Merge branch 'main' of github.com:github/docs-internal into update-new-site-tree-deps

Author: sarahs

CONTRIBUTING.md

@@ -95,6 +95,8 @@ A [pull request](https://docs.github.com/en/github/collaborating-with-issues-and
 
 When we merge those changes, they should be deployed to the live site within 24 hours. :earth_africa: To learn more about opening a pull request in this repo, see [Opening a pull request](#opening-a-pull-request) below.
 
+We cannot accept contributions to the [REST API reference documentation](https://docs.github.com/en/rest/reference). If you spot an inaccuracy in the REST API reference documentation, open an issue in the [github/rest-api-description](https://github.com/github/rest-api-description/issues/new?template=schema-inaccuracy.md) repository.
+
 ### :question: Support
 We are a small team working hard to keep up with the documentation demands of a continuously changing product. Unfortunately, we just can't help with support questions in this repository. If you are experiencing a problem with GitHub, unrelated to our documentation, please [contact GitHub Support directly](https://support.github.com/contact). Any issues, discussions, or pull requests opened here requesting support will be given information about how to contact GitHub Support, then closed and locked.
 

assets/images/help/settings/codespaces-image-registry-secret-example.png

@@ -14,16 +14,24 @@ topics:
 
 Your enterprise instance includes a number of built-in actions that you can use in your workflows. For more information about the bundled actions, see "[Official actions bundled with your enterprise instance](/admin/github-actions/about-using-actions-in-your-enterprise#official-actions-bundled-with-your-enterprise-instance)."
 
-These bundled actions are a point-in-time snapshot of the official actions found at https://github.com/actions; as a result, these actions may be older versions that can be updated. To update these actions, you can use `actions-sync` to retrieve updated versions from {% data variables.product.prodname_dotcom_the_website %}.
+These bundled actions are a point-in-time snapshot of the official actions found at https://github.com/actions, so there may be newer versions of these actions available. You can use the `actions-sync` tool to update these actions, or you can configure {% data variables.product.prodname_github_connect %} to allow access to the latest actions on {% data variables.product.prodname_dotcom_the_website %}. These options are described in the following sections.
 
-These options are described in more detail in the following sections.
+### Using `actions-sync` to update the bundled actions
 
-### Using actions-sync to update a bundled action
+To update the bundled actions, you can use the `actions-sync` tool to update the snapshot. For more information on using `actions-sync`, see "[Manually syncing actions from {% data variables.product.prodname_dotcom_the_website %}](/admin/github-actions/manually-syncing-actions-from-githubcom)."
 
-To update the bundled actions, you can use the `actions-sync` tool to synchronize actions with {% data variables.product.prodname_dotcom_the_website %}. For more information on using `actions-sync`, see "[Manually syncing actions from {% data variables.product.prodname_dotcom_the_website %}](/admin/github-actions/manually-syncing-actions-from-githubcom)."
+### Using {% data variables.product.prodname_github_connect %} to access the latest actions
 
-### Using actions from {% data variables.product.prodname_dotcom_the_website %}
+You can use {% data variables.product.prodname_github_connect %} to allow {% data variables.product.product_name %} to use actions from {% data variables.product.prodname_dotcom_the_website %}. For more information, see "[Enabling automatic access to {% data variables.product.prodname_dotcom_the_website %} actions using {% data variables.product.prodname_github_connect %}](/admin/github-actions/enabling-automatic-access-to-githubcom-actions-using-github-connect)."
 
