Merge branch 'main' into max/update-2fa

janiceilene · web-flow · commit d1552877372b · 2021-04-30T16:38:00.000-07:00
diff --git a/content/admin/configuration/configuring-data-encryption-for-your-enterprise.md b/content/admin/configuration/configuring-data-encryption-for-your-enterprise.md
@@ -16,56 +16,4 @@ versions:
 
 To provide a high level of security, {% data variables.product.product_name %} encrypts your data while at rest in the data centers and while your data is in transit between users' machines and the data centers.
 
-For encryption in transit, {% data variables.product.product_name %} uses Transport Layer Security (TLS). For encryption at rest, {% data variables.product.product_name %} provides a default RSA key. After you've initialized your enterprise, you can choose to provide your own key instead. Your key should be a 2048 bit RSA private key in PEM format.
-
-The key that you provide is stored in a FIPS 140-2 compliant hardware security module (HSM) in a key vault that {% data variables.product.company_short %} manages.
-
-To configure your encryption key, use the REST API. There are a number of API endpoints, for example to check the status of encryption, update your encryption key, and disable your encryption key. Note that disabling your key will freeze your enterprise. For more information about the API endpoints, see "[Encryption at rest](/rest/reference/enterprise-admin#encryption-at-rest)" in the REST API documentation.
-
-### Adding or updating an encryption key
-
-You can add a new encryption key as often as you need. When you add a new key, the old key is discarded. Your enterprise won't experience downtime when you update the key.
-
-Your 2048 bit RSA private key should be in PEM format, for example in a file called _private-key.pem_.
-   
-   ```
-   -----BEGIN RSA PRIVATE KEY-----
-   XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
-   XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
-   -----END RSA PRIVATE KEY-----
-   ```
-
-1. To add your key, use the `PATCH /enterprise/encryption` endpoint, replacing *~/private-key.pem* with the path to your private key.
-
-   ```shell
-   curl -X PATCH http(s)://<em>hostname</em>/api/v3/enterprise/encryption \
-     -d "{ \"key\": \"$(awk '{printf "%s\\n", $0}' ~/private-key.pem)\" }"
-   ```
-
-2. Optionally, check the status of the update operation.
-
-   ```shell
-   curl -X GET http(s)://<em>hostname</em>/api/v3/enterprise/encryption/status/<em>request_id</em>
-   ```
-
-### Disabling your encryption key
-
-To freeze your enterprise, for example in the case of a breach, you can disable encryption at rest by marking your encryption key as disabled.
-
-1. To disable your key and encryption at rest, use the `DELETE /enterprise/encryption` endpoint. This operation does not delete the key permanently.
-
-   ```shell
-   curl -X DELETE http(s)://<em>hostname</em>/api/v3/enterprise/encryption
-   ```
-
-2. Optionally, check the status of the delete operation. It takes approximately ten minutes to disable encryption at rest.
-
-   ```shell
-   curl -X GET http(s)://<em>hostname</em>/api/v3/enterprise/encryption/status/<em>request_id</em>
-   ```
-
-To unfreeze your enterprise after you've disabled your encryption key, contact support. For more information, see "[About {% data variables.contact.enterprise_support %}](/admin/enterprise-support/about-github-enterprise-support)."
-
-### Further reading
-
-- "[Encryption at rest](/rest/reference/enterprise-admin#encryption-at-rest)" in the REST API documentation 
+For encryption in transit, {% data variables.product.product_name %} uses Transport Layer Security (TLS). For encryption at rest, {% data variables.product.product_name %} provides a default RSA key. 
diff --git a/content/admin/overview/about-github-ae.md b/content/admin/overview/about-github-ae.md
@@ -21,7 +21,7 @@ All of your data is stored within the geographic region of your choosing. You ca
 
 ### Encryption on your terms 
 
-All customer data is encrypted at rest, and you can provide your own encryption key to encrypt your data under your encryption policies. You control your key and access to all of your data. For more information, see "[Configuring data encryption for your enterprise](/admin/configuration/configuring-data-encryption-for-your-enterprise)."
+All customer data is encrypted at rest. For more information, see "[Configuring data encryption for your enterprise](/admin/configuration/configuring-data-encryption-for-your-enterprise)."
 
