.md
+++ b/content/admin/configuring-settings/index.md
@@ -20,6 +20,6 @@ children:
 {% ifversion ghes %}
 
 > [!NOTE]
-> To configure {% data variables.product.prodname_actions %} or {% data variables.product.prodname_registry %} for your enterprise, see [AUTOTITLE](/admin/github-actions) or [AUTOTITLE](/admin/packages).
+> To configure {% data variables.product.prodname_actions %} or {% data variables.product.prodname_registry %} for your enterprise, see [AUTOTITLE](/admin/managing-github-actions-for-your-enterprise) or [AUTOTITLE](/admin/configuring-packages).
 
 {% endif %}
diff --git a/content/admin/data-residency/about-github-enterprise-cloud-with-data-residency.md b/content/admin/data-residency/about-github-enterprise-cloud-with-data-residency.md
index 26eff9447cec..27804e2d3ddb 100644
--- a/content/admin/data-residency/about-github-enterprise-cloud-with-data-residency.md
+++ b/content/admin/data-residency/about-github-enterprise-cloud-with-data-residency.md
@@ -78,7 +78,7 @@ Network details such as IP ranges and SSH key fingerprints differ between {% dat
 
 Administrators and developers with access to your enterprise can take advantage of the full {% data variables.product.prodname_dotcom %} platform, with the exception of some features that are currently unavailable.
 
-Developers may have experience using a personal account on {% data variables.product.prodname_dotcom_the_website %}, or a user account on a {% data variables.product.prodname_ghe_server %} instance. The experience of using a {% data variables.enterprise.prodname_managed_user %} on {% data variables.enterprise.data_residency_site %} differs in some ways. See [AUTOTITLE](/admin/identity-and-access-management/understanding-iam-for-enterprises/abilities-and-restrictions-of-managed-user-accounts).
+Developers may have experience using a personal account on {% data variables.product.prodname_dotcom_the_website %}, or a user account on a {% data variables.product.prodname_ghe_server %} instance. The experience of using a {% data variables.enterprise.prodname_managed_user %} on {% data variables.enterprise.data_residency_site %} differs in some ways. See [AUTOTITLE](/admin/managing-iam/understanding-iam-for-enterprises/abilities-and-restrictions-of-managed-user-accounts).
 
 ### Repository visibility
 
@@ -90,18 +90,18 @@ Public repositories are not available in an {% data variables.enterprise.prodnam
 
 Users can simplify API requests by using the {% data variables.product.prodname_cli %}. However, if they also need to access resources on {% data variables.product.prodname_dotcom_the_website %} or {% data variables.product.prodname_ghe_server %}, they will need to authenticate to multiple accounts and specify a target platform for most requests. See [AUTOTITLE](/github-cli/github-cli/using-multiple-accounts).
 
-Rate limits apply for requests to the REST API. See [AUTOTITLE](/rest/overview/rate-limits-for-the-rest-api).
+Rate limits apply for requests to the REST API. See [AUTOTITLE](/rest/using-the-rest-api/rate-limits-for-the-rest-api).
 
 ### {% data variables.product.prodname_copilot %}
 
 Your developers can access {% data variables.product.prodname_copilot %} if you grant them access to a {% data variables.copilot.copilot_business_short %} or {% data variables.copilot.copilot_enterprise_short %} subscription. {% data variables.enterprise.prodname_managed_users_caps %} cannot sign up for {% data variables.copilot.copilot_individuals_short %}.
 
-* Users must perform some additional setup to authenticate to their account from their development environment. See [AUTOTITLE](/copilot/managing-copilot/configure-personal-settings/using-github-copilot-with-an-account-on-ghecom).
+* Users must perform some additional setup to authenticate to their account from their development environment. See [AUTOTITLE](/copilot/how-tos/configure-personal-settings/authenticate-to-ghecom).
 * Certain {% data variables.product.prodname_copilot %} features are currently unavailable on {% data variables.enterprise.data_residency_site %}. See [AUTOTITLE](/admin/data-residency/feature-overview-for-github-enterprise-cloud-with-data-residency#currently-unavailable-features).
 
 ### Documentation
 
-In general, the content on [{% data variables.product.prodname_docs %}](/enterprise-cloud@latest) reflects the user experience on {% data variables.enterprise.data_residency_site %}. Readers should use the "{% data variables.product.prodname_ghe_cloud %}" version of the site. See [AUTOTITLE](/get-started/using-github-docs/about-versions-of-github-docs#about-versions-of-github-docs).
+In general, the content on [{% data variables.product.prodname_docs %}](/enterprise-cloud@latest/) reflects the user experience on {% data variables.enterprise.data_residency_site %}. Readers should use the "{% data variables.product.prodname_ghe_cloud %}" version of the site. See [AUTOTITLE](/get-started/using-github-docs/about-versions-of-github-docs#about-versions-of-github-docs).
 
 When reading the documentation, readers may need to substitute references to {% data variables.product.prodname_dotcom_the_website %} with your enterprise's dedicated URL on {% data variables.enterprise.data_residency_site %}.
 
