Merge branch 'main' into scheduled-workflow-tests

Author: heiskr

app.json

@@ -12,7 +12,7 @@
   "formation": {
     "web": {
       "quantity": 1,
-      "size": "standard-2x"
+      "size": "standard-1x"
     }
   }
 }

content/actions/creating-actions/setting-exit-codes-for-actions.md

@@ -23,7 +23,7 @@ type: 'how_to'
 Exit status | Check run status | Description
 ------------|------------------|------------
 `0` | `success` | The action completed successfully and other tasks that depends on it can begin.
-Nonzero value | `failure` | Any other exit code indicates the action failed. When an action fails, all concurrent actions are canceled and future actions are skipped. The check run and check suite both get a `failure` status.
+Nonzero value (any integer but 0)| `failure` | Any other exit code indicates the action failed. When an action fails, all concurrent actions are canceled and future actions are skipped. The check run and check suite both get a `failure` status.
 
 ### Setting a failure exit code in a JavaScript action
 
@@ -43,13 +43,11 @@ For more information, see "[Creating a JavaScript action](/articles/creating-a-j
 
 If you are creating a Docker container action, you can set a failure exit code in your `entrypoint.sh` script. For example:
 
-{% raw %}
 ```
 if <condition> ; then
   echo "Game over!"
   exit 1
 fi
 ```
-{% endraw %}
 
 For more information, see "[Creating a Docker container action](/articles/creating-a-docker-container-action)."

content/actions/guides/building-and-testing-net.md

@@ -246,7 +246,7 @@ jobs:
         source-url: https://nuget.pkg.github.com/<owner>/index.json
     env:
         NUGET_AUTH_TOKEN: ${{secrets.GITHUB_TOKEN}}
-    - run: dotnet build <my project>
+    - run: dotnet build --configuration Release <my project>
     - name: Create the package
     run: dotnet pack --configuration Release <my project>
     - name: Publish the package to GPR

content/admin/enterprise-management/increasing-cpu-or-memory-resources.md

@@ -30,14 +30,11 @@ Before increasing CPU or memory resources for {% data variables.product.product_
 #### Supported AWS instance types
 
 You need to determine the instance type you would like to upgrade to based on CPU/memory specifications.
-{% data reusables.enterprise_installation.aws-supported-instance-types %}
-
-#### Recommended AWS instance types
-
-{% data reusables.enterprise_installation.aws-recommended-instance-types %}
 
 {% data reusables.enterprise_installation.warning-on-scaling %}
 
+{% data reusables.enterprise_installation.aws-instance-recommendation %}
+
 #### Resizing for AWS
 
 {% note %}

content/admin/installation/installing-github-enterprise-server-on-aws.md

@@ -33,18 +33,12 @@ This guide assumes you are familiar with the following AWS concepts:
 
 ### Determining the instance type
 
-Before launching {% data variables.product.product_location %} on AWS, you'll need to determine the type of virtual machine that best fits the needs of your organization.
-
-#### Supported instance types
-
-{% data reusables.enterprise_installation.aws-supported-instance-types %}
-
-#### Recommended instance types
-
-{% data reusables.enterprise_installation.aws-recommended-instance-types %}
+Before launching {% data variables.product.product_location %} on AWS, you'll need to determine the machine type that best fits the needs of your organization. To review the minimum requirements for {% data variables.product.product_name %}, see "[Minimum requirements](#minimum-requirements)."
 
 {% data reusables.enterprise_installation.warning-on-scaling %}
 
+{% data reusables.enterprise_installation.aws-instance-recommendation %}
+
 ### Selecting the {% data variables.product.prodname_ghe_server %} AMI
 
 You can select an Amazon Machine Image (AMI) for {% data variables.product.prodname_ghe_server %} using the {% data variables.product.prodname_ghe_server %} portal or the AWS CLI.

content/admin/installation/installing-github-enterprise-server-on-azure.md

@@ -24,26 +24,15 @@ You can deploy {% data variables.product.prodname_ghe_server %} on global Azure
 
 ### Determining the virtual machine type
 
-Before launching {% data variables.product.product_location %} on Azure, you'll need to determine the type of virtual machine that best fits the needs of your organization.
+Before launching {% data variables.product.product_location %} on Azure, you'll need to determine the machine type that best fits the needs of your organization. To review the minimum requirements for {% data variables.product.product_name %}, see "[Minimum requirements](#minimum-requirements)."
 
