Merge branch 'main' of github.com:github/docs-internal into build-changelog

Author: sarahs

.github/allowed-actions.js

@@ -24,7 +24,7 @@ module.exports = [
   'lee-dohm/close-matching-issues@22002609b2555fe18f52b8e2e7c07cbf5529e8a8',
   'pascalgn/automerge-action@c9bd182',
   'peter-evans/create-issue-from-file@a04ce672e3acedb1f8e416b46716ddfd09905326',
-  'peter-evans/create-or-update-project-card@80140aaeb9730972a83c626031250621fe8f6670',
+  'peter-evans/create-or-update-comment@5221bf4aa615e5c6e95bb142f9673a9c791be2cd',
   'peter-evans/create-pull-request@938e6aea6f8dbdaced2064e948cb806c77fe87b8',
   'rachmari/actions-add-new-issue-to-column@1a459ef92308ba7c9c9dc2fcdd72f232495574a9',
   'rachmari/labeler@832d42ec5523f3c6d46e8168de71cd54363e3e2e',

.github/workflows/check-all-english-links.yml

@@ -19,7 +19,6 @@ jobs:
       - name: Run script
         run: |
           script/check-english-links.js > broken_links.md
-          echo -e '\ncc @github/docs-content'>> broken_links.md
       - if: ${{ failure() }}
         name: Get title for issue
         id: check
@@ -28,7 +27,7 @@ jobs:
         name: Close previous report
         uses: lee-dohm/close-matching-issues@22002609b2555fe18f52b8e2e7c07cbf5529e8a8
         with:
-          query: 'label:"broken+link+report"'
+          query: 'label:"broken link report"'
           token: ${{ secrets.DOCUBOT_FR_PROJECT_BOARD_WORKFLOWS_REPO_ORG_READ_SCOPES }}
       - if: ${{ failure() }}
         name: Create issue from file
@@ -40,11 +39,10 @@ jobs:
           content-filepath: ./broken_links.md
           labels: broken link report
       - if: ${{ failure() }}
-        name: Add issue to FR project board
-        uses: peter-evans/create-or-update-project-card@80140aaeb9730972a83c626031250621fe8f6670
+        name: Add comment to issue
+        uses: peter-evans/create-or-update-comment@5221bf4aa615e5c6e95bb142f9673a9c791be2cd
         with:
-          project-repository: 'github'
-          project-number: '1367'
-          column-name: 'Docs-content FR issues'
+          body: |
+            cc @github/docs-content
           issue-number: ${{ steps.broken-link-report.outputs.issue-number }}
           token: ${{ secrets.DOCUBOT_FR_PROJECT_BOARD_WORKFLOWS_REPO_ORG_READ_SCOPES }}

content/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning.md

@@ -52,6 +52,32 @@ The default {% data variables.product.prodname_codeql_workflow %} uses the `pull
 
 For more information about the `pull_request` event, see "[Workflow syntax for {% data variables.product.prodname_actions %}](/actions/reference/workflow-syntax-for-github-actions#onpushpull_requestbranchestags)."
 
+#### Avoiding unnecessary scans of pull requests
+
+You might want to avoid a code scan being triggered on specific pull requests targeted against the default branch, irrespective of which files have been changed. You can configure this by specifying `on:pull_request:paths-ignore` or `on:pull_request:paths` in the {% data variables.product.prodname_code_scanning %} workflow. For example, if the only changes in a pull request are to files with the file extensions `.md` or `.txt` you can use the following `paths-ignore` array.
+
+``` yaml
+on:
+  push:
+    branches: [main, protected]
+  pull_request:
+    branches: [main]
+    paths-ignore:
+      - '**/*.md'
+      - '**/*.txt'
+```
+
+{% note %}
+
+**Notes**
+
+* `on:pull_request:paths-ignore` and `on:pull_request:paths` set conditions that determine whether the actions in the workflow will run on a pull request. They don't determine what files will be analyzed when the actions _are_ run. When a pull request contains any files that are not matched by `on:pull_request:paths-ignore` or `on:pull_request:paths`, the workflow runs the actions and scans all of the files changed in the pull request, including those matched by `on:pull_request:paths-ignore` or `on:pull_request:paths`, unless the files have been excluded. For information on how to exclude files from analysis, see "[Specifying directories to scan](#specifying-directories-to-scan)."
+* For {% data variables.product.prodname_codeql %} {% data variables.product.prodname_code_scanning %} workflow files, don't use the `paths-ignore` or `paths` keywords with the `on:push` event as this is likely to cause missing analyses. For accurate results, {% data variables.product.prodname_codeql %} {% data variables.product.prodname_code_scanning %} needs to be able to compare new changes with the analysis of the previous commit.
+
+{% endnote %}
+
+For more information about using `on:pull_request:paths-ignore` and `on:pull_request:paths` to determine when a workflow will run for a pull request, see "[Workflow syntax for {% data variables.product.prodname_actions %}](/actions/reference/workflow-syntax-for-github-actions#onpushpull_requestpaths)."
+
 #### Scanning on a schedule
 
 If you use the default {% data variables.product.prodname_codeql_workflow %}, the workflow will scan the code in your repository once a week, in addition to the scans triggered by events. To adjust this schedule, edit the `cron` value in the workflow. For more information, see "[Workflow syntax for {% data variables.product.prodname_actions %}](/actions/reference/workflow-syntax-for-github-actions#onschedule)."
@@ -235,13 +261,13 @@ If you only want to run custom queries, you can disable the default security que
 
