Merge pull request #34599 from github/repo-sync

Repo sync

.github/workflows/test.yml

@@ -66,6 +66,7 @@ jobs:
           - observability
           # - open-source
           - pageinfo
+          - pagelist
           # - pages
           - products
           - redirects

content/admin/managing-iam/iam-configuration-reference/username-considerations-for-external-authentication.md

@@ -48,9 +48,11 @@ If you use an enterprise with {% data variables.product.prodname_emus %}, member
 
 ## About usernames for {% data variables.enterprise.prodname_managed_users %}
 
-When your {% data variables.enterprise.prodname_emu_enterprise %} is created, you will choose a short code that will be used as the suffix for your enterprise members' usernames. {% data reusables.enterprise-accounts.emu-shortcode %} The setup user who configures SAML SSO has a username in the format of **SHORT-CODE_admin**.
+When your {% data variables.enterprise.prodname_emu_enterprise %} is created, you will choose a short code that will be used as the suffix for your enterprise members' usernames. {% data reusables.enterprise-accounts.emu-shortcode %}
 
-When you provision a new user from your identity provider, the new {% data variables.enterprise.prodname_managed_user %} will have a {% data variables.product.prodname_dotcom %} username in the format of **@IDP-USERNAME_SHORT-CODE**. The IDP-USERNAME component is formed by normalizing the SCIM `userName` attribute value sent from the IdP.
+The setup user who configures SAML SSO has a username in the format of **SHORT-CODE_admin**. For example, if your enterprise's shortcode is "octo", the setup user will be "octo_admin."
+
+When you provision a new user from your identity provider, the new {% data variables.enterprise.prodname_managed_user %} will have a {% data variables.product.prodname_dotcom %} username in the format of **@IDP-USERNAME_SHORT-CODE** (for example, "mona-cat_octo"). The IDP-USERNAME component is formed by normalizing the SCIM `userName` attribute value sent from the IdP.
 
 | Identity provider                 | {% data variables.product.prodname_dotcom %} username  |
 |-----------------------------------|----------------------|

content/code-security/code-scanning/integrating-with-code-scanning/sarif-support-for-code-scanning.md

@@ -86,7 +86,7 @@ You can provide the source root for conversion from absolute to relative URIs in
 
 * [`checkout_path`](https://github.com/github/codeql-action/blob/c2c0a2908e95769d01b907f9930050ecb5cf050d/analyze/action.yml#L44-L47) input to the `github/codeql-action/analyze` action
 * `checkout_uri` parameter to the SARIF upload API endpoint. For more information, see "[AUTOTITLE](/rest/code-scanning/code-scanning#upload-an-analysis-as-sarif-data)."
-* [`invocation.workingDirectory.uri`](https://docs.oasis-open.org/sarif/sarif/v2.1.0/csprd01/sarif-v2.1.0-csprd01.html#_Toc9244365) property in the SARIF file
+* [`invocations[0].workingDirectory.uri`](https://docs.oasis-open.org/sarif/sarif/v2.1.0/csprd01/sarif-v2.1.0-csprd01.html#_Toc9244365) property in the `run` object in the SARIF file
 
 If you provide a source root, any location of an artifact specified using an absolute URI must use the same URI scheme. If there is a mismatch between the URI scheme for the source root and one or more of the absolute URIs, the upload is rejected.
 

content/copilot/building-copilot-extensions/about-building-copilot-extensions.md

@@ -20,6 +20,10 @@ type: overview
 * Sending responses to users in the {% data variables.product.prodname_copilot_chat_short %} window
 * Execution of {% data variables.product.company_short %} (first party) or functions on external services (third party)
 
+{% data variables.product.prodname_copilot_extensions_short %} can be used with:
+
+{% data reusables.copilot.copilot-extensions.compatible-chat-interfaces %}
+
 ## Visibility of {% data variables.product.prodname_copilot_extensions_short %}
 
 {% data variables.product.prodname_copilot_extensions_short %} can be private, public and shareable, or public and listed on the {% data variables.product.prodname_marketplace %}. Which visibility option you choose will depend on your use case and the audience you are targeting.