-#### Supported VM types and regions
-
-The {% data variables.product.prodname_ghe_server %} appliance requires a premium storage data disk, and is supported on any Azure VM that supports premium storage. For more information, see "[Supported VMs](https://docs.microsoft.com/azure/storage/common/storage-premium-storage#supported-vms)" in the Azure documentation. For general information about available VMs, see [the Azure virtual machines overview page](https://azure.microsoft.com/pricing/details/virtual-machines/#Linux).
-
-{% data variables.product.prodname_ghe_server %} supports any region that supports your VM type. For more information about the supported regions for each VM, see Azure's "[Products available by region](https://azure.microsoft.com/regions/services/)."
-
-#### Recommended VM types
+{% data reusables.enterprise_installation.warning-on-scaling %}
 
-We recommend you use a DS v2 instance type with at least 14 GB of RAM. You can use any supported VM type. Based on your user license count, we recommend the following instance types.
+The {% data variables.product.prodname_ghe_server %} appliance requires a premium storage data disk, and is supported on any Azure VM that supports premium storage. Azure VM types with the `s` suffix support premium storage. For more information, see "[What disk types are available in Azure?](https://docs.microsoft.com/en-us/azure/virtual-machines/disks-types#premium-ssd)" and "[Azure premium storage: design for high performance](https://docs.microsoft.com/en-us/azure/virtual-machines/premium-storage-performance)" in the Azure documentation.
 
-| Seats        | Recommended type |
-|:------------:|:----------------:|
-| Trial, demo, or 10 light users | Standard_DS11_v2  |
-| 10 - 3000    | Standard_DS12_v2 |
-| 3000 - 8000  | Standard_DS14_v2 |
-| 8000 - 10000+ | Standard_DS15_v2 |
+{% data variables.product.company_short %} recommends a memory-optimized VM for {% data variables.product.prodname_ghe_server %}. For more information, see "[Memory optimized virtual machine sizes](https://docs.microsoft.com/en-us/azure/virtual-machines/sizes-memory)" in the Azure documentation.
 
-{% data reusables.enterprise_installation.warning-on-scaling %}
+{% data variables.product.prodname_ghe_server %} supports any region that supports your VM type. For more information about the supported regions for each VM, see Azure's "[Products available by region](https://azure.microsoft.com/regions/services/)."
 
 ### Creating the {% data variables.product.prodname_ghe_server %} virtual machine
 

content/admin/installation/installing-github-enterprise-server-on-google-cloud-platform.md

@@ -22,35 +22,12 @@ topics:
 
 ### Determining the machine type
 
-Before launching {% data variables.product.product_location %} on Google Cloud Platform, you'll need to determine the machine type that best fits the needs of your organization.
-
-#### Supported machine types
-
-{% data variables.product.prodname_ghe_server %} is supported on the following Google Compute Engine (GCE) machine types. For more information, see [the Google Cloud Platform machine types article](https://cloud.google.com/compute/docs/machine-types).
-
-| High-memory   |
-| ------------- |
-| n1-highmem-4  |
-| n1-highmem-8  |
-| n1-highmem-16 |
-| n1-highmem-32 |
-| n1-highmem-64 |
-| n1-highmem-96 |
-
-#### Recommended machine types
-
-Based on your user license count, we recommend these machine types.
-
-| Seats         | Recommended type |
-|:-------------:|:----------------:|
-| Trial, demo, or 10 light users | n1-standard-4    |
-| 10 - 3000     | n1-standard-8    |
-| 3000 - 5000   | n1-highmem-8     |
-| 5000 - 8000   | n1-highmem-16    |
-| 8000 - 10000+ | n1-highmem-32    |
+Before launching {% data variables.product.product_location %} on Google Cloud Platform, you'll need to determine the machine type that best fits the needs of your organization. To review the minimum requirements for {% data variables.product.product_name %}, see "[Minimum requirements](#minimum-requirements)."
 
 {% data reusables.enterprise_installation.warning-on-scaling %}
 
+{% data variables.product.company_short %} recommends a general-purpose, high-memory machine for {% data variables.product.prodname_ghe_server %}. For more information, see "[Machine types](https://cloud.google.com/compute/docs/machine-types#n2_high-memory_machine_types)" in the Google Compute Engine documentation.
+
 ### Selecting the {% data variables.product.prodname_ghe_server %} image
 
 1. Using the [gcloud compute](https://cloud.google.com/compute/docs/gcloud-compute/) command-line tool, list the public {% data variables.product.prodname_ghe_server %} images:

content/code-security/getting-started/about-securing-your-repository.md

@@ -69,7 +69,7 @@ These features are available {% if currentVersion == "free-pro-team@latest" %}fo
 {% endif %}
 
