Branch was updated using the 'autoupdate branch' Actions workflow.

Author: Octomerger

.github/workflows/check-for-spammy-issues.yml

@@ -65,3 +65,14 @@ jobs:
               issue_number: issue.number,
               body: "This issue appears to have been opened accidentally. I'm going to close it now, but feel free to open a new issue or ask any questions in [discussions](https://github.com/github/docs/discussions)!"
             });
+
+            // Add the issue to the Done column on the triage board
+            try {
+              await github.projects.createCard({
+                column_id: 11167427,
+                content_id: context.payload.issue.id,
+                content_type: "Issue"
+              });
+            } catch (error) {
+              console.log(error);
+            }

content/developers/webhooks-and-events/securing-your-webhooks.md

@@ -94,4 +94,4 @@ Your language and server implementations may differ from this example code. Howe
 
 * Using a plain `==` operator is **not advised**. A method like [`secure_compare`][secure_compare] performs a "constant time" string comparison, which helps mitigate certain timing attacks against regular equality operators.
 
-[secure_compare]: http://rubydoc.info/github/rack/rack/master/Rack/Utils.secure_compare
+[secure_compare]: https://rubydoc.info/github/rack/rack/master/Rack/Utils:secure_compare

data/release-notes/2-21/18.yml

@@ -0,0 +1,15 @@
+date: '2021-04-01'
+sections:
+  security_fixes:
+    - "**HIGH:** An improper access control vulnerability was identified in GitHub Enterprise Server that allowed access tokens generated via a GitHub App's [web authentication flow](https://docs.github.com/en/developers/apps/identifying-and-authorizing-users-for-github-apps#web-application-flow) to read private repository metadata without requiring appropriate permissions. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.0.4 and was fixed in 3.0.4, 2.22.10, and 2.21.18. This vulnerability was reported via the GitHub Bug Bounty program and has been assigned CVE-2021-22865."
+    - Packages have been updated to the latest security versions.
+  bugs:
+    - Services were not transitioning to new log files as part of log rotation, resulting in increased disk usage.
+    - The label on search results for internal repositories was shown as "Private" instead of "Internal".
+  known_issues:
+    - On a freshly set up GitHub Enterprise Server without any users, an attacker could create the first admin user.
+    - Custom firewall rules are not maintained during an upgrade.
+    - Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository.
+    - Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters.
+    - When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results.
+    - Security alerts are not reported when pushing to a repository on the command line.

data/release-notes/2-22/10.yml

@@ -0,0 +1,15 @@
+date: '2021-04-01'
+sections:
+  security_fixes:
+    - "**HIGH:** An improper access control vulnerability was identified in GitHub Enterprise Server that allowed access tokens generated via a GitHub App's [web authentication flow](https://docs.github.com/en/developers/apps/identifying-and-authorizing-users-for-github-apps#web-application-flow) to read private repository metadata without requiring appropriate permissions. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.0.4 and was fixed in 3.0.4, 2.22.10, and 2.21.18. This vulnerability was reported via the GitHub Bug Bounty program and has been assigned CVE-2021-22865."
+    - Packages have been updated to the latest security versions.
+  bugs:
+    - A timezone set on GitHub Enterprise 11.10.x or earlier was not being used by some services which were defaulting to UTC time.
+    - Services were not transitioning to new log files as part of log rotation, resulting in increased disk usage.
+    - The label on search results for internal repositories was shown as "Private" instead of "Internal".
+  known_issues:
+    - On a freshly set up GitHub Enterprise Server without any users, an attacker could create the first admin user.
+    - Custom firewall rules are not maintained during an upgrade.
+    - Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository.
+    - Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters.
+    - When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results.