content/migrations/using-github-enterprise-importer/migrating-between-github-products/about-migrations-between-github-products.md

@@ -31,7 +31,6 @@ Pull requests | {% octicon "check" aria-label="Can be migrated" %}  | {% octicon
 Issues | {% octicon "check" aria-label="Can be migrated" %}  | {% octicon "check" aria-label="Can be migrated" %}  |
 Milestones | {% octicon "check" aria-label="Can be migrated" %}  | {% octicon "check" aria-label="Can be migrated" %}  |
 Wikis | {% octicon "check" aria-label="Can be migrated" %}  | {% octicon "check" aria-label="Can be migrated" %}  |
-Projects (classic) at the repository level | {% octicon "check" aria-label="Can be migrated" %}  | {% octicon "check" aria-label="Can be migrated" %}  |
 {% data variables.product.prodname_actions %} workflows | {% octicon "check" aria-label="Can be migrated" %}  | {% octicon "check" aria-label="Can be migrated" %}  |
 Commit comments | {% octicon "check" aria-label="Can be migrated" %}  | {% octicon "check" aria-label="Can be migrated" %}  |
 Active webhooks | {% octicon "check" aria-label="Can be migrated" %}  | {% octicon "check" aria-label="Can be migrated" %}  |
@@ -95,7 +94,6 @@ When you migrate a repository, either directly or as part of an organization mig
 * Issues
 * Milestones
 * Wikis (excluding attachments)
-* Projects (classic) at the repository level
 * {% data variables.product.prodname_actions %} workflows
 * Commit comments
 * Active webhooks (must be re-enabled after your migration, see "[Enabling webhooks](/migrations/using-github-enterprise-importer/migrating-between-github-products/overview-of-a-migration-between-github-products#enabling-webhooks)")

content/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles.md

@@ -57,7 +57,7 @@ Manage organization OAuth application policies | Access to the "OAuth applicatio
 | Manage organization Actions secrets | Access to create and manage Actions organization secrets. | "[AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions#creating-secrets-for-an-organization)" |
 | Manage organization Actions variables | Access to create and manage Actions organization variables. | "[AUTOTITLE](/actions/learn-github-actions/variables#creating-configuration-variables-for-an-organization)" |
 |  {% ifversion actions-usage-metrics %} |
-| View organization Actions usage metrics | View {% data variables.product.prodname_actions %} usage metrics for your organization. | "[AUTOTITLE](/organizations/collaborating-with-groups-in-organizations/viewing-usage-metrics-for-github-actions)" |
+| View organization Actions metrics | View {% data variables.product.prodname_actions %} usage metrics for your organization. | "[AUTOTITLE](/organizations/collaborating-with-groups-in-organizations/viewing-usage-metrics-for-github-actions)" |
 |  {% endif %} |
 |  {% ifversion push-protection-bypass-fine-grained-permissions %} |
 | Review and manage {% data variables.product.prodname_secret_scanning %} bypass requests | Review and manage {% data variables.product.prodname_secret_scanning %} bypass requests for your organization. | "[AUTOTITLE](/code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/delegated-bypass-for-push-protection)" |

content/repositories/archiving-a-github-repository/backing-up-a-repository.md

@@ -82,5 +82,5 @@ There is no supported, documented way to restore migration archives on {% data v
 
 A number of self-service tools exist that automate backups of repositories. Backup tools will download data from _specific_ repositories and organize it within a new branch or directory.
 
