nopcoder
diff --git a/‎components/guides/ProductGuides.tsx
Lines changed: 21 additions & 19 deletions b/‎components/guides/ProductGuides.tsx
Lines changed: 21 additions & 19 deletions
diff --git a/‎components/landing/ProductLanding.tsx
Lines changed: 41 additions & 39 deletions b/‎components/landing/ProductLanding.tsx
Lines changed: 41 additions & 39 deletions
diff --git a/‎content/admin/identity-and-access-management/managing-iam-for-your-enterprise/username-considerations-for-external-authentication.md
Lines changed: 1 addition & 1 deletion b/‎content/admin/identity-and-access-management/managing-iam-for-your-enterprise/username-considerations-for-external-authentication.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎content/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/about-enterprise-managed-users.md
Lines changed: 1 addition & 1 deletion b/‎content/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/about-enterprise-managed-users.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-the-codeql-workflow-for-compiled-languages.md
Lines changed: 2 additions & 1 deletion b/‎content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-the-codeql-workflow-for-compiled-languages.md
Lines changed: 2 additions & 1 deletion
diff --git a/‎content/code-security/dependabot/dependabot-alerts/browsing-security-advisories-in-the-github-advisory-database.md
Lines changed: 2 additions & 1 deletion b/‎content/code-security/dependabot/dependabot-alerts/browsing-security-advisories-in-the-github-advisory-database.md
Lines changed: 2 additions & 1 deletion
diff --git a/‎content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md
Lines changed: 1 addition & 9 deletions b/‎content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md
Lines changed: 1 addition & 9 deletions
diff --git a/‎content/code-security/supply-chain-security/understanding-your-software-supply-chain/using-the-dependency-submission-api.md
Lines changed: 1 addition & 1 deletion b/‎content/code-security/supply-chain-security/understanding-your-software-supply-chain/using-the-dependency-submission-api.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎content/developers/overview/secret-scanning-partner-program.md
Lines changed: 41 additions & 19 deletions b/‎content/developers/overview/secret-scanning-partner-program.md
Lines changed: 41 additions & 19 deletions
diff --git a/‎content/get-started/writing-on-github/working-with-saved-replies/about-saved-replies.md
Lines changed: 1 addition & 1 deletion b/‎content/get-started/writing-on-github/working-with-saved-replies/about-saved-replies.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎content/issues/planning-and-tracking-with-projects/automating-your-project/using-the-api-to-manage-projects.md
Lines changed: 4 additions & 4 deletions b/‎content/issues/planning-and-tracking-with-projects/automating-your-project/using-the-api-to-manage-projects.md
Lines changed: 4 additions & 4 deletions
@@ -17,26 +17,28 @@ export const ProductGuides = () => {
         <GuidesHero />
       </LandingSection>
 
-      {learningTracks && learningTracks.length > 0 && (
-        <LandingSection
-          title={`${title} learning paths`}
-          className="border-top py-6"
-          sectionLink="learning-paths"
-          description={t('learning_paths_desc')}
-        >
-          <LearningTracks />
-        </LandingSection>
-      )}
+      <div data-search="article-body">
+        {learningTracks && learningTracks.length > 0 && (
+          <LandingSection
+            title={`${title} learning paths`}
+            className="border-top py-6"
+            sectionLink="learning-paths"
+            description={t('learning_paths_desc')}
+          >
+            <LearningTracks />
+          </LandingSection>
+        )}
 
-      {includeGuides && (
-        <LandingSection
-          title={`All ${title} guides`}
-          className="border-top py-6 color-border-default"
-          sectionLink="all-guides"
-        >
-          <ArticleCards />
-        </LandingSection>
-      )}
+        {includeGuides && (
+          <LandingSection
+            title={`All ${title} guides`}
+            className="border-top py-6 color-border-default"
+            sectionLink="all-guides"
+          >
+            <ArticleCards />
+          </LandingSection>
+        )}
+      </div>
     </DefaultLayout>
   )
 }
@@ -28,53 +28,55 @@ export const ProductLanding = () => {
 
   return (
     <DefaultLayout>
-      <LandingSection className="pt-3">
-        <LandingHero />
-      </LandingSection>
-
-      <LandingSection>
-        <FeaturedArticles />
-      </LandingSection>
-
-      {productCodeExamples.length > 0 && (
-        <LandingSection
-          title={t('code_examples')}
-          sectionLink="code-examples"
-          className="my-6 pb-6"
-        >
-          <CodeExamples />
+      <div data-search="article-body">
+        <LandingSection className="pt-3">
+          <LandingHero />
         </LandingSection>
-      )}
 