data/release-notes/3-0/4.yml

@@ -0,0 +1,22 @@
+date: '2021-04-01'
+intro: The minimum infrastructure requirements have increased for {% data variables.product.prodname_ghe_server %} 3.0+. For more information, see "[About minimum requirements for GitHub Enterprise Server 3.0 and later](/admin/enterprise-management/upgrading-github-enterprise-server#about-minimum-requirements-for-github-enterprise-server-30-and-later)."
+sections:
+  security_fixes:
+    - "**HIGH:** An improper access control vulnerability was identified in GitHub Enterprise Server that allowed access tokens generated via a GitHub App's [web authentication flow](https://docs.github.com/en/developers/apps/identifying-and-authorizing-users-for-github-apps#web-application-flow) to read private repository metadata without requiring appropriate permissions. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.0.4 and was fixed in 3.0.4, 2.22.10, and 2.21.18. This vulnerability was reported via the GitHub Bug Bounty program and has been assigned CVE-2021-22865."
+    - Packages have been updated to the latest security versions.
+  bugs:
+    - When maintenance mode was enabled, some services continued to be listed as "active processes" even though they were expected to be running, and should not have been listed.
+    - After upgrading from 2.22.x to 3.0.x with GitHub Actions enabled, the self-hosted runner version was not updated and no self-hosted updates were made.
+    - Old GitHub Pages builds that were created from commits to a `gh-pages` branch were not cleaned up leading to increased disk usage.
+    - '`memcached` was not running on active replicas.'
+    - Upgrade failed when updating file permissions when GitHub Actions was enabled.
+    - A timezone set on GitHub Enterprise 11.10.x or earlier was not being used by some services which were defaulting to UTC time.
+    - Services were not transitioning to new log files as part of log rotation, resulting in increased disk usage.
+    - The `ghe-saml-mapping-csv` command-line utility produced a warning message.
+    - The label on search results for internal repositories was shown as "Private" instead of "Internal".
+  known_issues:
+    - On a freshly set up GitHub Enterprise Server without any users, an attacker could create the first admin user.
+    - Custom firewall rules are not maintained during an upgrade.
+    - Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository.
+    - Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters.
+    - When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results.

data/reusables/secret-scanning/partner-secret-list-private-repo.md

@@ -7,6 +7,7 @@ Alibaba Cloud | Alibaba Cloud Access Key ID | alibaba_cloud_access_key_id
 Alibaba Cloud | Alibaba Cloud Access Key Secret | alibaba_cloud_access_key_secret
 Amazon Web Services (AWS) | Amazon AWS Access Key ID | aws_access_key_id
 Amazon Web Services (AWS) | Amazon AWS Secret Access Key | aws_secret_access_key
+Asana | Asana Personal Access Token | asana_personal_access_token
 Atlassian | Atlassian API Token | atlassian_api_token
 Atlassian | Atlassian JSON Web Token | atlassian_jwt
 Azure | Azure DevOps Personal Access Token | azure_devops_personal_access_token
@@ -37,8 +38,12 @@ GoCardless | GoCardless Live Access Token | gocardless_live_access_token
 GoCardless | GoCardless Sandbox Access Token | gocardless_sandbox_access_token
 Google Cloud | Google API Key | google_api_key
 Google Cloud | Google Cloud Private Key ID | google_cloud_private_key_id
+Grafana | Grafana API Key | grafana_api_key
 Hashicorp Terraform | Terraform Cloud / Enterprise API Token | terraform_api_token
 Hubspot | Hubspot API Key | hubspot_api_key
+Intercom | Intercom Access Token | intercom_access_token
+Lob | Lob Live API Key | lob_live_api_key
+Lob | Lob Test API Key | lob_test_api_key
 Mailchimp | Mailchimp API Key | mailchimp_api_key
 Mailgun | Mailgun API Key | mailgun_api_key
 npm | npm Access Token | npm_access_token
@@ -51,6 +56,7 @@ Proctorio | Proctorio Registration Key | proctorio_registration_key
 Proctorio | Proctorio Secret Key | proctorio_secret_key
 Pulumi | Pulumi Access Token | pulumi_access_token
 PyPI | PyPI API Token | pypi_api_token
+RubyGems | RubyGems API Key | rubygems_api_key
 Samsara | Samsara API Token | samsara_api_token
 Samsara | Samsara OAuth Access Token | samsara_oauth_access_token
 SendGrid | SendGrid API Key | sendgrid_api_key