diff --git a/content/admin/data-residency/feature-overview-for-github-enterprise-cloud-with-data-residency.md b/content/admin/data-residency/feature-overview-for-github-enterprise-cloud-with-data-residency.md
index 470418d300f2..b06253e2a1a2 100644
--- a/content/admin/data-residency/feature-overview-for-github-enterprise-cloud-with-data-residency.md
+++ b/content/admin/data-residency/feature-overview-for-github-enterprise-cloud-with-data-residency.md
@@ -24,7 +24,7 @@ The following features are currently unavailable on {% data variables.enterprise
 | :- | :- | :- |
 | Dependency insights | Organization-level and enterprise-level dependency insights are unavailable and display no data. | [AUTOTITLE](/organizations/collaborating-with-groups-in-organizations/viewing-insights-for-dependencies-in-your-organization) |
 | License and package metadata in the dependency graph | License and package details are not currently populated in the dependency graph. This can result in empty license fields in software bill of materials (SBOM) exports and missing license information from the {% data variables.dependency-review.action_name %}. | [AUTOTITLE](/code-security/how-tos/secure-your-supply-chain/establish-provenance-and-integrity/export-dependencies-as-sbom)
[AUTOTITLE](/code-security/how-tos/secure-your-supply-chain/manage-your-dependency-security/configure-dependency-review-action) | -| macOS runners for {% data variables.product.prodname_actions %} | Currently unavailable. | [AUTOTITLE](/actions/using-github-hosted-runners/about-github-hosted-runners/about-github-hosted-runners) | +| macOS runners for {% data variables.product.prodname_actions %} | Currently unavailable. | [AUTOTITLE](/actions/concepts/runners/github-hosted-runners) | | Maven and Gradle support for {% data variables.product.prodname_registry %} | Currently unavailable. | [AUTOTITLE](/packages/working-with-a-github-packages-registry/working-with-the-apache-maven-registry) | | {% data variables.product.prodname_marketplace %} | {% data variables.product.prodname_marketplace %}, as a means of searching for, purchasing, and directly installing apps and actions, is unavailable. Ecosystem apps and actions can still be discovered and installed from their source, but they may require modification to work on {% data variables.enterprise.data_residency_site %}. | [{% data variables.product.prodname_actions %} workflows from {% data variables.product.prodname_marketplace %}](#github-actions-workflows-from-github-marketplace) | | Some features currently in {% data variables.release-phases.public_preview %} or {% data variables.release-phases.private_preview %} | Certain features that are in a preview phase on {% data variables.product.prodname_dotcom_the_website %} may not be available on {% data variables.enterprise.data_residency_site %} until GA. | | @@ -89,7 +89,7 @@ The following examples are not exhaustive. {% data reusables.actions.namespace-retirement-ghecom %} -To allow people to use namespaces that match actions you have used from {% data variables.product.prodname_dotcom_the_website %}, you can make a retired namespace available. See [AUTOTITLE](/actions/administering-github-actions/making-retired-namespaces-available-on-ghecom). +To allow people to use namespaces that match actions you have used from {% data variables.product.prodname_dotcom_the_website %}, you can make a retired namespace available. See [AUTOTITLE](/actions/how-tos/administer/reuse-namespaces-on-ghecom). ### {% data variables.product.prodname_github_connect %} diff --git a/content/admin/data-residency/getting-started-with-data-residency-for-github-enterprise-cloud.md b/content/admin/data-residency/getting-started-with-data-residency-for-github-enterprise-cloud.md index f3863bd6df35..cd9f29213930 100644 --- a/content/admin/data-residency/getting-started-with-data-residency-for-github-enterprise-cloud.md +++ b/content/admin/data-residency/getting-started-with-data-residency-for-github-enterprise-cloud.md @@ -31,7 +31,7 @@ After this initial setup, you'll be able to create organizations and repositorie ## Prerequisites -* If you intend to pay with a Microsoft Azure subscription, you must have admin access to the Azure portal or work with someone to configure an admin consent workflow. For a full list of prerequisites, see [AUTOTITLE](/billing/managing-the-plan-for-your-github-account/connecting-an-azure-subscription#prerequisites). +* If you intend to pay with a Microsoft Azure subscription, you must have admin access to the Azure portal or work with someone to configure an admin consent workflow. For a full list of prerequisites, see [AUTOTITLE](/billing/how-tos/set-up-payment/connect-azure-sub#prerequisites). * {% data reusables.data-residency.data-resident-enterprises-network-access %} @@ -52,7 +52,7 @@ To get started with {% data variables.enterprise.data_residency_short %}, you wi * **Subdomain**: This will appear in your enterprise's dedicated domain. For example: `{% data variables.enterprise.data_residency_example_domain %}`. > [!NOTE] > Please select the subdomain carefully. You cannot change it later. - * **Identity Provider**: {% data variables.product.github %} partners with certain identity providers to provide a "paved-path" experience. Check whether your identity provider is a partner and ensure you understand the requirements for other systems. See [AUTOTITLE](/admin/managing-iam/understanding-iam-for-enterprises/about-enterprise-managed-users#identity-management-systems). + * **Identity Provider**: {% data variables.product.github %} partners with certain identity providers to provide a "paved-path" experience. Check whether your identity provider is a partner and ensure you understand the requirements for other systems. See [AUTOTITLE](/admin/concepts/identity-and-access-management/enterprise-managed-users). * **Admin work email**: This is where you will receive the invitation to sign in and configure the enterprise for the first time. 1. Click **Create enterprise**. @@ -106,8 +106,8 @@ You can purchase {% data variables.product.prodname_enterprise %} at any time du To pay for licenses and services, you can use a credit card, PayPal, or a Microsoft Azure subscription. -* To add a credit card or PayPal details, see [AUTOTITLE](/billing/managing-your-billing/managing-your-payment-and-billing-information#viewing-payment-information). -* To link an Azure subscription, see [AUTOTITLE](/billing/managing-the-plan-for-your-github-account/connecting-an-azure-subscription#connecting-your-azure-subscription-to-your-enterprise-account). +* To add a credit card or PayPal details, see [AUTOTITLE](/billing/how-tos/set-up-payment/manage-payment-info). +* To link an Azure subscription, see [AUTOTITLE](/billing/how-tos/set-up-payment/connect-azure-sub#connecting-your-azure-subscription-to-an-organization-or-enterprise-account). ## 5. Migrate data diff --git a/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-code-security-and-analysis-for-your-enterprise.md b/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-code-security-and-analysis-for-your-enterprise.md index 87f650274b2e..19eb29704933 100644 --- a/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-code-security-and-analysis-for-your-enterprise.md +++ b/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-code-security-and-analysis-for-your-enterprise.md @@ -32,7 +32,7 @@ Additionally, you can enforce policies for the use of {% data variables.product. ## Enforcing a policy for the availability of {% data variables.product.prodname_AS %} in your enterprise's organizations -You are billed for {% data variables.product.prodname_GHAS_cs_and_sp %} products on a per-committer basis. See [AUTOTITLE](/billing/managing-billing-for-your-products/managing-billing-for-github-advanced-security/about-billing-for-github-advanced-security#managing-committers-and-costs). +You are billed for {% data variables.product.prodname_GHAS_cs_and_sp %} products on a per-committer basis. See [AUTOTITLE](/billing/concepts/product-billing/github-advanced-security#managing-committers-and-costs). You can enforce a policy that controls whether repository administrators are allowed to enable features for {% data variables.product.prodname_AS %} in an organization's repositories. You can configure a policy for all organizations owned by your enterprise account, or for individual organizations that you choose. diff --git a/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise.md b/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise.md index 296d57a89eb8..78b810107d9f 100644 --- a/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise.md +++ b/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise.md @@ -73,7 +73,7 @@ If you choose this option, actions {% ifversion actions-workflow-policy %}and re * **Allow actions created by {% data variables.product.prodname_dotcom %}:** Allows all actions created by {% data variables.product.prodname_dotcom %}, located in the [`actions`](https://github.com/actions) and [`github`](https://github.com/github) organizations. * **Allow Marketplace actions by verified creators:** Allows all {% data variables.product.prodname_marketplace %} actions created by verified creators, labeled with {% octicon "verified" aria-label="The verified badge" %}.{% ifversion ghes %} - Only available if you have {% data variables.product.prodname_github_connect %} enabled and configured with {% data variables.product.prodname_actions %}. See [AUTOTITLE](/admin/github-actions/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect).{% endif %} + Only available if you have {% data variables.product.prodname_github_connect %} enabled and configured with {% data variables.product.prodname_actions %}. See [AUTOTITLE](/admin/managing-github-actions-for-your-enterprise/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect).{% endif %} * **Allow{% ifversion actions-blocklist-sha-pinning %} or block{% endif %} specified actions{% ifversion actions-workflow-policy %} and reusable workflows{% endif %}:** Allows actions{% ifversion actions-workflow-policy %} and reusable workflows{% endif %} that you specify. You can specify individual actions{% ifversion actions-workflow-policy %} and reusable workflows{% endif %} or entire organizations and repositories. When specifying actions{% ifversion actions-workflow-policy %} and reusable workflows{% endif %}, use the following syntax: diff --git a/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-copilot-in-your-enterprise.md b/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-copilot-in-your-enterprise.md index fc2e5a15ee20..a5e1fc277a6d 100644 --- a/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-copilot-in-your-enterprise.md +++ b/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-copilot-in-your-enterprise.md @@ -15,5 +15,5 @@ category: Enterprise admins can: -* Enforce {% data variables.product.prodname_copilot_short %} policies for organizations in the enterprise. See [AUTOTITLE](/copilot/managing-copilot/managing-copilot-for-your-enterprise/managing-policies-and-features-for-copilot-in-your-enterprise). -* Enable or disable {% data variables.product.prodname_copilot_short %} for organizations in the enterprise. See [AUTOTITLE](/copilot/managing-copilot/managing-copilot-for-your-enterprise/enabling-copilot-for-organizations-in-your-enterprise) and [AUTOTITLE](/copilot/managing-copilot/managing-copilot-for-your-enterprise/disabling-copilot-for-organizations-in-your-enterprise). +* Enforce {% data variables.product.prodname_copilot_short %} policies for organizations in the enterprise. See [AUTOTITLE](/copilot/how-tos/administer-copilot/manage-for-enterprise/manage-enterprise-policies). +* Enable or disable {% data variables.product.prodname_copilot_short %} for organizations in the enterprise. See [AUTOTITLE](/copilot/how-tos/administer-copilot/manage-for-enterprise/manage-access/grant-access) and [AUTOTITLE](/copilot/how-tos/administer-copilot/manage-for-enterprise/manage-access/disable-for-organizations). diff --git a/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-sponsors-in-your-enterprise.md b/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-sponsors-in-your-enterprise.md index 09333e9c7ff6..7b964263ee5a 100644 --- a/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-sponsors-in-your-enterprise.md +++ b/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-sponsors-in-your-enterprise.md @@ -14,7 +14,7 @@ category: ## About enterprise policies for {% data variables.product.prodname_sponsors %} -{% data variables.product.prodname_sponsors %} allows your organizations to financially support developers who build the open source projects you depend on. For more information, see [AUTOTITLE](/sponsors/getting-started-with-github-sponsors/about-github-sponsors) and [AUTOTITLE](/sponsors/sponsoring-open-source-contributors/sponsoring-an-open-source-contributor). +{% data variables.product.prodname_sponsors %} allows your organizations to financially support developers who build the open source projects you depend on. For more information, see [AUTOTITLE](/sponsors/getting-started-with-github-sponsors/about-github-sponsors) and [AUTOTITLE](/sponsors/sponsoring-open-source-contributors/sponsoring-an-open-source-contributor-through-github). By default, organizations that belong to an enterprise that pays by credit card cannot sponsor open source contributors. You can set a policy to enable {% data variables.product.prodname_sponsors %} for individual organizations in your enterprise. diff --git a/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise.md b/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise.md index a6a4f07223a5..b2ac8c9646af 100644 --- a/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise.md +++ b/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise.md @@ -136,7 +136,7 @@ After upgrading the CA, non-expiring certificates signed by that CA will be reje {% data reusables.enterprise-managed.sso-redirect-release-phase %} -If your enterprise uses {% data variables.product.prodname_emus %}, you can choose what unauthenticated users see when they attempt to access your enterprise's resources. For more information about {% data variables.product.prodname_emus %}, see [AUTOTITLE](/enterprise-cloud@latest/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/about-enterprise-managed-users). +If your enterprise uses {% data variables.product.prodname_emus %}, you can choose what unauthenticated users see when they attempt to access your enterprise's resources. For more information about {% data variables.product.prodname_emus %}, see [AUTOTITLE](/enterprise-cloud@latest/admin/concepts/identity-and-access-management/enterprise-managed-users). By default, to hide the existence of private resources, when an unauthenticated user attempts to access your enterprise, {% data variables.product.company_short %} displays a 404 error. @@ -147,7 +147,7 @@ The configuration of this setting also affects {% data variables.product.prodnam If "Automatically redirect users to sign in" is enabled, {% data variables.product.github %} sends the server hints that let GCM automatically filter accounts for your enterprise members. If the setting is disabled, users who use GCM must turn off account filtering locally in GCM to avoid being prompted for authentication each time they perform a Git operation. For more details, see [AUTOTITLE](/get-started/git-basics/caching-your-github-credentials-in-git). > [!NOTE] -> If a user is signed in to their personal account when they attempt to access any of your enterprise's resources, they'll be automatically signed out and redirected to SSO to sign in to their {% data variables.enterprise.prodname_managed_user %}. For more information, see [AUTOTITLE](/enterprise-cloud@latest/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-personal-account/managing-multiple-accounts). +> If a user is signed in to their personal account when they attempt to access any of your enterprise's resources, they'll be automatically signed out and redirected to SSO to sign in to their {% data variables.enterprise.prodname_managed_user %}. For more information, see [AUTOTITLE](/enterprise-cloud@latest/account-and-profile/how-tos/account-management/managing-multiple-accounts). {% data reusables.enterprise-accounts.access-enterprise %} {% data reusables.enterprise-accounts.identity-provider-tab %} @@ -157,10 +157,10 @@ If "Automatically redirect users to sign in" is enabled, {% data variables.produ ## Further reading -* [AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/about-saml-for-enterprise-iam) +* [AUTOTITLE](/admin/managing-iam/understanding-iam-for-enterprises/about-saml-for-enterprise-iam) {%- ifversion ghec %} * [AUTOTITLE](/admin/overview/accessing-compliance-reports-for-your-enterprise) {%- endif %} {%- ifversion ghec %} -* [AUTOTITLE](/admin/configuration/configuring-your-enterprise/restricting-network-traffic-to-your-enterprise-with-an-ip-allow-list) +* [AUTOTITLE](/admin/configuring-settings/hardening-security-for-your-enterprise/restricting-network-traffic-to-your-enterprise-with-an-ip-allow-list) {%- endif %} diff --git a/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise.md b/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise.md index 2917dd3ceb1b..e6f20a521c2b 100644 --- a/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise.md +++ b/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise.md @@ -86,7 +86,7 @@ Across all organizations owned by your enterprise, you can allow members to crea If you allow members to create repositories in your organizations, you can choose which types of repositories (public, private, and internal) that members can create. -{% ifversion ghec %}If your enterprise uses {% data variables.product.prodname_emus %}, you{% else %}You{% endif %} can also prevent users from creating repositories owned by their user accounts. {% ifversion emu-owned-repos %}If you allow users to create repositories owned by their user accounts, you can view and temporarily access those repositories at any time. For more information, see [AUTOTITLE](/admin/user-management/managing-repositories-in-your-enterprise/viewing-user-owned-repositories-in-your-enterprise) and [AUTOTITLE](/admin/user-management/managing-repositories-in-your-enterprise/accessing-user-owned-repositories-in-your-enterprise).