-To allow {% data variables.product.product_name %} to use actions directly from {% data variables.product.prodname_dotcom_the_website %}, you can use {% data variables.product.prodname_github_connect %}. For more information, see "[Enabling automatic access to {% data variables.product.prodname_dotcom_the_website %} actions using {% data variables.product.prodname_github_connect %}](/admin/github-actions/enabling-automatic-access-to-githubcom-actions-using-github-connect)."
+Once {% data variables.product.prodname_github_connect %} is configured, you can use the latest version of an action by deleting its local repository in the `actions` organization on your instance. For example, if your enterprise instance is using the `actions/checkout@v1` action, and you need to use `actions/checkout@v2` which isn't available on your enterprise instance, perform the following steps to be able to use the latest `checkout` action from {% data variables.product.prodname_dotcom_the_website %}:
 
-Once configured, you can use a new version of an action from {% data variables.product.prodname_dotcom_the_website %} by manually specifying the required version in the workflow file. For example, to use version `v2.2.1` of `actions/setup-python` from {% data variables.product.prodname_dotcom_the_website %}, you can specify the tag `actions/setup-python@v2.2.1` in your workflow file.
+1. To get the required access to delete the `checkout` repository, use the `ghe-org-admin-promote` command to promote a user to be an owner of the bundled `actions` organization. For more information, see "[Accessing the administrative shell (SSH)](/admin/configuration/accessing-the-administrative-shell-ssh)" and "[`ghe-org-admin-promote`](/admin/configuration/command-line-utilities#ghe-org-admin-promote)." For example:
+
+   ```shell
+   ghe-org-admin-promote -u <em>USERNAME</em> -o actions
+   ```
+1. On your {% data variables.product.product_name %} instance, delete the `checkout` repository within the `actions` organization. For information on how to delete a repository, see "[Deleting a repository
+](/github/administering-a-repository/deleting-a-repository)."
+1. Configure your workflow's YAML to use `actions/checkout@v2`.
+1. Each time your workflow runs, the runner will use the `v2` version of `actions/checkout` from {% data variables.product.prodname_dotcom_the_website %}.

content/admin/github-actions/using-the-latest-version-of-the-official-bundled-actions.md

@@ -199,7 +199,9 @@ Also, the `User-Agent` for the requests will have the prefix `GitHub-Hookshot/`.
 
 Webhook events are triggered based on the specificity of the domain you register. For example, if you register a subdomain (`https://subdomain.example.com`) then only URLs for the subdomain trigger this event. If you register a domain (`https://example.com`) then URLs for domain and all subdomains trigger this event. See "[Create a content attachment](/rest/reference/apps#create-a-content-attachment)" to create a new content attachment.
 
-Only {% data variables.product.prodname_github_app %}s can receive this event. {% data variables.product.prodname_github_app %}s must have the `content_references` `write` permission to subscribe to this event.
+#### Availability
+
+- {% data variables.product.prodname_github_app %}s with the `content_references:write` permission
 
 #### Webhook payload example
 
@@ -1008,12 +1010,6 @@ Deliveries for `review_requested` and `review_request_removed` events will have
 
 {% endnote %}
 
-{% tip %}
-
-**Note**: The webhook payload example following the table differs significantly from the Events API payload described in the table. Among other differences, the webhook payload includes both `sender` and `pusher` objects. Sender and pusher are the same user who initiated the `push` event, but the `sender` object contains more detail.
-
-{% endtip %}
-
 #### Availability
 
 - Repository webhooks

content/developers/webhooks-and-events/webhook-events-and-payloads.md

@@ -93,6 +93,10 @@ An overview of some of the most common actions that are recorded as events in th
 
 | Action | Description
 |------------------|-------------------
+| `create` | Triggered when you [create a codespace](/github/developing-online-with-codespaces/creating-a-codespace).
+| `resume` | Triggered when you resume a suspended codespace.
+| `delete` | Triggered when you [delete a codespace](/github/developing-online-with-codespaces/deleting-a-codespace).
+| `manage_access_and_security` | Triggered when you update [the repositories a codespace has access to](/github/developing-online-with-codespaces/managing-access-and-security-for-codespaces).
 | `trusted_repositories_access_update` | Triggered when you change your user account's [access and security setting for {% data variables.product.prodname_codespaces %}](/github/developing-online-with-codespaces/managing-access-and-security-for-codespaces).
 