-For more information about self-service backup tools, see the [Backup Utilities category on {% data variables.product.prodname_marketplace %}](https://github.com/marketplace?category=backup-utilities).
+For more information about self-service backup tools, see the [Backup Utilities category on {% data variables.product.prodname_marketplace %}](https://github.com/marketplace?type=apps&category=backup-utilities).
 {% endif %}

data/reusables/actions/azure-vnet-supported-regions.md

@@ -32,6 +32,7 @@ Azure private networking supports arm64 runners in the following regions.
 * `EastUs`
 * `EastUs2`
 * `WestUs2`
+* `WestUs3`
 * `NorthCentralUs`
 * `SouthCentralUs`
 

data/reusables/actions/larger-runners-table.md

@@ -1,4 +1,4 @@
 | Runner Size | Architecture| Processor (CPU)| Memory (RAM)  | Storage (SSD) | Workflow label |
 | ------------| ------------| -------------- | ------------- | ------------- | -------------- |
-| Large       | Intel       | 12             | 30 GB         | 14 GB         | <code>macos-latest-large</code>, <code>macos-12-large</code>, <code>macos-13-large</code> [latest], <code>macos-14-large</code>[Beta] |
-| XLarge      | arm64 (M1)  | 6 (+ 8 GPU hardware acceleration) | 14 GB         | 14 GB         | <code>macos-latest-xlarge</code>, <code>macos-13-xlarge</code> [latest], <code>macos-14-xlarge</code>[Beta] |
+| Large       | Intel       | 12             | 30 GB         | 14 GB         | <code>macos-latest-large</code>, <code>macos-12-large</code>, <code>macos-13-large</code> , <code>macos-14-large</code> [latest] |
+| XLarge      | arm64 (M1)  | 6 (+ 8 GPU hardware acceleration) | 14 GB         | 14 GB         | <code>macos-latest-xlarge</code>, <code>macos-13-xlarge</code>, <code>macos-14-xlarge</code> [latest] |

data/reusables/enterprise-accounts/emu-shortcode.md

@@ -1 +1,3 @@
 The short code must be unique to your enterprise, a three-to-eight character alphanumeric string, and contain no special characters.
+
+> [!WARNING] The short code will be appended to the end of all usernames in your enterprise account. It is not possible to modify the short code after your {% data variables.enterprise.prodname_emu_enterprise %} has been created. Please make sure to select an appropriate short code when requesting your new enterprise account.

data/reusables/rest-api/secondary-rate-limit-rest-graphql.md

@@ -5,6 +5,7 @@ You may encounter a secondary rate limit if you:
 * _Make too many concurrent requests._ No more than 100 concurrent requests are allowed. This limit is shared across the REST API and GraphQL API.
 * _Make too many requests to a single endpoint per minute._ No more than 900 points per minute are allowed for REST API endpoints, and no more than 2,000 points per minute are allowed for the GraphQL API endpoint. For more information about points, see "[Calculating points for the secondary rate limit](#calculating-points-for-the-secondary-rate-limit)."
 * _Make too many requests per minute._ No more than 90 seconds of CPU time per 60 seconds of real time is allowed. No more than 60 seconds of this CPU time may be for the GraphQL API. You can roughly estimate the CPU time by measuring the total response time for your API requests.
+* _Make too many requests that consume excessive compute resources in a short period of time._
 * _Create too much content on {% data variables.product.company_short %} in a short amount of time._ In general, no more than 80 content-generating requests per minute and no more than 500 content-generating requests per hour are allowed. Some endpoints have lower content creation limits. Content creation limits include actions taken on the {% data variables.product.company_short %} web interface as well as via the REST API and GraphQL API.
 
 These secondary rate limits are subject to change without notice. You may also encounter a secondary rate limit for undisclosed reasons.

src/audit-logs/data/fpt/user.json

@@ -319,6 +319,21 @@
     "description": "A GitHub Actions deployment protection rule was updated via the API.",
     "docs_reference_links": "/actions/deployment/targeting-different-environments/using-environments-for-deployment#deployment-protection-rules"
   },
+  {
+    "action": "gist.create",
+    "description": "A gist was created.",
+    "docs_reference_links": "N/A"
+  },
+  {
+    "action": "gist.destroy",
+    "description": "A gist was deleted.",
+    "docs_reference_links": "N/A"
+  },
+  {
+    "action": "gist.visibility_change",
+    "description": "The visibility of a gist was updated.",
+    "docs_reference_links": "N/A"
+  },
   {
     "action": "git_signing_ssh_public_key.create",
     "description": "An SSH key was added to a user account as a Git commit signing key.",