{% endif %} +{% ifversion ghec %}If your enterprise uses {% data variables.product.prodname_emus %}, you{% else %}You{% endif %} can also prevent users from creating repositories owned by their user accounts. {% ifversion emu-owned-repos %}If you allow users to create repositories owned by their user accounts, you can view and temporarily access those repositories at any time. For more information, see [AUTOTITLE](/admin/managing-accounts-and-repositories/managing-repositories-in-your-enterprise/viewing-user-owned-repositories-in-your-enterprise) and [AUTOTITLE](/admin/managing-accounts-and-repositories/managing-repositories-in-your-enterprise/accessing-user-owned-repositories-in-your-enterprise).{% endif %} {% data reusables.repositories.internal-repo-default %} For more information about internal repositories, see [AUTOTITLE](/repositories/creating-and-managing-repositories/creating-a-new-repository). @@ -295,7 +295,7 @@ You can override the default inherited settings by configuring the settings for {% data reusables.enterprise_user_management.disclaimer-for-git-read-access %} -If you have [enabled private mode](/admin/configuration/configuring-your-enterprise/enabling-private-mode) for {% data variables.location.product_location %}, you can allow repository administrators to enable anonymous Git read access to public repositories. +If you have [enabled private mode](/admin/configuring-settings/hardening-security-for-your-enterprise/enabling-private-mode) for {% data variables.location.product_location %}, you can allow repository administrators to enable anonymous Git read access to public repositories. Enabling anonymous Git read access allows users to bypass authentication for custom tools on your enterprise. When you or a repository administrator enable this access setting for a repository, unauthenticated Git operations (and anyone with network access to {% data variables.location.product_location_enterprise %}) will have read access to the repository without authentication. diff --git a/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/restricting-email-notifications-for-your-enterprise.md b/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/restricting-email-notifications-for-your-enterprise.md index 63e20f70231c..4b36d68c234c 100644 --- a/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/restricting-email-notifications-for-your-enterprise.md +++ b/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/restricting-email-notifications-for-your-enterprise.md @@ -24,7 +24,7 @@ When you restrict email notifications, enterprise members can only use an email {% data reusables.enterprise-accounts.approved-domains-beta-note %} -The domains can be inherited from the enterprise or configured for the specific organization. For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/verifying-or-approving-a-domain-for-your-enterprise) and [AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/restricting-email-notifications-for-your-organization). +The domains can be inherited from the enterprise or configured for the specific organization. For more information, see [AUTOTITLE](/admin/configuring-settings/configuring-user-applications-for-your-enterprise/verifying-or-approving-a-domain-for-your-enterprise) and [AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/restricting-email-notifications-for-your-organization). {% data reusables.notifications.email-restrictions-verification %} @@ -32,7 +32,7 @@ If email restrictions are enabled for an enterprise, organization owners cannot ## Restricting email notifications for your enterprise -Before you can restrict email notifications for your enterprise, you must verify or approve at least one domain for the enterprise. {% ifversion ghec %} For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/verifying-or-approving-a-domain-for-your-enterprise).{% endif %} +Before you can restrict email notifications for your enterprise, you must verify or approve at least one domain for the enterprise. {% ifversion ghec %} For more information, see [AUTOTITLE](/admin/configuring-settings/configuring-user-applications-for-your-enterprise/verifying-or-approving-a-domain-for-your-enterprise).{% endif %} Users will not be notified when you enable email restrictions. It is your responsibility to inform users that, in the future, they will only receive email notifications related to your enterprise if they've added an email address belonging to a verified or approved domain to their account settings. diff --git a/content/admin/enforcing-policies/enforcing-policy-with-pre-receive-hooks/creating-a-pre-receive-hook-script.md b/content/admin/enforcing-policies/enforcing-policy-with-pre-receive-hooks/creating-a-pre-receive-hook-script.md index baec47ecb438..24ddb6883f15 100644 --- a/content/admin/enforcing-policies/enforcing-policy-with-pre-receive-hooks/creating-a-pre-receive-hook-script.md +++ b/content/admin/enforcing-policies/enforcing-policy-with-pre-receive-hooks/creating-a-pre-receive-hook-script.md @@ -102,7 +102,7 @@ The `$GITHUB_VIA` variable is available in the pre-receive hook environment when |
pull request merge button
| Merge of a pull request in the web interface | [AUTOTITLE](/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/merging-a-pull-request#merging-a-pull-request-on-github) | |
pull request revert button
| Revert of a pull request | [AUTOTITLE](/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/reverting-a-pull-request) | |
releases delete button
| Deletion of a release | [AUTOTITLE](/repositories/releasing-projects-on-github/managing-releases-in-a-repository#deleting-a-release) | -|
stafftools branch restore
| Restoration of a branch from the site admin dashboard | [AUTOTITLE](/admin/configuration/configuring-your-enterprise/site-admin-dashboard#repositories) | +|
stafftools branch restore
| Restoration of a branch from the site admin dashboard | [AUTOTITLE](/admin/administering-your-instance/administering-your-instance-from-the-web-ui) | |
tag create api
| Creation of a tag via the API | [AUTOTITLE](/rest/git/tags#create-a-tag-object) | |
web branch create
| Creation of a branch via the web interface | [AUTOTITLE](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-and-deleting-branches-within-your-repository#creating-a-branch) | @@ -147,7 +147,7 @@ We recommend consolidating hooks to a single repository. If the consolidated hoo git push ``` -1. [Create the pre-receive hook](/admin/policies/enforcing-policy-with-pre-receive-hooks/managing-pre-receive-hooks-on-the-github-enterprise-server-appliance#creating-pre-receive-hooks) on the {% data variables.product.prodname_ghe_server %} instance. +1. [Create the pre-receive hook](/admin/enforcing-policies/enforcing-policy-with-pre-receive-hooks/managing-pre-receive-hooks-on-your-instance#creating-pre-receive-hooks) on the {% data variables.product.prodname_ghe_server %} instance. ## Testing pre-receive scripts locally diff --git a/content/admin/installing-your-enterprise-server/setting-up-a-github-enterprise-server-instance/installing-github-enterprise-server-on-aws.md b/content/admin/installing-your-enterprise-server/setting-up-a-github-enterprise-server-instance/installing-github-enterprise-server-on-aws.md index 6bef1546d189..576d917df03a 100644 --- a/content/admin/installing-your-enterprise-server/setting-up-a-github-enterprise-server-instance/installing-github-enterprise-server-on-aws.md +++ b/content/admin/installing-your-enterprise-server/setting-up-a-github-enterprise-server-instance/installing-github-enterprise-server-on-aws.md @@ -110,7 +110,7 @@ If you're setting up your AMI for the first time, you will need to create a secu 1. Take note of the security group ID (`sg-xxxxxxxx`) of your newly created security group. -1. Create a security group rule for each of the ports in the table below. We recommend opening network ports selectively based on the network services you need to expose for administrative and user purposes. For more information, see [AUTOTITLE](/admin/configuration/configuring-network-settings/network-ports#administrative-ports), and [authorize-security-group-ingress](https://docs.aws.amazon.com/cli/latest/reference/ec2/authorize-security-group-ingress.html) in the AWS documentation. +1. Create a security group rule for each of the ports in the table below. We recommend opening network ports selectively based on the network services you need to expose for administrative and user purposes. For more information, see [AUTOTITLE](/admin/configuring-settings/configuring-network-settings/network-ports#administrative-ports), and [authorize-security-group-ingress](https://docs.aws.amazon.com/cli/latest/reference/ec2/authorize-security-group-ingress.html) in the AWS documentation. ```shell aws ec2 authorize-security-group-ingress --group-id SECURITY_GROUP_ID --protocol PROTOCOL --port PORT_NUMBER --cidr SOURCE IP RANGE @@ -148,7 +148,7 @@ aws ec2 run-instances \ If this is a production instance, we strongly recommend allocating an Elastic IP (EIP) and associating it with the instance before proceeding to {% data variables.product.prodname_ghe_server %} configuration. Otherwise, the public IP address of the instance will not be retained after instance restarts. For more information, see [Allocating an Elastic IP Address](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html#using-instance-addressing-eips-allocating) and [Associating an Elastic IP Address with a Running Instance](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html#using-instance-addressing-eips-associating) in the Amazon documentation. -Both primary and replica instances should be assigned separate EIPs in production High Availability configurations. For more information, see [AUTOTITLE](/admin/enterprise-management/configuring-high-availability). +Both primary and replica instances should be assigned separate EIPs in production High Availability configurations. For more information, see [AUTOTITLE](/admin/monitoring-and-managing-your-instance/configuring-high-availability). ## Configuring the {% data variables.product.prodname_ghe_server %} instance @@ -158,7 +158,7 @@ Both primary and replica instances should be assigned separate EIPs in productio {% data reusables.enterprise_installation.copy-the-vm-public-dns-name %} {% data reusables.enterprise_installation.upload-a-license-file %} -{% data reusables.enterprise_installation.save-settings-in-web-based-mgmt-console %} For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise). +{% data reusables.enterprise_installation.save-settings-in-web-based-mgmt-console %} For more information, see [AUTOTITLE](/admin/configuring-settings). {% data reusables.enterprise_installation.instance-will-restart-automatically %} {% data reusables.enterprise_installation.visit-your-instance %} diff --git a/content/admin/installing-your-enterprise-server/setting-up-a-github-enterprise-server-instance/installing-github-enterprise-server-on-azure.md b/content/admin/installing-your-enterprise-server/setting-up-a-github-enterprise-server-instance/installing-github-enterprise-server-on-azure.md index 9cfde3a66e81..a75ec337f264 100644 --- a/content/admin/installing-your-enterprise-server/setting-up-a-github-enterprise-server-instance/installing-github-enterprise-server-on-azure.md +++ b/content/admin/installing-your-enterprise-server/setting-up-a-github-enterprise-server-instance/installing-github-enterprise-server-on-azure.md @@ -60,7 +60,7 @@ Before launching {% data variables.location.product_location %} on Azure, you'll az vm create -n VM_NAME -g RESOURCE_GROUP --size VM_SIZE -l REGION --image APPLIANCE_IMAGE_NAME --storage-sku Premium_LRS ``` -1. Configure the security settings on your VM to open up required ports. We recommend opening network ports selectively based on the network services you need to expose for administrative and user purposes. For more information, see [AUTOTITLE](/admin/configuration/configuring-network-settings/network-ports#administrative-ports), and [az vm open-port](https://docs.microsoft.com/cli/azure/vm?view=azure-cli-latest#az_vm_open_port) in the Microsoft documentation. See the table below for a description of each port to determine what ports you need to open. +1. Configure the security settings on your VM to open up required ports. We recommend opening network ports selectively based on the network services you need to expose for administrative and user purposes. For more information, see [AUTOTITLE](/admin/configuring-settings/configuring-network-settings/network-ports#administrative-ports), and [az vm open-port](https://docs.microsoft.com/cli/azure/vm?view=azure-cli-latest#az_vm_open_port) in the Microsoft documentation. See the table below for a description of each port to determine what ports you need to open. ```shell az vm open-port -n VM_NAME -g RESOURCE_GROUP --port PORT_NUMBER @@ -105,7 +105,7 @@ To configure the instance, you must confirm the instance's status, upload a lice {% data reusables.enterprise_installation.copy-the-vm-public-dns-name %} {% data reusables.enterprise_installation.upload-a-license-file %} - {% data reusables.enterprise_installation.save-settings-in-web-based-mgmt-console %} For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise). + {% data reusables.enterprise_installation.save-settings-in-web-based-mgmt-console %} For more information, see [AUTOTITLE](/admin/configuring-settings). {% data reusables.enterprise_installation.instance-will-restart-automatically %} {% data reusables.enterprise_installation.visit-your-instance %} diff --git a/content/admin/installing-your-enterprise-server/setting-up-a-github-enterprise-server-instance/installing-github-enterprise-server-on-google-cloud-platform.md b/content/admin/installing-your-enterprise-server/setting-up-a-github-enterprise-server-instance/installing-github-enterprise-server-on-google-cloud-platform.md index 7c53a642da50..5e1d57be7f4a 100644 --- a/content/admin/installing-your-enterprise-server/setting-up-a-github-enterprise-server-instance/installing-github-enterprise-server-on-google-cloud-platform.md +++ b/content/admin/installing-your-enterprise-server/setting-up-a-github-enterprise-server-instance/installing-github-enterprise-server-on-google-cloud-platform.md @@ -43,7 +43,7 @@ Before launching {% data variables.location.product_location %} on Google Cloud ## Configuring the firewall -GCE virtual machines are created as a member of a network, which has a firewall. For the network associated with the {% data variables.product.prodname_ghe_server %} VM, you'll need to configure the firewall to allow the required ports listed in the table below. We recommend opening network ports selectively based on the network services you need to expose for administrative and user purposes. For more information, see [AUTOTITLE](/admin/configuration/configuring-network-settings/network-ports#administrative-ports), and [Firewall Rules Overview](https://cloud.google.com/vpc/docs/firewalls) in the Google Cloud Platform documentation. +GCE virtual machines are created as a member of a network, which has a firewall. For the network associated with the {% data variables.product.prodname_ghe_server %} VM, you'll need to configure the firewall to allow the required ports listed in the table below. We recommend opening network ports selectively based on the network services you need to expose for administrative and user purposes. For more information, see [AUTOTITLE](/admin/configuring-settings/configuring-network-settings/network-ports#administrative-ports), and [Firewall Rules Overview](https://cloud.google.com/vpc/docs/firewalls) in the Google Cloud Platform documentation. 1. Using the gcloud compute command-line tool, create the network. For more information, see [gcloud compute networks create](https://cloud.google.com/sdk/gcloud/reference/compute/networks/create) in the Google documentation. @@ -100,7 +100,7 @@ To create the {% data variables.product.prodname_ghe_server %} instance, you'll {% data reusables.enterprise_installation.copy-the-vm-public-dns-name %} {% data reusables.enterprise_installation.upload-a-license-file %} -{% data reusables.enterprise_installation.save-settings-in-web-based-mgmt-console %} For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise). +{% data reusables.enterprise_installation.save-settings-in-web-based-mgmt-console %} For more information, see [AUTOTITLE](/admin/configuring-settings). {% data reusables.enterprise_installation.instance-will-restart-automatically %} {% data reusables.enterprise_installation.visit-your-instance %} diff --git a/content/admin/installing-your-enterprise-server/setting-up-a-github-enterprise-server-instance/installing-github-enterprise-server-on-hyper-v.md b/content/admin/installing-your-enterprise-server/setting-up-a-github-enterprise-server-instance/installing-github-enterprise-server-on-hyper-v.md index 75e2978f194a..32b3f8156252 100644 --- a/content/admin/installing-your-enterprise-server/setting-up-a-github-enterprise-server-instance/installing-github-enterprise-server-on-hyper-v.md +++ b/content/admin/installing-your-enterprise-server/setting-up-a-github-enterprise-server-instance/installing-github-enterprise-server-on-hyper-v.md @@ -82,7 +82,7 @@ We also recommend that the ESXi Power Management Setting be configured to "High {% data reusables.enterprise_installation.copy-the-vm-public-dns-name %} {% data reusables.enterprise_installation.upload-a-license-file %} -{% data reusables.enterprise_installation.save-settings-in-web-based-mgmt-console %} For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise). +{% data reusables.enterprise_installation.save-settings-in-web-based-mgmt-console %} For more information, see [AUTOTITLE](/admin/configuring-settings). {% data reusables.enterprise_installation.instance-will-restart-automatically %} {% data reusables.enterprise_installation.visit-your-instance %} diff --git a/content/admin/installing-your-enterprise-server/setting-up-a-github-enterprise-server-instance/installing-github-enterprise-server-on-openstack-kvm.md b/content/admin/installing-your-enterprise-server/setting-up-a-github-enterprise-server-instance/installing-github-enterprise-server-on-openstack-kvm.md index 39b4002b6fab..8301de1ce9a8 100644 --- a/content/admin/installing-your-enterprise-server/setting-up-a-github-enterprise-server-instance/installing-github-enterprise-server-on-openstack-kvm.md +++ b/content/admin/installing-your-enterprise-server/setting-up-a-github-enterprise-server-instance/installing-github-enterprise-server-on-openstack-kvm.md @@ -49,7 +49,7 @@ category: {% data reusables.enterprise_installation.copy-the-vm-public-dns-name %} {% data reusables.enterprise_installation.upload-a-license-file %} -{% data reusables.enterprise_installation.save-settings-in-web-based-mgmt-console %} For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise). +{% data reusables.enterprise_installation.save-settings-in-web-based-mgmt-console %} For more information, see [AUTOTITLE](/admin/configuring-settings). {% data reusables.enterprise_installation.instance-will-restart-automatically %} {% data reusables.enterprise_installation.visit-your-instance %} diff --git a/content/admin/installing-your-enterprise-server/setting-up-a-github-enterprise-server-instance/installing-github-enterprise-server-on-vmware.md b/content/admin/installing-your-enterprise-server/setting-up-a-github-enterprise-server-instance/installing-github-enterprise-server-on-vmware.md index 5a1260400ad1..18e1a76597bd 100644 --- a/content/admin/installing-your-enterprise-server/setting-up-a-github-enterprise-server-instance/installing-github-enterprise-server-on-vmware.md +++ b/content/admin/installing-your-enterprise-server/setting-up-a-github-enterprise-server-instance/installing-github-enterprise-server-on-vmware.md @@ -53,7 +53,7 @@ category: {% data reusables.enterprise_installation.copy-the-vm-public-dns-name %} {% data reusables.enterprise_installation.upload-a-license-file %} -{% data reusables.enterprise_installation.save-settings-in-web-based-mgmt-console %} For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise). +{% data reusables.enterprise_installation.save-settings-in-web-based-mgmt-console %} For more information, see [AUTOTITLE](/admin/configuring-settings). {% data reusables.enterprise_installation.instance-will-restart-automatically %} {% data reusables.enterprise_installation.visit-your-instance %} diff --git a/content/admin/installing-your-enterprise-server/setting-up-a-github-enterprise-server-instance/setting-up-a-staging-instance.md b/content/admin/installing-your-enterprise-server/setting-up-a-github-enterprise-server-instance/setting-up-a-staging-instance.md index b2b6cd684699..2912fe4e45b8 100644 --- a/content/admin/installing-your-enterprise-server/setting-up-a-github-enterprise-server-instance/setting-up-a-staging-instance.md +++ b/content/admin/installing-your-enterprise-server/setting-up-a-github-enterprise-server-instance/setting-up-a-staging-instance.md @@ -34,7 +34,7 @@ To thoroughly test {% data variables.product.prodname_ghe_server %} and recreate ## Setting up a staging instance -You can set up a staging instance from scratch and configure the instance however you like. For more information, see [AUTOTITLE](/admin/installation/setting-up-a-github-enterprise-server-instance) and [AUTOTITLE](/admin/configuration/configuring-your-enterprise). +You can set up a staging instance from scratch and configure the instance however you like. For more information, see [AUTOTITLE](/admin/installing-your-enterprise-server/setting-up-a-github-enterprise-server-instance) and [AUTOTITLE](/admin/configuring-settings). Alternatively, you can create a staging instance that reflects your production configuration by restoring a backup of your production instance to the staging instance. @@ -48,7 +48,7 @@ Alternatively, you can create a staging instance that reflects your production c ### 1. Back up your production instance -If you want to test changes on an instance that contains the same data and configuration as your production instance, back up the data and configuration from the production instance using {% data variables.product.prodname_enterprise_backup_utilities %}. For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/configuring-backups-on-your-appliance). +If you want to test changes on an instance that contains the same data and configuration as your production instance, back up the data and configuration from the production instance using {% data variables.product.prodname_enterprise_backup_utilities %}. For more information, see [AUTOTITLE](/admin/backing-up-and-restoring-your-instance/configuring-backups-on-your-instance). > [!WARNING] > If you use {% data variables.product.prodname_actions %} or {% data variables.product.prodname_registry %} in production, your backup will include your production configuration for external storage. To avoid potential loss of data by writing to your production storage from your staging instance, you must configure each feature in steps 3 and 4 before you restore your backup. @@ -57,7 +57,7 @@ If you want to test changes on an instance that contains the same data and confi Set up a new instance to act as your staging environment. When following the setup process, be sure to select the **New Install** option. This will ensure your staging environment is initialized properly and is ready for restoring a backup if needed. -You can use the same guides for provisioning and installing your staging instance as you did for your production instance. For more information, see [AUTOTITLE](/admin/installation/setting-up-a-github-enterprise-server-instance). +You can use the same guides for provisioning and installing your staging instance as you did for your production instance. For more information, see [AUTOTITLE](/admin/installing-your-enterprise-server/setting-up-a-github-enterprise-server-instance). If you plan to restore a backup of your production instance, continue to the next step. Alternatively, you can configure the instance manually and skip the following steps. @@ -73,7 +73,7 @@ To configure {% data variables.product.prodname_actions %} on your staging insta The {% data variables.enterprise.management_console %} provides a secure, browser-based interface for low-level configuration of your {% data variables.product.prodname_ghe_server %} instance, including {% data variables.product.prodname_actions %}. All configuration changes are audited, and access is protected via dedicated credentials and network controls. > [!WARNING] -> If you don't configure {% data variables.product.prodname_actions %} on the staging instance before restoring your production backup, your staging instance will use your production instance's external storage, which could result in loss of data. We strongly recommended that you use different external storage for your staging instance. For more information, see [AUTOTITLE](/admin/github-actions/advanced-configuration-and-troubleshooting/using-a-staging-environment). +> If you don't configure {% data variables.product.prodname_actions %} on the staging instance before restoring your production backup, your staging instance will use your production instance's external storage, which could result in loss of data. We strongly recommend that you use different external storage for your staging instance. For more information, see [AUTOTITLE](/admin/managing-github-actions-for-your-enterprise/advanced-configuration-and-troubleshooting/using-a-staging-environment). 1. Access the {% data variables.enterprise.management_console %}. See [AUTOTITLE](/admin/administering-your-instance/administering-your-instance-from-the-web-ui/accessing-the-management-console). @@ -90,7 +90,7 @@ Once you've configured and enabled {% data variables.product.prodname_actions %} Optionally, if you use {% data variables.product.prodname_registry %} on your production instance, configure the feature on the staging instance before restoring your production backup. If you don't use {% data variables.product.prodname_registry %}, skip to [Restore your production backup](#5-restore-your-production-backup). > [!WARNING] -> If you don't configure {% data variables.product.prodname_registry %} on the staging instance before restoring your production backup, your staging instance will use your production instance's external storage, which could result in loss of data. We strongly recommended that you use different external storage for your staging instance. For more information, see [AUTOTITLE](/admin/github-actions/advanced-configuration-and-troubleshooting/using-a-staging-environment). +> If you don't configure {% data variables.product.prodname_registry %} on the staging instance before restoring your production backup, your staging instance will use your production instance's external storage, which could result in loss of data. We strongly recommend that you use different external storage for your staging instance. For more information, see [AUTOTITLE](/admin/managing-github-actions-for-your-enterprise/advanced-configuration-and-troubleshooting/using-a-staging-environment). To configure {% data variables.product.prodname_registry %} for your staging instance: @@ -106,7 +106,7 @@ To configure {% data variables.product.prodname_registry %} for your staging ins ### 5. Restore your production backup -Use the `ghe-restore` command to restore the rest of the data from the backup. For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/configuring-backups-on-your-appliance#restoring-a-backup). +Use the `ghe-restore` command to restore the rest of the data from the backup. For more information, see [AUTOTITLE](/admin/backing-up-and-restoring-your-instance/configuring-backups-on-your-instance#restoring-a-backup). If the staging instance is already configured and you want to overwrite settings, certificate, and license data, add the `-c` option to the command. For more information about the option, see [Using the backup and restore commands](https://github.com/github/backup-utils/blob/master/docs/usage.md#restoring-settings-tls-certificate-and-license) in the {% data variables.product.prodname_enterprise_backup_utilities %} documentation. @@ -115,9 +115,9 @@ If the staging instance is already configured and you want to overwrite settings To access the staging instance using the same hostname, update your local hosts file to resolve the staging instance's hostname by IP address by editing the `/etc/hosts` file in macOS or Linux, or the `C:\Windows\system32\drivers\etc` file in Windows. > [!NOTE] -> Your staging instance must be accessible from the same hostname as your production instance. Changing the hostname for {% data variables.location.product_location %} is not supported. For more information, see [AUTOTITLE](/admin/configuration/configuring-network-settings/configuring-a-hostname). +> Your staging instance must be accessible from the same hostname as your production instance. Changing the hostname for {% data variables.location.product_location %} is not supported. For more information, see [AUTOTITLE](/admin/configuring-settings/configuring-network-settings/configuring-the-hostname-for-your-instance). -Then, review the staging instance's configuration in the {% data variables.enterprise.management_console %}. For more information, see [AUTOTITLE](/admin/configuration/administering-your-instance-from-the-management-console). +Then, review the staging instance's configuration in the {% data variables.enterprise.management_console %}. For more information, see [AUTOTITLE](/admin/administering-your-instance/administering-your-instance-from-the-web-ui). > [!WARNING] > If you configured {% data variables.product.prodname_actions %} or {% data variables.product.prodname_registry %} for the staging instance, to avoid overwriting production data, ensure that the external storage configuration in the {% data variables.enterprise.management_console %} does not match your production instance. From fc0b142443cf0612980e18b024ca84d3a4985e09 Mon Sep 17 00:00:00 2001 From: Kevin Heis Date: Tue, 14 Jul 2026 08:38:23 -0700 Subject: [PATCH 2/5] Exclude docs-engineering-bot[bot] from dont-delete-features check (#62267) Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --- .github/workflows/dont-delete-features.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/dont-delete-features.yml b/.github/workflows/dont-delete-features.yml index 5717e5f670b8..66c5995c0f3f 100644 --- a/.github/workflows/dont-delete-features.yml +++ b/.github/workflows/dont-delete-features.yml @@ -25,8 +25,7 @@ permissions: jobs: dont-delete-features: - # It's 'docs-bot' that creates those PR from "Delete orphaned features" - if: github.event.pull_request.user.login != 'docs-bot' && (github.repository == 'github/docs-internal' || github.repository == 'github/docs') + if: github.event.pull_request.user.login != 'docs-bot' && github.event.pull_request.user.login != 'docs-engineering-bot[bot]' && (github.repository == 'github/docs-internal' || github.repository == 'github/docs') runs-on: ubuntu-latest steps: - name: Check out repo From c7f5a1a3532854f40d6efd0bb233d59b66b98631 Mon Sep 17 00:00:00 2001 From: "docs-engineering-bot[bot]" <285023527+docs-engineering-bot[bot]@users.noreply.github.com> Date: Tue, 14 Jul 2026 16:50:55 +0000 Subject: [PATCH 3/5] Sync secret scanning data (#62270) Co-authored-by: github-merge-queue <118344674+github-merge-queue@users.noreply.github.com> --- .../data/pattern-docs/fpt/public-docs.yml | 24 +++++++++++++++++-- .../data/pattern-docs/ghec/public-docs.yml | 24 +++++++++++++++++-- 2 files changed, 44 insertions(+), 4 deletions(-) diff --git a/src/secret-scanning/data/pattern-docs/fpt/public-docs.yml b/src/secret-scanning/data/pattern-docs/fpt/public-docs.yml index cf0cca234e4c..4b7403ac7573 100644 --- a/src/secret-scanning/data/pattern-docs/fpt/public-docs.yml +++ b/src/secret-scanning/data/pattern-docs/fpt/public-docs.yml @@ -210,6 +210,16 @@ hasExtendedMetadata: false base64Supported: false isduplicate: false +- provider: APIclub + supportedSecret: APIclub API Key + secretType: apiclub_api_key + isPublic: false + isPrivateWithGhas: true + hasPushProtection: false + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false - provider: Apify supportedSecret: Apify Actor Run API Token secretType: apify_actor_run_api_token @@ -4144,6 +4154,16 @@ hasExtendedMetadata: '{% ifversion ghes %}false{% else %}true{% endif %}' base64Supported: false isduplicate: false +- provider: Resend + supportedSecret: Resend API Key + secretType: resend_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: false + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false - provider: Rootly supportedSecret: Rootly API Key secretType: rootly_api_key @@ -4877,7 +4897,7 @@ - provider: Unkey supportedSecret: Unkey Root Key secretType: unkey_root_key - isPublic: false + isPublic: true isPrivateWithGhas: true hasPushProtection: false hasValidityCheck: true @@ -4969,7 +4989,7 @@ secretType: volcengine_ark_api_key isPublic: true isPrivateWithGhas: true - hasPushProtection: false + hasPushProtection: true hasValidityCheck: false hasExtendedMetadata: false base64Supported: false diff --git a/src/secret-scanning/data/pattern-docs/ghec/public-docs.yml b/src/secret-scanning/data/pattern-docs/ghec/public-docs.yml index cf0cca234e4c..4b7403ac7573 100644 --- a/src/secret-scanning/data/pattern-docs/ghec/public-docs.yml +++ b/src/secret-scanning/data/pattern-docs/ghec/public-docs.yml @@ -210,6 +210,16 @@ hasExtendedMetadata: false base64Supported: false isduplicate: false +- provider: APIclub + supportedSecret: APIclub API Key + secretType: apiclub_api_key + isPublic: false + isPrivateWithGhas: true + hasPushProtection: false + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false - provider: Apify supportedSecret: Apify Actor Run API Token secretType: apify_actor_run_api_token @@ -4144,6 +4154,16 @@ hasExtendedMetadata: '{% ifversion ghes %}false{% else %}true{% endif %}' base64Supported: false isduplicate: false +- provider: Resend + supportedSecret: Resend API Key + secretType: resend_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: false + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false - provider: Rootly supportedSecret: Rootly API Key secretType: rootly_api_key @@ -4877,7 +4897,7 @@ - provider: Unkey supportedSecret: Unkey Root Key secretType: unkey_root_key - isPublic: false + isPublic: true isPrivateWithGhas: true hasPushProtection: false hasValidityCheck: true @@ -4969,7 +4989,7 @@ secretType: volcengine_ark_api_key isPublic: true isPrivateWithGhas: true - hasPushProtection: false + hasPushProtection: true hasValidityCheck: false hasExtendedMetadata: false base64Supported: false From 55e25e307bbd9e7c2575998a86b37dfdb6ffb54e Mon Sep 17 00:00:00 2001 From: "docs-engineering-bot[bot]" <285023527+docs-engineering-bot[bot]@users.noreply.github.com> Date: Tue, 14 Jul 2026 16:52:40 +0000 Subject: [PATCH 4/5] GraphQL schema update (#62271) Co-authored-by: github-merge-queue <118344674+github-merge-queue@users.noreply.github.com> --- src/graphql/data/fpt/category-map.json | 4 + src/graphql/data/fpt/changelog.json | 43 +++++ src/graphql/data/fpt/schema-issues.json | 222 ++++++++++++++++++++++ src/graphql/data/fpt/schema.docs.graphql | 163 ++++++++++++++++ src/graphql/data/ghec/category-map.json | 4 + src/graphql/data/ghec/schema-issues.json | 222 ++++++++++++++++++++++ src/graphql/data/ghec/schema.docs.graphql | 163 ++++++++++++++++ 7 files changed, 821 insertions(+) diff --git a/src/graphql/data/fpt/category-map.json b/src/graphql/data/fpt/category-map.json index cb4132f5104b..2a79120c5a9d 100644 --- a/src/graphql/data/fpt/category-map.json +++ b/src/graphql/data/fpt/category-map.json @@ -1220,6 +1220,7 @@ "issuecommentorderfield": "issues", "issuecreationpolicy": "issues", "issuedependencyorderfield": "issues", + "issueeventconfidencelevel": "issues", "issuefielddatatype": "issues", "issuefieldorderfield": "issues", "issuefieldsingleselectoptioncolor": "issues", @@ -1546,6 +1547,7 @@ "addcommentinput": "issues", "addlabelstolabelableinput": "issues", "addsubissueinput": "issues", + "assigneeupdateinput": "issues", "clearlabelsfromlabelableinput": "issues", "closeissueinput": "issues", "createissuefieldinput": "issues", @@ -1569,7 +1571,9 @@ "issuefilters": "issues", "issueorder": "issues", "issuetypeorder": "issues", + "issuetypeupdateinput": "issues", "labelorder": "issues", + "labelupdateinput": "issues", "locklockableinput": "issues", "milestoneorder": "issues", "minimizecommentinput": "issues", diff --git a/src/graphql/data/fpt/changelog.json b/src/graphql/data/fpt/changelog.json index 145797bda24c..801e8d6a460a 100644 --- a/src/graphql/data/fpt/changelog.json +++ b/src/graphql/data/fpt/changelog.json @@ -1,4 +1,47 @@ [ + { + "schemaChanges": [ + { + "title": "The GraphQL schema includes these changes:", + "changes": [ + "