 {% if currentVersion == "free-pro-team@latest" %}
-- **Dependency review** - Show the full impact of changes to dependencies and see details of any vulnerable versions before you merge a pull request. For more information, see "[Reviewing dependency changes in a pull request](/github/collaborating-with-issues-and-pull-requests/reviewing-dependency-changes-in-a-pull-request)."
+- **Dependency review** - Show the full impact of changes to dependencies and see details of any vulnerable versions before you merge a pull request. For more information, see "[About dependency review](/code-security/supply-chain-security/about-dependency-review)."
 {% endif %}
 
 {% if currentVersion != "github-ae@latest" %}

content/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies.md

@@ -24,8 +24,7 @@ When your code depends on a package that has a security vulnerability, this vuln
  {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.21" %}{% data variables.product.prodname_dependabot %} detects vulnerable dependencies and sends {% data variables.product.prodname_dependabot_alerts %}{% else %}{% data variables.product.product_name %} detects vulnerable dependencies and sends security alerts{% endif %} when:
 
 {% if currentVersion == "free-pro-team@latest" %}
-- A new vulnerability is added to the {% data variables.product.prodname_advisory_database %}. For more information, see "[Browsing security vulnerabilities in the {% data variables.product.prodname_advisory_database %}](/github/managing-security-vulnerabilities/browsing-security-vulnerabilities-in-the-github-advisory-database)."
-- New vulnerability data from [WhiteSource](https://www.whitesourcesoftware.com/vulnerability-database) is processed.{% else %}
+- A new vulnerability is added to the {% data variables.product.prodname_advisory_database %}. For more information, see "[Browsing security vulnerabilities in the {% data variables.product.prodname_advisory_database %}](/github/managing-security-vulnerabilities/browsing-security-vulnerabilities-in-the-github-advisory-database)."{% else %}
 - New advisory data is synchronized to {% data variables.product.prodname_ghe_server %} each hour from {% data variables.product.prodname_dotcom_the_website %}. For more information about advisory data, see "<a href="/github/managing-security-vulnerabilities/browsing-security-vulnerabilities-in-the-github-advisory-database" class="dotcom-only">Browsing security vulnerabilities in the {% data variables.product.prodname_advisory_database %}</a>."{% endif %}
 - The dependency graph for a repository changes. For example, when a contributor pushes a commit to change the packages or versions it depends on{% if currentVersion == "free-pro-team@latest" %}, or when the code of one of the dependencies changes{% endif %}. For more information, see "[About the dependency graph](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph)."
 

content/code-security/supply-chain-security/about-dependency-review.md

@@ -0,0 +1,33 @@
+---
+title: About dependency review
+intro: 'Dependency review lets you catch vulnerable dependencies before you introduce them to your environment, and provides information on license, dependents, and age of dependencies.'
+versions:
+  free-pro-team: '*'
+topics:
+  - pull requests
+---
+
+{% note %}
+
+**Note:** Dependency review is currently in beta and subject to change.
+
+{% endnote %}
+
+### About dependency review
+
+{% data reusables.dependency-review.feature-overview %}
+
+If a pull request targets your repository's default branch and contains changes to package manifests or lock files, you can display a dependency review to see what has changed. The dependency review includes details of changes to indirect dependencies in lock files, and it tells you if any of the added or updated dependencies contain known vulnerabilities.
+
+Dependency review is available in:
+
+* All public repositories. 
+* Private repositories owned by organizations with an {% data variables.product.prodname_advanced_security %} license that have the dependency graph enabled. For more information, see "[Exploring the dependencies of a repository](/github/visualizing-repository-data-with-graphs/exploring-the-dependencies-of-a-repository#enabling-and-disabling-the-dependency-graph-for-a-private-repository)."
+
+Sometimes you might just want to update the version of one dependency in a manifest and generate a pull request. However, if the updated version of this direct dependency also has updated dependencies, your pull request may have more changes than you expected. The dependency review for each manifest and lock file provides an easy way to see what has changed, and whether any of the new dependency versions contain known vulnerabilities.
+
+By checking the dependency reviews in a pull request, and changing any dependencies that are flagged as vulnerable, you can avoid vulnerabilities being added to your project. For more information about how dependency review works, see "[Reviewing dependency changes in a pull request](/github/collaborating-with-issues-and-pull-requests/reviewing-dependency-changes-in-a-pull-request)."
+
+{% data variables.product.prodname_dependabot_alerts %} will find vulnerabilities that are already in your dependencies, but it's much better to avoid introducing potential problems than to fix problems at a later date. For more information about {% data variables.product.prodname_dependabot_alerts %}, see "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies#dependabot-alerts-for-vulnerable-dependencies)."
+
+Dependency review supports the same languages and package management ecosystems as the dependency graph. For more information, see "[About the dependency graph](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph#supported-package-ecosystems)."