-      {productCommunityExamples.length > 0 && (
-        <LandingSection title={t('communities_using_discussions')} className="my-6 pb-6">
-          <CommunityExamples />
+        <LandingSection>
+          <FeaturedArticles />
         </LandingSection>
-      )}
 
-      {productUserExamples.length > 0 && (
-        <LandingSection title={t('sponsor_community')} className="my-6 pb-6">
-          <SponsorsExamples />
-        </LandingSection>
-      )}
+        {productCodeExamples.length > 0 && (
+          <LandingSection
+            title={t('code_examples')}
+            sectionLink="code-examples"
+            className="my-6 pb-6"
+          >
+            <CodeExamples />
+          </LandingSection>
+        )}
 
-      {router.query.productId === 'admin' && isEnterpriseServer && (
-        <LandingSection title={t('supported_releases')} className="my-6 pb-6">
-          <ProductReleases />
-        </LandingSection>
-      )}
+        {productCommunityExamples.length > 0 && (
+          <LandingSection title={t('communities_using_discussions')} className="my-6 pb-6">
+            <CommunityExamples />
+          </LandingSection>
+        )}
+
+        {productUserExamples.length > 0 && (
+          <LandingSection title={t('sponsor_community')} className="my-6 pb-6">
+            <SponsorsExamples />
+          </LandingSection>
+        )}
 
-      {featuredLinks.guideCards?.length > 0 && (
-        <div className="color-bg-subtle py-6">
-          <LandingSection title={t('guides')} sectionLink="guides-2" className="my-6">
-            <GuideCards />
+        {router.query.productId === 'admin' && isEnterpriseServer && (
+          <LandingSection title={t('supported_releases')} className="my-6 pb-6">
+            <ProductReleases />
           </LandingSection>
-        </div>
-      )}
+        )}
 
-      <LandingSection title={`All ${shortTitle} docs`} sectionLink="all-docs" className="pt-9">
-        <ProductArticlesList />
-      </LandingSection>
+        {featuredLinks.guideCards?.length > 0 && (
+          <div className="color-bg-subtle py-6">
+            <LandingSection title={t('guides')} sectionLink="guides-2" className="my-6">
+              <GuideCards />
+            </LandingSection>
+          </div>
+        )}
+
+        <LandingSection title={`All ${shortTitle} docs`} sectionLink="all-docs" className="pt-9">
+          <ProductArticlesList />
+        </LandingSection>
+      </div>
     </DefaultLayout>
   )
 }
@@ -36,7 +36,7 @@ When you use external authentication, {% data variables.product.product_location
 
 If you use an enterprise with {% data variables.product.prodname_emus %}, members of your enterprise authenticate to access {% data variables.product.prodname_dotcom %} through your SAML identity provider (IdP). For more information, see "[About {% data variables.product.prodname_emus %}](/admin/identity-and-access-management/using-enterprise-managed-users-and-saml-for-iam/about-enterprise-managed-users)" and "[About authentication for your enterprise](/admin/identity-and-access-management/managing-iam-for-your-enterprise/about-authentication-for-your-enterprise#authentication-methods-for-github-enterprise-server)."
 
-{% data variables.product.product_name %} automatically creates a username for each person when their user account is provisioned via SCIM, by normalizing an identifier provided by your IdP. If multiple identifiers are normalized into the same username, a username conflict occurs, and only the first user account is created. You can resolve username conflicts by making a change in your IdP so that the normalized usernames will be unique.
+{% data variables.product.product_name %} automatically creates a username for each person when their user account is provisioned via SCIM, by normalizing an identifier provided by your IdP. If multiple identifiers are normalized into the same username, a username conflict occurs, and only the first user account is created. {% data reusables.enterprise-accounts.emu-only-emails-within-the-enterprise-can-conflict %} You can resolve username conflicts by making a change in your IdP so that the normalized usernames will be unique.
 
 {% elsif ghae %}
 
 
@@ -135,7 +135,7 @@ By default, when an unauthenticated user attempts to access an enterprise that u
 
 {% data variables.product.product_name %} automatically creates a username for each person by normalizing an identifier provided by your IdP. For more information, see "[Username considerations for external authentication](/admin/identity-and-access-management/managing-iam-for-your-enterprise/username-considerations-for-external-authentication)."
 
-A conflict may occur when provisioning users if the unique parts of the identifier provided by your IdP are removed during normalization. If you're unable to provision a user due to a username conflict, you should modify the username provided by your IdP. For more information, see "[Resolving username conflicts](/admin/identity-and-access-management/managing-iam-for-your-enterprise/username-considerations-for-external-authentication#resolving-username-conflicts)."
+A conflict may occur when provisioning users if the unique parts of the identifier provided by your IdP are removed during normalization. {% data reusables.enterprise-accounts.emu-only-emails-within-the-enterprise-can-conflict %} If you're unable to provision a user due to a username conflict, you should modify the username provided by your IdP. For more information, see "[Resolving username conflicts](/admin/identity-and-access-management/managing-iam-for-your-enterprise/username-considerations-for-external-authentication#resolving-username-conflicts)."
 