Type AssigneeUpdateInput was added

", + "

Input field actorId of type ID! was added to input object type AssigneeUpdateInput

", + "

Input field confidence of type IssueEventConfidenceLevel was added to input object type AssigneeUpdateInput

", + "

Input field rationale of type String was added to input object type AssigneeUpdateInput

", + "

Input field suggest of type Boolean was added to input object type AssigneeUpdateInput

", + "

Type IssueEventConfidenceLevel was added

", + "

Enum value HIGH was added to enum IssueEventConfidenceLevel

", + "

Enum value LOW was added to enum IssueEventConfidenceLevel

", + "

Enum value MEDIUM was added to enum IssueEventConfidenceLevel

", + "

Type IssueTypeUpdateInput was added

", + "

Input field confidence of type IssueEventConfidenceLevel was added to input object type IssueTypeUpdateInput

", + "

Input field issueTypeId of type ID was added to input object type IssueTypeUpdateInput

", + "

Input field rationale of type String was added to input object type IssueTypeUpdateInput

", + "

Input field suggest of type Boolean was added to input object type IssueTypeUpdateInput

", + "

Type LabelUpdateInput was added

", + "

Input field confidence of type IssueEventConfidenceLevel was added to input object type LabelUpdateInput

", + "

Input field labelId of type ID! was added to input object type LabelUpdateInput

", + "

Input field rationale of type String was added to input object type LabelUpdateInput

", + "

Input field suggest of type Boolean was added to input object type LabelUpdateInput

", + "

Input field assignees of type '[AssigneeUpdateInput!]was added to input object typeAddAssigneesToAssignableInput'

", + "

Input field labels of type '[LabelUpdateInput!]was added to input object typeAddLabelsToLabelableInput'

", + "

Input field confidence of type IssueEventConfidenceLevel was added to input object type CloseIssueInput

", + "

Input field isSuggestion of type Boolean was added to input object type CloseIssueInput

", + "

Input field rationale of type String was added to input object type CloseIssueInput

", + "

Input field confidence of type IssueEventConfidenceLevel was added to input object type IssueFieldCreateOrUpdateInput

", + "

Input field rationale of type String was added to input object type IssueFieldCreateOrUpdateInput

", + "

Input field suggest of type Boolean was added to input object type IssueFieldCreateOrUpdateInput

", + "

Input field assignees of type '[AssigneeUpdateInput!]was added to input object typeReplaceActorsForAssignableInput'

", + "

Input field assignees of type '[AssigneeUpdateInput!]was added to input object typeUpdateIssueInput'

", + "

Input field issueType of type IssueTypeUpdateInput was added to input object type UpdateIssueInput

", + "

Input field labels of type '[LabelUpdateInput!]was added to input object typeUpdateIssueInput'

" + ] + } + ], + "previewChanges": [], + "upcomingChanges": [], + "date": "2026-07-14" + }, { "schemaChanges": [ { diff --git a/src/graphql/data/fpt/schema-issues.json b/src/graphql/data/fpt/schema-issues.json index 64be41755e4e..fe22ef753ce1 100644 --- a/src/graphql/data/fpt/schema-issues.json +++ b/src/graphql/data/fpt/schema-issues.json @@ -9256,6 +9256,28 @@ ], "category": "issues" }, + { + "name": "IssueEventConfidenceLevel", + "id": "issueeventconfidencelevel", + "href": "/graphql/reference/issues#enum-issueeventconfidencelevel", + "description": "

The confidence level associated with an agent's issue event action.

", + "isDeprecated": false, + "values": [ + { + "name": "HIGH", + "description": "

High confidence.

" + }, + { + "name": "LOW", + "description": "

Low confidence.

" + }, + { + "name": "MEDIUM", + "description": "

Medium confidence.

" + } + ], + "category": "issues" + }, { "name": "IssueFieldDataType", "id": "issuefielddatatype", @@ -10230,6 +10252,13 @@ "href": "/graphql/reference/other#scalar-id", "isDeprecated": false }, + { + "name": "assignees", + "description": "

An array of actors to add as assignees, each with optional rationale or\nsuggest flag. Mutually exclusive with assigneeIds.

", + "type": "[AssigneeUpdateInput!]", + "id": "assigneeupdateinput", + "href": "/graphql/reference/issues#input-object-assigneeupdateinput" + }, { "name": "clientMutationId", "description": "

A unique identifier for the client performing the mutation.

", @@ -10331,6 +10360,13 @@ "id": "id", "href": "/graphql/reference/other#scalar-id", "isDeprecated": false + }, + { + "name": "labels", + "description": "

The labels to add, each with optional rationale or a suggest flag that\nstores the addition as a pending suggestion. Mutually exclusive with labelIds.

", + "type": "[LabelUpdateInput!]", + "id": "labelupdateinput", + "href": "/graphql/reference/issues#input-object-labelupdateinput" } ], "category": "issues" @@ -10381,6 +10417,45 @@ ], "category": "issues" }, + { + "name": "AssigneeUpdateInput", + "id": "assigneeupdateinput", + "href": "/graphql/reference/issues#input-object-assigneeupdateinput", + "description": "

Specifies an actor (user or bot) to assign to an issue, with optional metadata such as a rationale.

", + "isDeprecated": false, + "inputFields": [ + { + "name": "actorId", + "description": "

The ID of the actor (user or bot) to assign.

", + "type": "ID!", + "id": "id", + "href": "/graphql/reference/other#scalar-id", + "isDeprecated": false + }, + { + "name": "confidence", + "description": "

The confidence level the agent had when selecting this value.

", + "type": "IssueEventConfidenceLevel", + "id": "issueeventconfidencelevel", + "href": "/graphql/reference/issues#enum-issueeventconfidencelevel" + }, + { + "name": "rationale", + "description": "

Optional rationale describing why this value was selected. Max 280 characters.

", + "type": "String", + "id": "string", + "href": "/graphql/reference/other#scalar-string" + }, + { + "name": "suggest", + "description": "

If true, the value is stored as a pending suggestion for human review rather than being applied directly.

", + "type": "Boolean", + "id": "boolean", + "href": "/graphql/reference/other#scalar-boolean" + } + ], + "category": "issues" + }, { "name": "ClearLabelsFromLabelableInput", "id": "clearlabelsfromlabelableinput", @@ -10418,6 +10493,13 @@ "id": "string", "href": "/graphql/reference/other#scalar-string" }, + { + "name": "confidence", + "description": "

The confidence level the agent had when suggesting this close. Only meaningful when isSuggestion is true.