src/audit-logs/data/ghec/user.json

@@ -319,6 +319,21 @@
     "description": "A GitHub Actions deployment protection rule was updated via the API.",
     "docs_reference_links": "/actions/deployment/targeting-different-environments/using-environments-for-deployment#deployment-protection-rules"
   },
+  {
+    "action": "gist.create",
+    "description": "A gist was created.",
+    "docs_reference_links": "N/A"
+  },
+  {
+    "action": "gist.destroy",
+    "description": "A gist was deleted.",
+    "docs_reference_links": "N/A"
+  },
+  {
+    "action": "gist.visibility_change",
+    "description": "The visibility of a gist was updated.",
+    "docs_reference_links": "N/A"
+  },
   {
     "action": "git_signing_ssh_public_key.create",
     "description": "An SSH key was added to a user account as a Git commit signing key.",

src/audit-logs/lib/config.json

@@ -3,5 +3,5 @@
     "apiOnlyEvents": "This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.",
     "apiRequestEvent": "This event is only available via audit log streaming."
   },
-  "sha": "1d7576e6efc47504c6be1746cf432365caafd467"
+  "sha": "ee7d96263a737a0fd8c2b25b852a2ebbb1041ab3"
 }

src/frame/middleware/api.ts

@@ -5,6 +5,7 @@ import events from '@/events/middleware.js'
 import anchorRedirect from '@/rest/api/anchor-redirect.js'
 import search from '@/search/middleware/search.js'
 import pageInfo from '@/pageinfo/middleware'
+import pageList from '@/pagelist/middleware'
 import webhooks from '@/webhooks/middleware/webhooks.js'
 import { ExtendedRequest } from '@/types'
 
@@ -14,6 +15,7 @@ router.use('/events', events)
 router.use('/webhooks', webhooks)
 router.use('/anchor-redirect', anchorRedirect)
 router.use('/pageinfo', pageInfo)
+router.use('/pagelist', pageList)
 
 // The purpose of this is for convenience to everyone who runs this code
 // base locally but don't have an Elasticsearch server locally.

src/links/lib/excluded-links.yml

@@ -62,6 +62,7 @@
 - is: https://azure.microsoft.com
 - is: https://api.octocorp.ghe.com
 - is: https://platform.openai.com/docs/guides/safety-best-practices
+- is: https://platform.openai.com/docs/guides/function-calling
 - is: https://global.rel.tunnels.api.visualstudio.com/api/version
 - is: https://www.wireguard.com/quickstart/
 - is: https://docs.openstack.org/horizon/latest/

src/pagelist/README.md

@@ -0,0 +1,7 @@
+# Pagelist
+
+This subject folder contains the code for the `/api/pagelist` endpoint.
+
+## What it does
+
+The `/api/pagelist` endpoint provides a flat structure of all the pages on GitHub Docs.