 #### `marketplace_agreement_signature` category actions

content/github/authenticating-to-github/reviewing-your-security-log.md

@@ -25,6 +25,12 @@ When you enable access and security for a repository owned by your user account,
 1. If you chose "Selected repositories", select the drop-down menu, then click a repository to allow the repository's codespaces to access other repositories you own. Repeat for all repositories whose codespaces you want to access other repositories you own.
   !["Selected repositories" drop-down menu](/assets/images/help/settings/codespaces-access-and-security-repository-drop-down.png)
 
+### Reviewing your security log for {% data variables.product.prodname_codespaces %}
+
+The security log is where you can review {% data variables.product.prodname_codespaces %} actions that you have performed. For information about accessing the log, see "[Reviewing your security log](/github/authenticating-to-github/reviewing-your-security-log#accessing-your-security-log)."
+
+The security log includes details on what action occured and when you performed it. For information about {% data variables.product.prodname_codespaces %} actions, see "[{% data variables.product.prodname_codespaces %} category actions](/github/authenticating-to-github/reviewing-your-security-log#codespaces-category-actions)".
+
 ### Managing security and access for your organization
 
 Organization owners can manage security and access for {% data variables.product.prodname_codespaces %}.
@@ -41,3 +47,9 @@ When you enable access and security for a repository owned by your organization,
   ![Radio buttons to manage trusted repositories](/assets/images/help/settings/codespaces-access-and-security-radio-buttons.png)
 1. If you chose "Selected repositories", select the drop-down menu, then click a repository to allow the repository's codespaces to access other repositories owned by your organization. Repeat for all repositories whose codespaces you want to access other repositories.
     !["Selected repositories" drop-down menu](/assets/images/help/settings/codespaces-access-and-security-repository-drop-down.png)
+
+### Reviewing your organization's audit logs for {% data variables.product.prodname_codespaces %}
+
+The audit log is where you can review actions related to {% data variables.product.prodname_codespaces %} that have been performed by members of your organization. For information about accessing the log, see "[Reviewing your security log](/organizations/keeping-your-organization-secure/reviewing-the-audit-log-for-your-organization#accessing-the-audit-log)."
+
+The audit log includes details such as who performed the action, what the action was, and when the action was performed. For information on {% data variables.product.prodname_codespaces %} actions, see "[{% data variables.product.prodname_codespaces %} category actions](/organizations/keeping-your-organization-secure/reviewing-the-audit-log-for-your-organization#codespaces-category-actions)."

content/github/developing-online-with-codespaces/managing-access-and-security-for-codespaces.md

@@ -22,6 +22,7 @@ You can add encrypted secrets to your user account that you want to use in your
 - Personal access tokens to cloud services
 - Service principals
 - Subscription identifiers
+- [Credentials for a private image registry](#allowing-your-codespace-to-access-private-images)
 
 You can choose which repositories should have access to each secret. Then, you can use the secret in any codespace you create for a repository that has access to the secret.
 
@@ -67,3 +68,22 @@ You can update the value of an existing secret, and you can change which reposit
   !["Delete" button](/assets/images/help/settings/codespaces-secret-delete-button.png)
 1. Read the warning, then click **OK**.
   ![Confirmation to delete secret](/assets/images/help/settings/codespaces-secret-delete-warning.png)
+
+### Allowing your codespace to access private images
+
+A registry is a secure space for storing and managing private container images, such as Azure Container Registry or DockerHub. By adding a secret, your codespace can access private images within the registry.
+
+When a codespace launches, {% data variables.product.prodname_codespaces %} will check for the following three secrets, which define the server name, username, and personal access token (PAT) for the container registry. If those secrets are found, {% data variables.product.prodname_codespaces %} will make the registry available inside your codespace.
+
+- `<*>_CONTAINER_REGISTRY_SERVER`
+- `<*>_CONTAINER_REGISTRY_USER`
+- `<*>_CONTAINER_REGISTRY_PASSWORD`
+
+Use the steps in "[Adding a secret](#adding-a-secret)" to add a secret for each of these items. Replace the “<*>” in the name with a consistent identifier. For example, if you had a private image registry in Azure, it might look like the following:
+
+```
+ACR_CONTAINER_REGISTRY_SERVER = mycompany.azurecr.io
+ACR_CONTAINER_REGISTRY_USER = acr-user-here
+ACR_CONTAINER_REGISTRY_PASSWORD = <PAT>
+```
+![Image registry secret example](/assets/images/help/settings/codespaces-image-registry-secret-example.png)