", + "type": "IssueEventConfidenceLevel", + "id": "issueeventconfidencelevel", + "href": "/graphql/reference/issues#enum-issueeventconfidencelevel" + }, { "name": "duplicateIssueId", "description": "

ID of the issue that this is a duplicate of.

", @@ -10426,6 +10508,13 @@ "href": "/graphql/reference/other#scalar-id", "isDeprecated": false }, + { + "name": "isSuggestion", + "description": "

If true, the close action is stored as a pending suggestion for human review rather than being applied directly.

", + "type": "Boolean", + "id": "boolean", + "href": "/graphql/reference/other#scalar-boolean" + }, { "name": "issueId", "description": "

ID of the issue to be closed.

", @@ -10434,6 +10523,13 @@ "href": "/graphql/reference/other#scalar-id", "isDeprecated": false }, + { + "name": "rationale", + "description": "

Optional rationale describing why the issue should be closed. Max 280 characters.

", + "type": "String", + "id": "string", + "href": "/graphql/reference/other#scalar-string" + }, { "name": "stateReason", "description": "

The reason the issue is to be closed.

", @@ -11021,6 +11117,13 @@ "description": "

Represents an issue field value that must be set on an issue during issue creation.

", "isDeprecated": false, "inputFields": [ + { + "name": "confidence", + "description": "

The confidence level the agent had when selecting this value.

", + "type": "IssueEventConfidenceLevel", + "id": "issueeventconfidencelevel", + "href": "/graphql/reference/issues#enum-issueeventconfidencelevel" + }, { "name": "dateValue", "description": "

The date value, for a date field.

", @@ -11056,6 +11159,13 @@ "id": "float", "href": "/graphql/reference/other#scalar-float" }, + { + "name": "rationale", + "description": "

Optional rationale describing why this value was selected. Max 280 characters.

", + "type": "String", + "id": "string", + "href": "/graphql/reference/other#scalar-string" + }, { "name": "singleSelectOptionId", "description": "

The ID of the selected option, for a single select field.

", @@ -11063,6 +11173,13 @@ "id": "id", "href": "/graphql/reference/other#scalar-id" }, + { + "name": "suggest", + "description": "

If true, the value is stored as a pending suggestion for human review rather than being applied directly.

", + "type": "Boolean", + "id": "boolean", + "href": "/graphql/reference/other#scalar-boolean" + }, { "name": "textValue", "description": "

The text value, for a text field.

", @@ -11263,6 +11380,44 @@ ], "category": "issues" }, + { + "name": "IssueTypeUpdateInput", + "id": "issuetypeupdateinput", + "href": "/graphql/reference/issues#input-object-issuetypeupdateinput", + "description": "

Specifies an Issue Type to set on an issue, with optional metadata such as a rationale.

", + "isDeprecated": false, + "inputFields": [ + { + "name": "confidence", + "description": "

The confidence level the agent had when selecting this value.

", + "type": "IssueEventConfidenceLevel", + "id": "issueeventconfidencelevel", + "href": "/graphql/reference/issues#enum-issueeventconfidencelevel" + }, + { + "name": "issueTypeId", + "description": "

The ID of the Issue Type to set on this issue. Pass null to clear the issue type.

", + "type": "ID", + "id": "id", + "href": "/graphql/reference/other#scalar-id" + }, + { + "name": "rationale", + "description": "

Optional rationale describing why this value was selected. Max 280 characters.

", + "type": "String", + "id": "string", + "href": "/graphql/reference/other#scalar-string" + }, + { + "name": "suggest", + "description": "

If true, the value is stored as a pending suggestion for human review rather than being applied directly.

", + "type": "Boolean", + "id": "boolean", + "href": "/graphql/reference/other#scalar-boolean" + } + ], + "category": "issues" + }, { "name": "LabelOrder", "id": "labelorder", @@ -11287,6 +11442,45 @@ ], "category": "issues" }, + { + "name": "LabelUpdateInput", + "id": "labelupdateinput", + "href": "/graphql/reference/issues#input-object-labelupdateinput", + "description": "

Specifies a Label to set on an issue, with optional metadata such as a rationale.

", + "isDeprecated": false, + "inputFields": [ + { + "name": "confidence", + "description": "

The confidence level the agent had when selecting this value.

", + "type": "IssueEventConfidenceLevel", + "id": "issueeventconfidencelevel", + "href": "/graphql/reference/issues#enum-issueeventconfidencelevel" + }, + { + "name": "labelId", + "description": "

The ID of the Label.

", + "type": "ID!", + "id": "id", + "href": "/graphql/reference/other#scalar-id", + "isDeprecated": false + }, + { + "name": "rationale", + "description": "

Optional rationale describing why this value was selected. Max 280 characters.

", + "type": "String", + "id": "string", + "href": "/graphql/reference/other#scalar-string" + }, + { + "name": "suggest", + "description": "

If true, the value is stored as a pending suggestion for human review rather than being applied directly.

", + "type": "Boolean", + "id": "boolean", + "href": "/graphql/reference/other#scalar-boolean" + } + ], + "category": "issues" + }, { "name": "LockLockableInput", "id": "locklockableinput", @@ -11609,6 +11803,13 @@ "href": "/graphql/reference/other#scalar-id", "isDeprecated": false }, + { + "name": "assignees", + "description": "

An array of actors to set as assignees, each with optional rationale or\nsuggest flag. Mutually exclusive with actorIds and actorLogins.

", + "type": "[AssigneeUpdateInput!]", + "id": "assigneeupdateinput", + "href": "/graphql/reference/issues#input-object-assigneeupdateinput" + }, { "name": "clientMutationId", "description": "

A unique identifier for the client performing the mutation.

", @@ -12000,6 +12201,13 @@ "href": "/graphql/reference/other#scalar-id", "isDeprecated": false }, + { + "name": "assignees", + "description": "

An array of actors to assign to this issue, each with optional rationale or\nsuggest flag. Mutually exclusive with assigneeIds.

", + "type": "[AssigneeUpdateInput!]", + "id": "assigneeupdateinput", + "href": "/graphql/reference/issues#input-object-assigneeupdateinput" + }, { "name": "body", "description": "

The body for the issue description.

", @@ -12022,6 +12230,13 @@ "href": "/graphql/reference/other#scalar-id", "isDeprecated": false }, + { + "name": "issueType", + "description": "

The Issue Type to set on this issue, with optional rationale. Mutually exclusive with issueTypeId.

", + "type": "IssueTypeUpdateInput", + "id": "issuetypeupdateinput", + "href": "/graphql/reference/issues#input-object-issuetypeupdateinput" + }, { "name": "issueTypeId", "description": "

The ID of the Issue Type for this issue.

", @@ -12037,6 +12252,13 @@ "href": "/graphql/reference/other#scalar-id", "isDeprecated": false }, + { + "name": "labels", + "description": "

An array of labels to set on this issue, each with optional rationale or suggest flag. Mutually exclusive with labelIds.

", + "type": "[LabelUpdateInput!]", + "id": "labelupdateinput", + "href": "/graphql/reference/issues#input-object-labelupdateinput" + }, { "name": "milestoneId", "description": "

The Node ID of the milestone for this issue.

", diff --git a/src/graphql/data/fpt/schema.docs.graphql b/src/graphql/data/fpt/schema.docs.graphql index 1b1970c02cbb..b0764be9ff54 100644 --- a/src/graphql/data/fpt/schema.docs.graphql +++ b/src/graphql/data/fpt/schema.docs.graphql @@ -384,6 +384,12 @@ input AddAssigneesToAssignableInput { abstractType: "Actor" ) + """ + An array of actors to add as assignees, each with optional rationale or + suggest flag. Mutually exclusive with `assigneeIds`. + """ + assignees: [AssigneeUpdateInput!] + """ A unique identifier for the client performing the mutation. """ @@ -658,6 +664,12 @@ input AddLabelsToLabelableInput { The id of the labelable object to add labels to. """ labelableId: ID! @possibleTypes(concreteTypes: ["Discussion", "Issue", "PullRequest"], abstractType: "Labelable") + + """ + The labels to add, each with optional `rationale` or a `suggest` flag that + stores the addition as a pending suggestion. Mutually exclusive with `labelIds`. + """ + labels: [LabelUpdateInput!] } """ @@ -1969,6 +1981,35 @@ type AssigneeEdge { node: Assignee } +""" +Specifies an actor (user or bot) to assign to an issue, with optional metadata such as a rationale. +""" +input AssigneeUpdateInput @docsCategory(name: "issues") { + """ + The ID of the actor (user or bot) to assign. + """ + actorId: ID! + @possibleTypes( + concreteTypes: ["Bot", "EnterpriseUserAccount", "Mannequin", "Organization", "User"] + abstractType: "Actor" + ) + + """ + The confidence level the agent had when selecting this value. + """ + confidence: IssueEventConfidenceLevel + + """ + Optional rationale describing why this value was selected. Max 280 characters. + """ + rationale: String + + """ + If true, the value is stored as a pending suggestion for human review rather than being applied directly. + """ + suggest: Boolean +} + """ An entry in the audit log. """ @@ -4847,16 +4888,31 @@ input CloseIssueInput { """ clientMutationId: String + """ + The confidence level the agent had when suggesting this close. Only meaningful when isSuggestion is true. + """ + confidence: IssueEventConfidenceLevel + """ ID of the issue that this is a duplicate of. """ duplicateIssueId: ID @possibleTypes(concreteTypes: ["Issue"]) + """ + If true, the close action is stored as a pending suggestion for human review rather than being applied directly. + """ + isSuggestion: Boolean + """ ID of the issue to be closed. """ issueId: ID! @possibleTypes(concreteTypes: ["Issue"]) + """ + Optional rationale describing why the issue should be closed. Max 280 characters. + """ + rationale: String + """ The reason the issue is to be closed. """ @@ -21146,6 +21202,26 @@ type IssueEdge { node: Issue } +""" +The confidence level associated with an agent's issue event action. +""" +enum IssueEventConfidenceLevel @docsCategory(name: "issues") { + """ + High confidence. + """ + HIGH + + """ + Low confidence. + """ + LOW + + """ + Medium confidence. + """ + MEDIUM +} + """ Represents a 'issue_field_added' event on a given issue. """ @@ -21280,6 +21356,11 @@ interface IssueFieldCommon @docsCategory(name: "issues") { Represents an issue field value that must be set on an issue during issue creation """ input IssueFieldCreateOrUpdateInput @docsCategory(name: "issues") { + """ + The confidence level the agent had when selecting this value. + """ + confidence: IssueEventConfidenceLevel + """ The date value, for a date field """ @@ -21305,11 +21386,21 @@ input IssueFieldCreateOrUpdateInput @docsCategory(name: "issues") { """ numberValue: Float + """ + Optional rationale describing why this value was selected. Max 280 characters. + """ + rationale: String + """ The ID of the selected option, for a single select field """ singleSelectOptionId: ID + """ + If true, the value is stored as a pending suggestion for human review rather than being applied directly. + """ + suggest: Boolean + """ The text value, for a text field """ @@ -22964,6 +23055,31 @@ type IssueTypeRemovedEvent implements Node @docsCategory(name: "issues") { issueType: IssueType } +""" +Specifies an Issue Type to set on an issue, with optional metadata such as a rationale. +""" +input IssueTypeUpdateInput @docsCategory(name: "issues") { + """ + The confidence level the agent had when selecting this value. + """ + confidence: IssueEventConfidenceLevel + + """ + The ID of the Issue Type to set on this issue. Pass null to clear the issue type. + """ + issueTypeId: ID + + """ + Optional rationale describing why this value was selected. Max 280 characters. + """ + rationale: String + + """ + If true, the value is stored as a pending suggestion for human review rather than being applied directly. + """ + suggest: Boolean +} + """ Represents a user signing up for a GitHub account. """ @@ -23221,6 +23337,31 @@ enum LabelOrderField @docsCategory(name: "issues") { NAME } +""" +Specifies a Label to set on an issue, with optional metadata such as a rationale. +""" +input LabelUpdateInput @docsCategory(name: "issues") { + """ + The confidence level the agent had when selecting this value. + """ + confidence: IssueEventConfidenceLevel + + """ + The ID of the Label. + """ + labelId: ID! @possibleTypes(concreteTypes: ["Label"]) + + """ + Optional rationale describing why this value was selected. Max 280 characters. + """ + rationale: String + + """ + If true, the value is stored as a pending suggestion for human review rather than being applied directly. + """ + suggest: Boolean +} + """ An object that can have labels assigned to it. """ @@ -49106,6 +49247,12 @@ input ReplaceActorsForAssignableInput { """ assignableId: ID! @possibleTypes(concreteTypes: ["Issue", "PullRequest"], abstractType: "Assignable") + """ + An array of actors to set as assignees, each with optional rationale or + suggest flag. Mutually exclusive with `actorIds` and `actorLogins`. + """ + assignees: [AssigneeUpdateInput!] + """ A unique identifier for the client performing the mutation. """ @@ -68252,6 +68399,12 @@ input UpdateIssueInput { abstractType: "Actor" ) + """ + An array of actors to assign to this issue, each with optional rationale or + suggest flag. Mutually exclusive with `assigneeIds`. + """ + assignees: [AssigneeUpdateInput!] + """ The body for the issue description. """ @@ -68267,6 +68420,11 @@ input UpdateIssueInput { """ id: ID! @possibleTypes(concreteTypes: ["Issue"]) + """ + The Issue Type to set on this issue, with optional rationale. Mutually exclusive with `issueTypeId`. + """ + issueType: IssueTypeUpdateInput + """ The ID of the Issue Type for this issue. """ @@ -68277,6 +68435,11 @@ input UpdateIssueInput { """ labelIds: [ID!] @possibleTypes(concreteTypes: ["Label"]) + """ + An array of labels to set on this issue, each with optional rationale or suggest flag. Mutually exclusive with `labelIds`. + """ + labels: [LabelUpdateInput!] + """ The Node ID of the milestone for this issue. """ diff --git a/src/graphql/data/ghec/category-map.json b/src/graphql/data/ghec/category-map.json index cb4132f5104b..2a79120c5a9d 100644 --- a/src/graphql/data/ghec/category-map.json +++ b/src/graphql/data/ghec/category-map.json @@ -1220,6 +1220,7 @@ "issuecommentorderfield": "issues", "issuecreationpolicy": "issues", "issuedependencyorderfield": "issues", + "issueeventconfidencelevel": "issues", "issuefielddatatype": "issues", "issuefieldorderfield": "issues", "issuefieldsingleselectoptioncolor": "issues", @@ -1546,6 +1547,7 @@ "addcommentinput": "issues", "addlabelstolabelableinput": "issues", "addsubissueinput": "issues", + "assigneeupdateinput": "issues", "clearlabelsfromlabelableinput": "issues", "closeissueinput": "issues", "createissuefieldinput": "issues", @@ -1569,7 +1571,9 @@ "issuefilters": "issues", "issueorder": "issues", "issuetypeorder": "issues", + "issuetypeupdateinput": "issues", "labelorder": "issues", + "labelupdateinput": "issues", "locklockableinput": "issues", "milestoneorder": "issues", "minimizecommentinput": "issues", diff --git a/src/graphql/data/ghec/schema-issues.json b/src/graphql/data/ghec/schema-issues.json index 64be41755e4e..fe22ef753ce1 100644 --- a/src/graphql/data/ghec/schema-issues.json +++ b/src/graphql/data/ghec/schema-issues.json @@ -9256,6 +9256,28 @@ ], "category": "issues" }, + { + "name": "IssueEventConfidenceLevel", + "id": "issueeventconfidencelevel", + "href": "/graphql/reference/issues#enum-issueeventconfidencelevel", + "description": "