 #### Specifying directories to scan
 
-For the interpreted languages that {% data variables.product.prodname_codeql %} supports (Python and JavaScript/TypeScript), you can restrict {% data variables.product.prodname_code_scanning %} to files in specific directories by adding a `paths` array to the configuration file. You can exclude the files in specific directories from scans by adding a `paths-ignore` array.
+For the interpreted languages that {% data variables.product.prodname_codeql %} supports (Python and JavaScript/TypeScript), you can restrict {% data variables.product.prodname_code_scanning %} to files in specific directories by adding a `paths` array to the configuration file. You can exclude the files in specific directories from analysis by adding a `paths-ignore` array.
 
 ``` yaml
-paths: 
+paths:
   - src 
 paths-ignore: 
-  - node_modules
+  - src/node_modules
   - '**/*.test.js'
 ```
 
@@ -254,7 +280,7 @@ paths-ignore:
 
 {% endnote %}
 
-For C/C++, C#, and Java, if you want to limit {% data variables.product.prodname_code_scanning %} to specific directories in your project, you must specify appropriate build steps in the workflow. The commands you need to use to exclude a directory from the build will depend on your build system. For more information, see "[Configuring the {% data variables.product.prodname_codeql %} workflow for compiled languages](/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-the-codeql-workflow-for-compiled-languages#adding-build-steps-for-a-compiled-language)."
+For compiled languages, if you want to limit {% data variables.product.prodname_code_scanning %} to specific directories in your project, you must specify appropriate build steps in the workflow. The commands you need to use to exclude a directory from the build will depend on your build system. For more information, see "[Configuring the {% data variables.product.prodname_codeql %} workflow for compiled languages](/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-the-codeql-workflow-for-compiled-languages#adding-build-steps-for-a-compiled-language)."
 
 You can quickly analyze small portions of a monorepo when you modify code in specific directories. You'll need to both exclude directories in your build steps and use the `paths-ignore` and `paths` keywords for [`on.<push|pull_request>`](/actions/reference/workflow-syntax-for-github-actions#onpushpull_requestpaths) in your workflow.
 

content/github/managing-subscriptions-and-notifications-on-github/viewing-your-subscriptions.md

@@ -41,7 +41,7 @@ To see an overview of your repository subscriptions, see "[Reviewing repositorie
 {% endtip %}
 {% endif %}
 
-Many people forget about repositories that they've chosen to watch in the past. From the "Watched repositories" page you can quickly unwatch repositories. For more information on ways to unsubscribe, see "[Unwatch recommendations](https://github.blog/changelog/2020-11-10-unwatch-recommendations/)" on {% data variables.product.prodname_blog %} and "[Managing your subscriptions](/github/managing-subscriptions-and-notifications-on-github/managing-your-subscriptions)." You can also create a triage worflow to help with the notifications you receive. For guidance on triage workflows, see "[Customizing a workflow for triaging your notifications](/github/managing-subscriptions-and-notifications-on-github/customizing-a-workflow-for-triaging-your-notifications)."
+Many people forget about repositories that they've chosen to watch in the past. From the "Watched repositories" page you can quickly unwatch repositories. For more information on ways to unsubscribe, see "[Unwatch recommendations](https://github.blog/changelog/2020-11-10-unwatch-recommendations/)" on {% data variables.product.prodname_blog %} and "[Managing your subscriptions](/github/managing-subscriptions-and-notifications-on-github/managing-your-subscriptions)." You can also create a triage workflow to help with the notifications you receive. For guidance on triage workflows, see "[Customizing a workflow for triaging your notifications](/github/managing-subscriptions-and-notifications-on-github/customizing-a-workflow-for-triaging-your-notifications)."
 
 ### Reviewing all of your subscriptions
 

content/github/managing-your-work-on-github/about-labels.md

@@ -14,7 +14,7 @@ versions:
 
 ### Table of Contents
 
-{% topic_link_in_list /managing-your-work-with-issues %}
+{% topic_link_in_list /managing-your-work-with-issues-and-pull-requests %}
     {% link_in_list /about-issues %}
     {% link_in_list /creating-an-issue %}
 <!-- if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.15" -->
@@ -27,6 +27,7 @@ versions:
     {% link_in_list /pinning-an-issue-to-your-repository %}
 <!-- endif -->
     {% link_in_list /creating-a-permanent-link-to-a-code-snippet %}
+    {% link_in_list /managing-labels %}
     {% link_in_list /about-task-lists %}
     {% link_in_list /about-automation-for-issues-and-pull-requests-with-query-parameters %}
     {% link_in_list /file-attachments-on-issues-and-pull-requests %}
@@ -35,12 +36,6 @@ versions:
     {% link_in_list /disabling-issues %}
     {% link_in_list /linking-a-pull-request-to-an-issue %}
     {% link_in_list /about-duplicate-issues-and-pull-requests %}
-{% topic_link_in_list /labeling-issues-and-pull-requests %}
-    {% link_in_list /about-labels %}
-    {% link_in_list /creating-a-label %}
-    {% link_in_list /applying-labels-to-issues-and-pull-requests %}
-    {% link_in_list /editing-a-label %}
-    {% link_in_list /deleting-a-label %}
 {% topic_link_in_list /managing-project-boards %}
     {% link_in_list /about-project-boards %}
     {% link_in_list /creating-a-project-board %}