 ### Isolated accounts
 
diff --git a/content/github/collaborating-with-issues-and-pull-requests/about-collaborative-development-models.md b/content/github/collaborating-with-issues-and-pull-requests/about-collaborative-development-models.md
@@ -1,6 +1,6 @@
 ---
 title: About collaborative development models
-intro: The way you use pull requests depends on the type of development model you use in your project.
+intro: The way you use pull requests depends on the type of development model you use in your project. You can use the fork and pull model or the shared repository model.
 redirect_from:
   - /articles/types-of-collaborative-development-models/
   - /articles/about-collaborative-development-models
@@ -12,15 +12,19 @@ topics:
   - pull requests
 ---
 
-There are two main types of development models with which you'd use pull requests. In the *fork and pull model*, anyone can fork an existing repository and push changes to their personal fork. You do not need permission to the source repository to push to a user-owned fork. The changes can be pulled into the source repository by the project maintainer. When you open a pull request proposing changes from your user-owned fork to a branch in the source (upstream) repository, you can allow anyone with push access to the upstream repository to make changes to your pull request.  This model is popular with open source projects as it reduces the amount of friction for new contributors and allows people to work independently without upfront coordination.
+### Fork and pull model
+
+In the fork and pull model, anyone can fork an existing repository and push changes to their personal fork. You do not need permission to the source repository to push to a user-owned fork. The changes can be pulled into the source repository by the project maintainer. When you open a pull request proposing changes from your user-owned fork to a branch in the source (upstream) repository, you can allow anyone with push access to the upstream repository to make changes to your pull request.  This model is popular with open source projects as it reduces the amount of friction for new contributors and allows people to work independently without upfront coordination.
 
 {% tip %}
 
 **Tip:** {% data reusables.open-source.open-source-guide-general %} {% data reusables.open-source.open-source-learning-lab %}
 
 {% endtip %}
 
-In the *shared repository model*, collaborators are granted push access to a single shared repository and topic branches are created when changes need to be made. Pull requests are useful in this model as they initiate code review and general discussion about a set of changes before the changes are merged into the main development branch. This model is more prevalent with small teams and organizations collaborating on private projects.
+### Shared repository model
+
+In the shared repository model, collaborators are granted push access to a single shared repository and topic branches are created when changes need to be made. Pull requests are useful in this model as they initiate code review and general discussion about a set of changes before the changes are merged into the main development branch. This model is more prevalent with small teams and organizations collaborating on private projects.
 
 ### Further reading
 
diff --git a/content/rest/reference/enterprise-admin.md b/content/rest/reference/enterprise-admin.md
@@ -154,20 +154,6 @@ Name | Type | Description
 {% endfor %}
 
 {% endif %}
-
-{% if currentVersion == "github-ae@latest" %}
-
-## Encryption at rest
-
-You can use the encryption at rest API to manage the key that encrypts your data on {% data variables.product.product_name %}.
-For more information, see "[Configuring data encryption for your enterprise](/admin/configuration/configuring-data-encryption-for-your-enterprise)."
-
-{% for operation in currentRestOperations %}
-  {% if operation.subcategory == 'encryption-at-rest' %}{% include rest_operation %}{% endif %}
-{% endfor %}
-
-{% endif %}
-
 {% if currentVersion == "github-ae@latest" or enterpriseServerVersions contains currentVersion %}
 ## Admin stats
 
diff --git a/lib/webhooks/static/dotcom/repository_vulnerability_alert.create.payload.json b/lib/webhooks/static/dotcom/repository_vulnerability_alert.create.payload.json
@@ -7,6 +7,7 @@
     "fixed_in": "2.0.6",
     "external_reference": "https://nvd.nist.gov/vuln/detail/CVE-2018-16470",
     "external_identifier": "CVE-2018-16470",
+    "severity": "moderate",
     "ghsa_id": "GHSA-hg78-4f6x-99wq",
     "created_at": "2021-03-01T01:23:45Z"
   },
diff --git a/lib/webhooks/static/dotcom/repository_vulnerability_alert.dismiss.payload.json b/lib/webhooks/static/dotcom/repository_vulnerability_alert.dismiss.payload.json
@@ -7,6 +7,7 @@
     "fixed_in": "0.2.5",
     "external_reference": "https://nvd.nist.gov/vuln/detail/CVE-2018-3728",
     "external_identifier": "CVE-2018-3728",
+    "severity": "moderate",
     "ghsa_id": "GHSA-jp4x-w63m-7wgm",
     "created_at": "2017-10-24T00:00:00Z",
     "dismisser": {