The confidence level associated with an agent's issue event action.

", + "isDeprecated": false, + "values": [ + { + "name": "HIGH", + "description": "

High confidence.

" + }, + { + "name": "LOW", + "description": "

Low confidence.

" + }, + { + "name": "MEDIUM", + "description": "

Medium confidence.

" + } + ], + "category": "issues" + }, { "name": "IssueFieldDataType", "id": "issuefielddatatype", @@ -10230,6 +10252,13 @@ "href": "/graphql/reference/other#scalar-id", "isDeprecated": false }, + { + "name": "assignees", + "description": "

An array of actors to add as assignees, each with optional rationale or\nsuggest flag. Mutually exclusive with assigneeIds.

", + "type": "[AssigneeUpdateInput!]", + "id": "assigneeupdateinput", + "href": "/graphql/reference/issues#input-object-assigneeupdateinput" + }, { "name": "clientMutationId", "description": "

A unique identifier for the client performing the mutation.

", @@ -10331,6 +10360,13 @@ "id": "id", "href": "/graphql/reference/other#scalar-id", "isDeprecated": false + }, + { + "name": "labels", + "description": "

The labels to add, each with optional rationale or a suggest flag that\nstores the addition as a pending suggestion. Mutually exclusive with labelIds.

", + "type": "[LabelUpdateInput!]", + "id": "labelupdateinput", + "href": "/graphql/reference/issues#input-object-labelupdateinput" } ], "category": "issues" @@ -10381,6 +10417,45 @@ ], "category": "issues" }, + { + "name": "AssigneeUpdateInput", + "id": "assigneeupdateinput", + "href": "/graphql/reference/issues#input-object-assigneeupdateinput", + "description": "

Specifies an actor (user or bot) to assign to an issue, with optional metadata such as a rationale.

", + "isDeprecated": false, + "inputFields": [ + { + "name": "actorId", + "description": "

The ID of the actor (user or bot) to assign.

", + "type": "ID!", + "id": "id", + "href": "/graphql/reference/other#scalar-id", + "isDeprecated": false + }, + { + "name": "confidence", + "description": "

The confidence level the agent had when selecting this value.

", + "type": "IssueEventConfidenceLevel", + "id": "issueeventconfidencelevel", + "href": "/graphql/reference/issues#enum-issueeventconfidencelevel" + }, + { + "name": "rationale", + "description": "

Optional rationale describing why this value was selected. Max 280 characters.

", + "type": "String", + "id": "string", + "href": "/graphql/reference/other#scalar-string" + }, + { + "name": "suggest", + "description": "

If true, the value is stored as a pending suggestion for human review rather than being applied directly.

", + "type": "Boolean", + "id": "boolean", + "href": "/graphql/reference/other#scalar-boolean" + } + ], + "category": "issues" + }, { "name": "ClearLabelsFromLabelableInput", "id": "clearlabelsfromlabelableinput", @@ -10418,6 +10493,13 @@ "id": "string", "href": "/graphql/reference/other#scalar-string" }, + { + "name": "confidence", + "description": "

The confidence level the agent had when suggesting this close. Only meaningful when isSuggestion is true.

", + "type": "IssueEventConfidenceLevel", + "id": "issueeventconfidencelevel", + "href": "/graphql/reference/issues#enum-issueeventconfidencelevel" + }, { "name": "duplicateIssueId", "description": "

ID of the issue that this is a duplicate of.

", @@ -10426,6 +10508,13 @@ "href": "/graphql/reference/other#scalar-id", "isDeprecated": false }, + { + "name": "isSuggestion", + "description": "

If true, the close action is stored as a pending suggestion for human review rather than being applied directly.

", + "type": "Boolean", + "id": "boolean", + "href": "/graphql/reference/other#scalar-boolean" + }, { "name": "issueId", "description": "

ID of the issue to be closed.

", @@ -10434,6 +10523,13 @@ "href": "/graphql/reference/other#scalar-id", "isDeprecated": false }, + { + "name": "rationale", + "description": "

Optional rationale describing why the issue should be closed. Max 280 characters.

", + "type": "String", + "id": "string", + "href": "/graphql/reference/other#scalar-string" + }, { "name": "stateReason", "description": "

The reason the issue is to be closed.

", @@ -11021,6 +11117,13 @@ "description": "

Represents an issue field value that must be set on an issue during issue creation.

", "isDeprecated": false, "inputFields": [ + { + "name": "confidence", + "description": "

The confidence level the agent had when selecting this value.

", + "type": "IssueEventConfidenceLevel", + "id": "issueeventconfidencelevel", + "href": "/graphql/reference/issues#enum-issueeventconfidencelevel" + }, { "name": "dateValue", "description": "

The date value, for a date field.

", @@ -11056,6 +11159,13 @@ "id": "float", "href": "/graphql/reference/other#scalar-float" }, + { + "name": "rationale", + "description": "

Optional rationale describing why this value was selected. Max 280 characters.

", + "type": "String", + "id": "string", + "href": "/graphql/reference/other#scalar-string" + }, { "name": "singleSelectOptionId", "description": "

The ID of the selected option, for a single select field.

", @@ -11063,6 +11173,13 @@ "id": "id", "href": "/graphql/reference/other#scalar-id" }, + { + "name": "suggest", + "description": "

If true, the value is stored as a pending suggestion for human review rather than being applied directly.

", + "type": "Boolean", + "id": "boolean", + "href": "/graphql/reference/other#scalar-boolean" + }, { "name": "textValue", "description": "

The text value, for a text field.

", @@ -11263,6 +11380,44 @@ ], "category": "issues" }, + { + "name": "IssueTypeUpdateInput", + "id": "issuetypeupdateinput", + "href": "/graphql/reference/issues#input-object-issuetypeupdateinput", + "description": "

Specifies an Issue Type to set on an issue, with optional metadata such as a rationale.

", + "isDeprecated": false, + "inputFields": [ + { + "name": "confidence", + "description": "

The confidence level the agent had when selecting this value.

", + "type": "IssueEventConfidenceLevel", + "id": "issueeventconfidencelevel", + "href": "/graphql/reference/issues#enum-issueeventconfidencelevel" + }, + { + "name": "issueTypeId", + "description": "

The ID of the Issue Type to set on this issue. Pass null to clear the issue type.

", + "type": "ID", + "id": "id", + "href": "/graphql/reference/other#scalar-id" + }, + { + "name": "rationale", + "description": "

Optional rationale describing why this value was selected. Max 280 characters.

", + "type": "String", + "id": "string", + "href": "/graphql/reference/other#scalar-string" + }, + { + "name": "suggest", + "description": "

If true, the value is stored as a pending suggestion for human review rather than being applied directly.

", + "type": "Boolean", + "id": "boolean", + "href": "/graphql/reference/other#scalar-boolean" + } + ], + "category": "issues" + }, { "name": "LabelOrder", "id": "labelorder", @@ -11287,6 +11442,45 @@ ], "category": "issues" }, + { + "name": "LabelUpdateInput", + "id": "labelupdateinput", + "href": "/graphql/reference/issues#input-object-labelupdateinput", + "description": "

Specifies a Label to set on an issue, with optional metadata such as a rationale.

", + "isDeprecated": false, + "inputFields": [ + { + "name": "confidence", + "description": "

The confidence level the agent had when selecting this value.

", + "type": "IssueEventConfidenceLevel", + "id": "issueeventconfidencelevel", + "href": "/graphql/reference/issues#enum-issueeventconfidencelevel" + }, + { + "name": "labelId", + "description": "

The ID of the Label.

", + "type": "ID!", + "id": "id", + "href": "/graphql/reference/other#scalar-id", + "isDeprecated": false + }, + { + "name": "rationale", + "description": "

Optional rationale describing why this value was selected. Max 280 characters.

", + "type": "String", + "id": "string", + "href": "/graphql/reference/other#scalar-string" + }, + { + "name": "suggest", + "description": "

If true, the value is stored as a pending suggestion for human review rather than being applied directly.

", + "type": "Boolean", + "id": "boolean", + "href": "/graphql/reference/other#scalar-boolean" + } + ], + "category": "issues" + }, { "name": "LockLockableInput", "id": "locklockableinput", @@ -11609,6 +11803,13 @@ "href": "/graphql/reference/other#scalar-id", "isDeprecated": false }, + { + "name": "assignees", + "description": "

An array of actors to set as assignees, each with optional rationale or\nsuggest flag. Mutually exclusive with actorIds and actorLogins.