lib/rest/static/decorated/api.github.com.json

@@ -22557,7 +22557,7 @@
       }
     ],
     "summary": "Delete a package for an organization",
-    "description": "Deletes an entire package in an organization. You cannot delete a public package if any version of the package has more than 25 downloads. In this scenario, contact GitHub support for further assistance.\n\nTo use this endpoint, you must have admin permissions in the organization and authenticate using an access token with the `packages:read` scope. In addition:\n- If `package_type` is not `container`, your token must also include the `repo` scope.\n- If `package_type` is `container`, you must also have admin permissions to the container you want to delete.",
+    "description": "Deletes an entire package in an organization. You cannot delete a public package if any version of the package has more than 5,000 downloads. In this scenario, contact GitHub support for further assistance.\n\nTo use this endpoint, you must have admin permissions in the organization and authenticate using an access token with the `packages:read` scope. In addition:\n- If `package_type` is not `container`, your token must also include the `repo` scope.\n- If `package_type` is `container`, you must also have admin permissions to the container you want to delete.",
     "tags": [
       "packages"
     ],
@@ -22600,7 +22600,7 @@
       }
     ],
     "bodyParameters": [],
-    "descriptionHTML": "<p>Deletes an entire package in an organization. You cannot delete a public package if any version of the package has more than 25 downloads. In this scenario, contact GitHub support for further assistance.</p>\n<p>To use this endpoint, you must have admin permissions in the organization and authenticate using an access token with the <code>packages:read</code> scope. In addition:</p>\n<ul>\n<li>If <code>package_type</code> is not <code>container</code>, your token must also include the <code>repo</code> scope.</li>\n<li>If <code>package_type</code> is <code>container</code>, you must also have admin permissions to the container you want to delete.</li>\n</ul>"
+    "descriptionHTML": "<p>Deletes an entire package in an organization. You cannot delete a public package if any version of the package has more than 5,000 downloads. In this scenario, contact GitHub support for further assistance.</p>\n<p>To use this endpoint, you must have admin permissions in the organization and authenticate using an access token with the <code>packages:read</code> scope. In addition:</p>\n<ul>\n<li>If <code>package_type</code> is not <code>container</code>, your token must also include the <code>repo</code> scope.</li>\n<li>If <code>package_type</code> is <code>container</code>, you must also have admin permissions to the container you want to delete.</li>\n</ul>"
   },
   {
     "verb": "post",
@@ -23013,7 +23013,7 @@
       }
     ],
     "summary": "Delete package version for an organization",
-    "description": "Deletes a specific package version in an organization. If the package is public and the package version has more than 25 downloads, you cannot delete the package version. In this scenario, contact GitHub support for further assistance.\n\nTo use this endpoint, you must have admin permissions in the organization and authenticate using an access token with the `packages:read` scope. In addition:\n- If `package_type` is not `container`, your token must also include the `repo` scope.\n- If `package_type` is `container`, you must also have admin permissions to the container you want to delete.",
+    "description": "Deletes a specific package version in an organization. If the package is public and the package version has more than 5,000 downloads, you cannot delete the package version. In this scenario, contact GitHub support for further assistance.\n\nTo use this endpoint, you must have admin permissions in the organization and authenticate using an access token with the `packages:read` scope. In addition:\n- If `package_type` is not `container`, your token must also include the `repo` scope.\n- If `package_type` is `container`, you must also have admin permissions to the container you want to delete.",
     "tags": [
       "packages"
     ],
@@ -23056,7 +23056,7 @@
       }
     ],
     "bodyParameters": [],
-    "descriptionHTML": "<p>Deletes a specific package version in an organization. If the package is public and the package version has more than 25 downloads, you cannot delete the package version. In this scenario, contact GitHub support for further assistance.</p>\n<p>To use this endpoint, you must have admin permissions in the organization and authenticate using an access token with the <code>packages:read</code> scope. In addition:</p>\n<ul>\n<li>If <code>package_type</code> is not <code>container</code>, your token must also include the <code>repo</code> scope.</li>\n<li>If <code>package_type</code> is <code>container</code>, you must also have admin permissions to the container you want to delete.</li>\n</ul>"