src/pagelist/middleware.ts

@@ -0,0 +1,64 @@
+import express from 'express'
+import type { Response } from 'express'
+
+import type { ExtendedRequest } from '@/types'
+import { defaultCacheControl } from '@/frame/middleware/cache-control.js'
+import { getProductStringFromPath, getVersionStringFromPath } from '#src/frame/lib/path-utils.js'
+import { latest } from '#src/versions/lib/enterprise-server-releases.js'
+
+const router = express.Router()
+
+router.get('/v1/enterprise-server@latest', (req, res) => {
+  res.redirect(
+    307,
+    req.originalUrl.replace(
+      '/pagelist/v1/enterprise-server@latest',
+      `/pagelist/v1/enterprise-server@${latest}`,
+    ),
+  )
+})
+
+router.get('/v1/:product@:version', (req: ExtendedRequest, res: Response) => {
+  const { product, version } = req.params
+
+  if (!req.context || !req.context.pages) throw new Error('Request not contextualized.')
+
+  const pages = req.context.pages
+
+  // the keys of `context.pages` are permalinks
+  const keys = Object.keys(pages)
+
+  // we filter the permalinks to get only our target version
+  const filteredPermalinks = keys.filter((key) => versionMatcher(key, `${product}@${version}`))
+
+  if (!filteredPermalinks.length) {
+    res.status(400).type('text').send('Invalid version')
+    return
+  }
+
+  defaultCacheControl(res)
+
+  // new line added at the end so `wc` works as expected with `-l` and `-w`.
+  res.type('text').send(filteredPermalinks.join('\n').concat('\n'))
+})
+
+router.get('/:product@:version', (req, res) => {
+  res.redirect(307, req.originalUrl.replace('/pagelist', '/pagelist/v1'))
+})
+
+// If no version is provided we'll assume API v1 and Docs version FPT
+router.get('/', (req, res) => {
+  res.redirect(307, req.originalUrl.replace('/pagelist', '/pagelist/v1/free-pro-team@latest'))
+})
+
+function versionMatcher(key: string, targetVersion: string) {
+  const versionFromPath = getVersionStringFromPath(key)
+
+  if (!versionFromPath) {
+    throw new Error(`Couldn't get version from the permalink ${key} when generating the pagelist.`)
+  }
+  if (getProductStringFromPath(key) === 'early-access') return null
+  if (versionFromPath === targetVersion) return key
+}
+
+export default router

src/pagelist/tests/pagelist.ts

@@ -0,0 +1,64 @@
+import { beforeAll, describe, expect, test } from 'vitest'
+
+import { get } from '#src/tests/helpers/e2etest.js'
+
+import { allVersionKeys } from '#src/versions/lib/all-versions.js'
+import nonEnterpriseDefaultVersion from '#src/versions/lib/non-enterprise-default-version.js'
+import { latest } from '#src/versions/lib/enterprise-server-releases.js'
+
+test('redirects without version suffix', async () => {
+  const res = await get(`/api/pagelist`)
+  expect(res.statusCode).toBe(307)
+  expect(res.headers.location).toBe(`/api/pagelist/v1/${nonEnterpriseDefaultVersion}`)
+})
+
+test('redirects for ghes@latest', async () => {
+  const res = await get(`/api/pagelist/v1/enterprise-server@latest`)
+  expect(res.statusCode).toBe(307)
+  expect(res.headers.location).toBe(`/api/pagelist/v1/enterprise-server@${latest}`)
+})
+
+describe.each(allVersionKeys)('pagelist api for %s', async (versionKey) => {
+  beforeAll(() => {
+    // If you didn't set the `ROOT` variable, the tests will fail rather
+    // cryptically. So as a warning for engineers running these tests,
+    // alert in case it was accidentally forgotten.
+    if (!process.env.ROOT) {
+      console.warn(
+        'WARNING: The pagelist tests require the ROOT environment variable to be set to the fixture root',
+      )
+    }
+    // Ditto for fixture-based translations to work
+    if (!process.env.TRANSLATIONS_FIXTURE_ROOT) {
+      console.warn(
+        'WARNING: The pagelist tests require the TRANSLATIONS_FIXTURE_ROOT environment variable to be set',
+      )
+    }
+  })
+
+  // queries the pagelist API for each version
+  const res = await get(`/api/pagelist/v1/${versionKey}`)
+
+  test('is reachable, returns 200 OK', async () => {
+    expect(res.statusCode).toBe(200)
+  })
+
+  // there's a large assortment of possible URLs,
+  // even "/en" is an acceptable URL, so regexes capture lots
+  test('contains valid urls', async () => {
+    let expression
+
+    // if we're testing the default version, it may be missing
+    // from the url altogether so we need a slightly different regex
+    if (versionKey === nonEnterpriseDefaultVersion)
+      expression = new RegExp(`/\\w{2}(/${versionKey})?/?.*`)
+    else expression = new RegExp(`/\\w{2}/${versionKey}/?.*`)
+
+    res.body
+      .trim()
+      .split('\n')
+      .forEach((permalink: string) => {
+        expect(permalink).toMatch(expression)
+      })
+  })
+})