", + "type": "[AssigneeUpdateInput!]", + "id": "assigneeupdateinput", + "href": "/graphql/reference/issues#input-object-assigneeupdateinput" + }, { "name": "clientMutationId", "description": "

A unique identifier for the client performing the mutation.

", @@ -12000,6 +12201,13 @@ "href": "/graphql/reference/other#scalar-id", "isDeprecated": false }, + { + "name": "assignees", + "description": "

An array of actors to assign to this issue, each with optional rationale or\nsuggest flag. Mutually exclusive with assigneeIds.

", + "type": "[AssigneeUpdateInput!]", + "id": "assigneeupdateinput", + "href": "/graphql/reference/issues#input-object-assigneeupdateinput" + }, { "name": "body", "description": "

The body for the issue description.

", @@ -12022,6 +12230,13 @@ "href": "/graphql/reference/other#scalar-id", "isDeprecated": false }, + { + "name": "issueType", + "description": "

The Issue Type to set on this issue, with optional rationale. Mutually exclusive with issueTypeId.

", + "type": "IssueTypeUpdateInput", + "id": "issuetypeupdateinput", + "href": "/graphql/reference/issues#input-object-issuetypeupdateinput" + }, { "name": "issueTypeId", "description": "

The ID of the Issue Type for this issue.

", @@ -12037,6 +12252,13 @@ "href": "/graphql/reference/other#scalar-id", "isDeprecated": false }, + { + "name": "labels", + "description": "

An array of labels to set on this issue, each with optional rationale or suggest flag. Mutually exclusive with labelIds.

", + "type": "[LabelUpdateInput!]", + "id": "labelupdateinput", + "href": "/graphql/reference/issues#input-object-labelupdateinput" + }, { "name": "milestoneId", "description": "

The Node ID of the milestone for this issue.

", diff --git a/src/graphql/data/ghec/schema.docs.graphql b/src/graphql/data/ghec/schema.docs.graphql index 1b1970c02cbb..b0764be9ff54 100644 --- a/src/graphql/data/ghec/schema.docs.graphql +++ b/src/graphql/data/ghec/schema.docs.graphql @@ -384,6 +384,12 @@ input AddAssigneesToAssignableInput { abstractType: "Actor" ) + """ + An array of actors to add as assignees, each with optional rationale or + suggest flag. Mutually exclusive with `assigneeIds`. + """ + assignees: [AssigneeUpdateInput!] + """ A unique identifier for the client performing the mutation. """ @@ -658,6 +664,12 @@ input AddLabelsToLabelableInput { The id of the labelable object to add labels to. """ labelableId: ID! @possibleTypes(concreteTypes: ["Discussion", "Issue", "PullRequest"], abstractType: "Labelable") + + """ + The labels to add, each with optional `rationale` or a `suggest` flag that + stores the addition as a pending suggestion. Mutually exclusive with `labelIds`. + """ + labels: [LabelUpdateInput!] } """ @@ -1969,6 +1981,35 @@ type AssigneeEdge { node: Assignee } +""" +Specifies an actor (user or bot) to assign to an issue, with optional metadata such as a rationale. +""" +input AssigneeUpdateInput @docsCategory(name: "issues") { + """ + The ID of the actor (user or bot) to assign. + """ + actorId: ID! + @possibleTypes( + concreteTypes: ["Bot", "EnterpriseUserAccount", "Mannequin", "Organization", "User"] + abstractType: "Actor" + ) + + """ + The confidence level the agent had when selecting this value. + """ + confidence: IssueEventConfidenceLevel + + """ + Optional rationale describing why this value was selected. Max 280 characters. + """ + rationale: String + + """ + If true, the value is stored as a pending suggestion for human review rather than being applied directly. + """ + suggest: Boolean +} + """ An entry in the audit log. """ @@ -4847,16 +4888,31 @@ input CloseIssueInput { """ clientMutationId: String + """ + The confidence level the agent had when suggesting this close. Only meaningful when isSuggestion is true. + """ + confidence: IssueEventConfidenceLevel + """ ID of the issue that this is a duplicate of. """ duplicateIssueId: ID @possibleTypes(concreteTypes: ["Issue"]) + """ + If true, the close action is stored as a pending suggestion for human review rather than being applied directly. + """ + isSuggestion: Boolean + """ ID of the issue to be closed. """ issueId: ID! @possibleTypes(concreteTypes: ["Issue"]) + """ + Optional rationale describing why the issue should be closed. Max 280 characters. + """ + rationale: String + """ The reason the issue is to be closed. """ @@ -21146,6 +21202,26 @@ type IssueEdge { node: Issue } +""" +The confidence level associated with an agent's issue event action. +""" +enum IssueEventConfidenceLevel @docsCategory(name: "issues") { + """ + High confidence. + """ + HIGH + + """ + Low confidence. + """ + LOW + + """ + Medium confidence. + """ + MEDIUM +} + """ Represents a 'issue_field_added' event on a given issue. """ @@ -21280,6 +21356,11 @@ interface IssueFieldCommon @docsCategory(name: "issues") { Represents an issue field value that must be set on an issue during issue creation """ input IssueFieldCreateOrUpdateInput @docsCategory(name: "issues") { + """ + The confidence level the agent had when selecting this value. + """ + confidence: IssueEventConfidenceLevel + """ The date value, for a date field """ @@ -21305,11 +21386,21 @@ input IssueFieldCreateOrUpdateInput @docsCategory(name: "issues") { """ numberValue: Float + """ + Optional rationale describing why this value was selected. Max 280 characters. + """ + rationale: String + """ The ID of the selected option, for a single select field """ singleSelectOptionId: ID + """ + If true, the value is stored as a pending suggestion for human review rather than being applied directly. + """ + suggest: Boolean + """ The text value, for a text field """ @@ -22964,6 +23055,31 @@ type IssueTypeRemovedEvent implements Node @docsCategory(name: "issues") { issueType: IssueType } +""" +Specifies an Issue Type to set on an issue, with optional metadata such as a rationale. +""" +input IssueTypeUpdateInput @docsCategory(name: "issues") { + """ + The confidence level the agent had when selecting this value. + """ + confidence: IssueEventConfidenceLevel + + """ + The ID of the Issue Type to set on this issue. Pass null to clear the issue type. + """ + issueTypeId: ID + + """ + Optional rationale describing why this value was selected. Max 280 characters. + """ + rationale: String + + """ + If true, the value is stored as a pending suggestion for human review rather than being applied directly. + """ + suggest: Boolean +} + """ Represents a user signing up for a GitHub account. """ @@ -23221,6 +23337,31 @@ enum LabelOrderField @docsCategory(name: "issues") { NAME } +""" +Specifies a Label to set on an issue, with optional metadata such as a rationale. +""" +input LabelUpdateInput @docsCategory(name: "issues") { + """ + The confidence level the agent had when selecting this value. + """ + confidence: IssueEventConfidenceLevel + + """ + The ID of the Label. + """ + labelId: ID! @possibleTypes(concreteTypes: ["Label"]) + + """ + Optional rationale describing why this value was selected. Max 280 characters. + """ + rationale: String + + """ + If true, the value is stored as a pending suggestion for human review rather than being applied directly. + """ + suggest: Boolean +} + """ An object that can have labels assigned to it. """ @@ -49106,6 +49247,12 @@ input ReplaceActorsForAssignableInput { """ assignableId: ID! @possibleTypes(concreteTypes: ["Issue", "PullRequest"], abstractType: "Assignable") + """ + An array of actors to set as assignees, each with optional rationale or + suggest flag. Mutually exclusive with `actorIds` and `actorLogins`. + """ + assignees: [AssigneeUpdateInput!] + """ A unique identifier for the client performing the mutation. """ @@ -68252,6 +68399,12 @@ input UpdateIssueInput { abstractType: "Actor" ) + """ + An array of actors to assign to this issue, each with optional rationale or + suggest flag. Mutually exclusive with `assigneeIds`. + """ + assignees: [AssigneeUpdateInput!] + """ The body for the issue description. """ @@ -68267,6 +68420,11 @@ input UpdateIssueInput { """ id: ID! @possibleTypes(concreteTypes: ["Issue"]) + """ + The Issue Type to set on this issue, with optional rationale. Mutually exclusive with `issueTypeId`. + """ + issueType: IssueTypeUpdateInput + """ The ID of the Issue Type for this issue. """ @@ -68277,6 +68435,11 @@ input UpdateIssueInput { """ labelIds: [ID!] @possibleTypes(concreteTypes: ["Label"]) + """ + An array of labels to set on this issue, each with optional rationale or suggest flag. Mutually exclusive with `labelIds`. + """ + labels: [LabelUpdateInput!] + """ The Node ID of the milestone for this issue. """ From 116ae8c0566ea6535d67519c0fdcb49995100782 Mon Sep 17 00:00:00 2001 From: Sunbrye Ly <56200261+sunbrye@users.noreply.github.com> Date: Tue, 14 Jul 2026 10:00:17 -0700 Subject: [PATCH 5/5] Expand Microsoft models section with data-use (#62176) Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --- .../reference/ai-models/model-hosting.md | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) diff --git a/content/copilot/reference/ai-models/model-hosting.md b/content/copilot/reference/ai-models/model-hosting.md index 2c7a06f7c5cc..3efa2d5a23bc 100644 --- a/content/copilot/reference/ai-models/model-hosting.md +++ b/content/copilot/reference/ai-models/model-hosting.md @@ -36,14 +36,6 @@ OpenAI makes the [following data commitment](https://openai.com/enterprise-priva All input requests and output responses processed by {% data variables.product.prodname_copilot %}'s models continue to pass through GitHub Copilot's, content filtering systems. These filters include checks for public code matches (when applied) as well as mechanisms to detect and block harmful or offensive content. -## OpenAI models fine-tuned by Microsoft - -Used for: - -* {% data variables.copilot.copilot_raptor_mini %} - -These models are deployed on {% data variables.product.github %} managed Azure OpenAI tenant. - ## Anthropic models Used for: @@ -91,8 +83,19 @@ When using {% data variables.copilot.copilot_gemini %} models, input prompts and ## Microsoft models +Used for: + +* {% data variables.copilot.copilot_mai_code_1_flash %} +* {% data variables.copilot.copilot_raptor_mini %} + {% data variables.copilot.copilot_mai_code_1_flash %} is a first-party Microsoft model hosted on Azure in {% data variables.product.github %}'s tenant. +{% data variables.product.github %} does not use {% data variables.copilot.copilot_business_short %} or {% data variables.copilot.copilot_enterprise_short %} customer data to train AI models. For individual subscribers—{% data variables.copilot.copilot_free_short %}, {% data variables.copilot.copilot_pro_short %}, {% data variables.copilot.copilot_pro_plus_short %}, and {% data variables.copilot.copilot_max_short %} users—{% data variables.product.github %} may use {% data variables.product.prodname_copilot_short %} interaction data, including prompts (inputs), suggestions (outputs), and code snippets generated during {% data variables.product.prodname_copilot_short %} sessions to train and improve AI models, in accordance with our [AUTOTITLE](/free-pro-team@latest/site-policy/privacy-policies/github-general-privacy-statement) and applicable user settings. Individual subscribers can opt out of having their data used for AI model training. To manage this setting, see [AUTOTITLE](/copilot/how-tos/manage-your-account/manage-policies#model-training-and-improvements). + +{% data variables.copilot.copilot_mai_code_1_flash %} is served on Microsoft Azure AI Foundry within {% data variables.product.github %}'s tenant and is subject to {% data variables.product.github %}'s data handling configuration for that deployment. For details about how data is processed, retained, and secured for models served on Azure AI Foundry, see [Data, privacy, and security for Foundry Models sold by Azure](https://learn.microsoft.com/en-us/azure/foundry/responsible-ai/openai/data-privacy?tabs=azure-portal) in the Microsoft documentation. + +When using {% data variables.copilot.copilot_mai_code_1_flash %}, input prompts and output completions continue to run through {% data variables.product.prodname_copilot %}'s content filters for public code matching, when applied, along with those for harmful or offensive content. + ## Open-weight models Open-weight models have publicly available weights. {% data reusables.copilot.open-weight-model-hosting %}