content/github/developing-online-with-codespaces/managing-encrypted-secrets-for-codespaces.md

@@ -36,6 +36,7 @@ To search for specific events, use the `action` qualifier in your query. Actions
 | [`account`](#account-category-actions) | Contains all activities related to your organization account.
 | [`advisory_credit`](#advisory_credit-category-actions) | Contains all activities related to crediting a contributor for a security advisory in the {% data variables.product.prodname_advisory_database %}. For more information, see "[About {% data variables.product.prodname_dotcom %} Security Advisories](/github/managing-security-vulnerabilities/about-github-security-advisories)."
 | [`billing`](#billing-category-actions) | Contains all activities related to your organization's billing.
+| [`codespaces`](#codespaces-category-actions) | Contains all activities related to your organization's codespaces.
 | [`dependabot_alerts`](#dependabot_alerts-category-actions) | Contains organization-level configuration activities for {% data variables.product.prodname_dependabot %} alerts in existing repositories. For more information, see "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)."
 | [`dependabot_alerts_new_repos`](#dependabot_alerts_new_repos-category-actions) | Contains organization-level configuration activities for {% data variables.product.prodname_dependabot %} alerts in new repositories created in the organization.
 | [`dependabot_security_updates`](#dependabot_security_updates-category-actions) | Contains organization-level configuration activities for {% data variables.product.prodname_dependabot_security_updates %} in existing repositories. For more information, see "[Configuring {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/configuring-dependabot-security-updates)."
@@ -190,6 +191,20 @@ An overview of some of the most common actions that are recorded as events in th
 | `change_billing_type` | Triggered when your organization [changes how it pays for {% data variables.product.prodname_dotcom %}](/articles/adding-or-editing-a-payment-method).
 | `change_email` | Triggered when your organization's [billing email address](/articles/setting-your-billing-email) changes.
 
+#### `codespaces` category actions
+
+| Action | Description
+|------------------|-------------------
+| `create` | Triggered when a user [creates a codespace](/github/developing-online-with-codespaces/creating-a-codespace).
+| `resume` | Triggered when a user resumes a suspended codespace.
+| `delete` | Triggered when a user [deletes a codespace](/github/developing-online-with-codespaces/deleting-a-codespace).
+| `create_an_org_secret` | Triggered when a user creates an organization-level [secret for {% data variables.product.prodname_codespaces %}](/github/developing-online-with-codespaces/managing-encrypted-secrets-for-codespaces#about-encrypted-secrets-for-codespaces)
+| `update_an_org_secret` | Triggered when a user updates an organization-level [secret for {% data variables.product.prodname_codespaces %}](/github/developing-online-with-codespaces/managing-encrypted-secrets-for-codespaces#about-encrypted-secrets-for-codespaces).
+| `remove_an_org_secret` | Triggered when a user removes an organization-level [secret for {% data variables.product.prodname_codespaces %}](/github/developing-online-with-codespaces/managing-encrypted-secrets-for-codespaces#about-encrypted-secrets-for-codespaces).
+| `manage_access_and_security` | Triggered when a user updates [which repositories a codespace can access](/github/developing-online-with-codespaces/managing-access-and-security-for-codespaces).
+
+
+
 #### `dependabot_alerts` category actions
 
 | Action | Description

content/organizations/keeping-your-organization-secure/reviewing-the-audit-log-for-your-organization.md