 The profile name and email address of a {% data variables.product.prodname_managed_user %} is also provided by the IdP. {% data variables.product.prodname_managed_users_caps %} cannot change their profile name or email address on {% data variables.product.prodname_dotcom %}, and the IdP can only provide a single email address.
 
 
@@ -40,7 +40,8 @@ For general information about configuring {% data variables.product.prodname_cod
 
 ##  About autobuild for {% data variables.product.prodname_codeql %}
 
-Code scanning works by running queries against one or more databases. Each database contains a representation of all of the code in a single language in your repository. For the compiled languages C/C++, C#, and Java, the process of populating this database involves building the code and extracting data. {% data reusables.code-scanning.analyze-go %}
+{% data variables.product.prodname_code_scanning_capc %} works by running queries against one or more databases. Each database contains a representation of all of the code in a single language in your repository.   
+For the compiled languages C/C++, C#, and Java, the process of populating this database involves building the code and extracting data. {% data reusables.code-scanning.analyze-go %}
 
 {% data reusables.code-scanning.autobuild-compiled-languages %}
 
 
@@ -57,7 +57,8 @@ Generally, we name our supported ecosystems after the software programming langu
 - Maven (registry: https://repo.maven.apache.org/maven2)
 - npm (registry: https://www.npmjs.com/)
 - NuGet (registry: https://www.nuget.org/)
-- pip (registry: https://pypi.org/)
+- pip (registry: https://pypi.org/){% ifversion dependency-graph-dart-support %}
+- pub (registry: https://pub.dev/packages/registry){% endif %}
 - RubyGems (registry: https://rubygems.org/)
 - Rust (registry: https://crates.io/)
 
 
@@ -784,15 +784,7 @@ registries:
 
 ### `docker-registry`
 
-{% data variables.product.prodname_dependabot %} works with container registries that implement the OCI container registry. For more information, see [https://github.com/opencontainers/distribution-spec/blob/main/spec.md](https://github.com/opencontainers/distribution-spec/blob/main/spec.md).  {% data variables.product.prodname_dependabot %} supports authentication to private registries via a central service. For further details, see [Token Authentication Specification](https://docs.docker.com/registry/spec/auth/token/) in the Docker documentation.
-
-We currently support the container registries listed here:
-
-* Docker Hub
-* {% data variables.product.company_short %} {% data variables.product.prodname_container_registry %}
-* GCR (Google Cloud)
-* Private ECR (AWS) - public ECR support is tracked in [https://github.com/dependabot/dependabot-core/issues/4212](https://github.com/dependabot/dependabot-core/issues/4212).
-
+{% data variables.product.prodname_dependabot %}  works with any container registries that implement the OCI container registry spec. For more information, see [https://github.com/opencontainers/distribution-spec/blob/main/spec.md](https://github.com/opencontainers/distribution-spec/blob/main/spec.md).  {% data variables.product.prodname_dependabot %} supports authentication to private registries via a central token service or HTTP Basic Auth. For further details, see [Token Authentication Specification](https://docs.docker.com/registry/spec/auth/token/) in the Docker documentation and [Basic access authentication](https://en.wikipedia.org/wiki/Basic_access_authentication) on Wikipedia.
 
 The `docker-registry` type supports username and password.
 
 
@@ -61,7 +61,7 @@ jobs:
           go-version: ">=1.18.0"
 
       - name: Run snapshot action
-        uses: @actions/go-dependency-submission@v1
+        uses: actions/go-dependency-submission@v1
         with:
             # Required: Define the repo path to the go.mod file used by the
             # build target
 
@@ -59,26 +59,25 @@ Send this information to <a href="mailto:secret-scanning@github.com">secret-scan
 
 Create a public, internet accessible HTTP endpoint at the URL you provided to us. When a match of your regular expression is found in a public repository, {% data variables.product.prodname_dotcom %} will send an HTTP `POST` message to your endpoint.
 