+    "descriptionHTML": "<p>Deletes a specific package version in an organization. If the package is public and the package version has more than 5,000 downloads, you cannot delete the package version. In this scenario, contact GitHub support for further assistance.</p>\n<p>To use this endpoint, you must have admin permissions in the organization and authenticate using an access token with the <code>packages:read</code> scope. In addition:</p>\n<ul>\n<li>If <code>package_type</code> is not <code>container</code>, your token must also include the <code>repo</code> scope.</li>\n<li>If <code>package_type</code> is <code>container</code>, you must also have admin permissions to the container you want to delete.</li>\n</ul>"
   },
   {
     "verb": "post",
@@ -89438,7 +89438,7 @@
       }
     ],
     "summary": "Delete a package for the authenticated user",
-    "description": "Deletes a package owned by the authenticated user. You cannot delete a public package if any version of the package has more than 25 downloads. In this scenario, contact GitHub support for further assistance.\n\nTo use this endpoint, you must authenticate using an access token with the `packages:read` and `packages:delete` scope.\nIf `package_type` is not `container`, your token must also include the `repo` scope.",
+    "description": "Deletes a package owned by the authenticated user. You cannot delete a public package if any version of the package has more than 5,000 downloads. In this scenario, contact GitHub support for further assistance.\n\nTo use this endpoint, you must authenticate using an access token with the `packages:read` and `packages:delete` scope.\nIf `package_type` is not `container`, your token must also include the `repo` scope.",
     "tags": [
       "packages"
     ],
@@ -89481,7 +89481,7 @@
       }
     ],
     "bodyParameters": [],
-    "descriptionHTML": "<p>Deletes a package owned by the authenticated user. You cannot delete a public package if any version of the package has more than 25 downloads. In this scenario, contact GitHub support for further assistance.</p>\n<p>To use this endpoint, you must authenticate using an access token with the <code>packages:read</code> and <code>packages:delete</code> scope.\nIf <code>package_type</code> is not <code>container</code>, your token must also include the <code>repo</code> scope.</p>"
+    "descriptionHTML": "<p>Deletes a package owned by the authenticated user. You cannot delete a public package if any version of the package has more than 5,000 downloads. In this scenario, contact GitHub support for further assistance.</p>\n<p>To use this endpoint, you must authenticate using an access token with the <code>packages:read</code> and <code>packages:delete</code> scope.\nIf <code>package_type</code> is not <code>container</code>, your token must also include the <code>repo</code> scope.</p>"
   },
   {
     "verb": "post",
@@ -89858,7 +89858,7 @@
       }
     ],
     "summary": "Delete a package version for the authenticated user",
-    "description": "Deletes a specific package version for a package owned by the authenticated user.  If the package is public and the package version has more than 25 downloads, you cannot delete the package version. In this scenario, contact GitHub support for further assistance.\n\nTo use this endpoint, you must have admin permissions in the organization and authenticate using an access token with the `packages:read` scope.\nIf `package_type` is not `container`, your token must also include the `repo` scope.",
+    "description": "Deletes a specific package version for a package owned by the authenticated user.  If the package is public and the package version has more than 5,000 downloads, you cannot delete the package version. In this scenario, contact GitHub support for further assistance.\n\nTo use this endpoint, you must have admin permissions in the organization and authenticate using an access token with the `packages:read` scope.\nIf `package_type` is not `container`, your token must also include the `repo` scope.",
     "tags": [
       "packages"
     ],
@@ -89901,7 +89901,7 @@
       }
     ],
     "bodyParameters": [],
-    "descriptionHTML": "<p>Deletes a specific package version for a package owned by the authenticated user.  If the package is public and the package version has more than 25 downloads, you cannot delete the package version. In this scenario, contact GitHub support for further assistance.</p>\n<p>To use this endpoint, you must have admin permissions in the organization and authenticate using an access token with the <code>packages:read</code> scope.\nIf <code>package_type</code> is not <code>container</code>, your token must also include the <code>repo</code> scope.</p>"
+    "descriptionHTML": "<p>Deletes a specific package version for a package owned by the authenticated user.  If the package is public and the package version has more than 5,000 downloads, you cannot delete the package version. In this scenario, contact GitHub support for further assistance.</p>\n<p>To use this endpoint, you must have admin permissions in the organization and authenticate using an access token with the <code>packages:read</code> scope.\nIf <code>package_type</code> is not <code>container</code>, your token must also include the <code>repo</code> scope.</p>"
   },
   {
     "verb": "post",