@@ -3,6 +3,10 @@ Partner | Supported secret | API slug
 n/a | JSON Web Token | json_web_token
 n/a | OAuth Client Credential | api_credential_assignment
 Adafruit IO | Adafruit IO Key | adafruit_io_key
+Adobe | Adobe Device Token | adobe_device_token
+Adobe | Adobe Service Token | adobe_service_token
+Adobe | Adobe Short-Lived Access Token | adobe_short_lived_access_token
+Adobe | Adobe JSON Web Token | adobe_jwt
 Alibaba Cloud | Alibaba Cloud Access Key ID | alibaba_cloud_access_key_id
 Alibaba Cloud | Alibaba Cloud Access Key Secret | alibaba_cloud_access_key_secret
 Amazon Web Services (AWS) | Amazon AWS Access Key ID | aws_access_key_id
@@ -31,9 +35,11 @@ Facebook | Facebook Access Token | facebook_access_token
 Finicity | Finicity App Key | finicity_app_key
 Frame.io | Frame.io JSON Web Token | frameio_jwt
 Frame.io| Frame.io Developer Token | frameio_developer_token
-GitHub | GitHub SSH Private Key | github_ssh_private_key
 GitHub | GitHub Personal Access Token | github_personal_access_token
+GitHub | GitHub OAuth Access Token | github_oauth_access_token
+GitHub | GitHub Refresh Token | github_refresh_token
 GitHub | GitHub App Installation Access Token | github_app_installation_access_token
+GitHub | GitHub SSH Private Key | github_ssh_private_key
 GoCardless | GoCardless Live Access Token | gocardless_live_access_token
 GoCardless | GoCardless Sandbox Access Token | gocardless_sandbox_access_token
 Google Cloud | Google API Key | google_api_key

data/reusables/secret-scanning/partner-secret-list-private-repo.md

@@ -1,15 +1,19 @@
 Partner | Supported secret
 --- | ---
 Adafruit IO | Adafruit IO Key
+Adobe | Adobe Device Token
+Adobe | Adobe Service Token
+Adobe | Adobe Short-Lived Access Token
+Adobe | Adobe JSON Web Token
 Alibaba Cloud | Alibaba Cloud Access Key ID and Access Key Secret pair
 Amazon Web Services (AWS) | Amazon AWS Access Key ID and Secret Access Key pair
 Atlassian | Atlassian API Token
 Atlassian | Atlassian JSON Web Token
-Azure | Azure DevOps Personal Access Token | azure_devops_personal_access_token
-Azure | Azure SAS Token | azure_sas_token
-Azure | Azure Service Management Certificate | azure_management_certificate
-Azure | Azure SQL Connection String | azure_sql_connection_string
-Azure | Azure Storage Account Key | azure_storage_account_key
+Azure | Azure DevOps Personal Access Token
+Azure | Azure SAS Token
+Azure | Azure Service Management Certificate
+Azure | Azure SQL Connection String
+Azure | Azure Storage Account Key
 Clojars | Clojars Deploy Token
 CloudBees CodeShip | CloudBees CodeShip Credential
 Databricks | Databricks Access Token
@@ -26,9 +30,11 @@ Dynatrace | Dynatrace Internal Token
 Finicity | Finicity App Key
 Frame.io | Frame.io JSON Web Token
 Frame.io| Frame.io Developer Token
-GitHub | GitHub SSH Private Key
 GitHub | GitHub Personal Access Token
+GitHub | GitHub OAuth Access Token
+GitHub | GitHub Refresh Token
 GitHub | GitHub App Installation Access Token
+GitHub | GitHub SSH Private Key
 GoCardless | GoCardless Live Access Token
 GoCardless | GoCardless Sandbox Access Token
 Google Cloud | Google API Key