-#### Example POST sent to your endpoint
+#### Example request body
 
-```http
-POST / HTTP/2
-Host: HOST
-Accept: */*
-Content-Type: application/json
-GITHUB-PUBLIC-KEY-IDENTIFIER: f9525bf080f75b3506ca1ead061add62b8633a346606dc5fe544e29231c6ee0d
-GITHUB-PUBLIC-KEY-SIGNATURE: MEUCIQDfLvT8/zM8F1aB3cM0ZwyeWF1m5YR6IhcUIv1OKQYL0wIgBZ5lVXB3gHK+dT8+xt0WgRVLqvsTPFiDO9QP/7eJ4yE=
-Content-Length: 187
-
-[{"token":"NMIfyYncKcRALEXAMPLE","type":"mycompany_api_token","url":"https://github.com/octocat/Hello-World/blob/12345600b9cbe38a219f39a9941c9319b600c002/foo/bar.txt","source":"content"}]
+```json
+[
+  {
+    "token":"NMIfyYncKcRALEXAMPLE",
+    "type":"mycompany_api_token",
+    "url":"https://github.com/octocat/Hello-World/blob/12345600b9cbe38a219f39a9941c9319b600c002/foo/bar.txt",
+    "source":"content"
+  }
+]
 ```
 
-The message body is a JSON array that contains one or more objects with the following contents. When multiple matches are found, {% data variables.product.prodname_dotcom %}  may send a single message with more than one secret match. Your endpoint should be able to handle requests with a large number of matches without timing out.
+The message body is a JSON array that contains one or more objects, with each object representing a single secret match. Your endpoint should be able to handle requests with a large number of matches without timing out. The keys for each secret match are:
 
 * **token**: The value of the secret match.
 * **type**: The unique name you provided to identify your regular expression.
 * **url**: The public URL where the match was found (may be empty)
-* **source**: Where the token was found on GitHub.
+* **source**: Where the token was found on {% data variables.product.prodname_dotcom %}.
 
 The list of valid values for `source` are:
 
@@ -97,26 +96,32 @@ The list of valid values for `source` are:
 
 ### Implement signature verification in your secret alert service
 
-We strongly recommend you implement signature validation in your secret alert service to ensure that the messages you receive are genuinely from {% data variables.product.prodname_dotcom %} and not malicious.
+The HTTP request to your service will also contain headers that we strongly recommend using
+to validate the messages you receive are genuinely from {% data variables.product.prodname_dotcom %}, and are not malicious.
+
+The two HTTP headers to look for are:
+
+* `GITHUB-PUBLIC-KEY-IDENTIFIER`: Which `key_identifier` to use from our API
+* `GITHUB-PUBLIC-KEY-SIGNATURE`: Signature of the payload
 
-You can retrieve the {% data variables.product.prodname_dotcom %} secret scanning public key from https://api.github.com/meta/public_keys/secret_scanning and validate the message using the `ECDSA-NIST-P256V1-SHA256` algorithm.
+You can retrieve the {% data variables.product.prodname_dotcom %} secret scanning public key from https://api.github.com/meta/public_keys/secret_scanning and validate the message using the `ECDSA-NIST-P256V1-SHA256` algorithm. The endpoint
+will provide several `key_identifier` and public keys. You can determine which public
+key to use based on the value of `GITHUB-PUBLIC-KEY-IDENTIFIER`.
 
 {% note %}
 
 **Note**: When you send a request to the public key endpoint above, you may hit rate limits. To avoid hitting rate limits, you can use a personal access token (no scopes required) as suggested in the samples below, or use a conditional request. For more information, see "[Getting started with the REST API](/rest/guides/getting-started-with-the-rest-api#conditional-requests)."
 
 {% endnote %}
 
-Assuming you receive the following message, the code snippets below demonstrate how you could perform signature validation.
-The code snippets assume you've set an environment variable called `GITHUB_PRODUCTION_TOKEN` with a generated PAT (https://github.com/settings/tokens) to avoid hitting rate limits. The PAT does not need any scopes/permissions.
-
 {% note %}
 
 **Note**: The signature was generated using the raw message body. So it's important you also use the raw message body for signature validation, instead of parsing and stringifying the JSON, to avoid rearranging the message or changing spacing.
 
 {% endnote %}
 
-**Sample message sent to verify endpoint**
+**Sample HTTP POST sent to verify endpoint**
+
 ```http
 POST / HTTP/2
 Host: HOST
@@ -129,6 +134,23 @@ Content-Length: 83
 [{"token":"some_token","type":"some_type","url":"some_url","source":"some_source"}]
 ```
 
+{% note %}
+
+**Note**: The key id and signature from the example payload is derived from a test key.
+The public key for them is:
+
+```
+-----BEGIN PUBLIC KEY-----
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEsz9ugWDj5jK5ELBK42ynytbo38gP
+HzZFI03Exwz8Lh/tCfL3YxwMdLjB+bMznsanlhK0RwcGP3IDb34kQDIo3Q==
+-----END PUBLIC KEY-----
+```
+
+{% endnote %}
+
+The following code snippets demonstrate how you could perform signature validation.
+The code examples assume you've set an environment variable called `GITHUB_PRODUCTION_TOKEN` with a generated [personal access token](https://github.com/settings/tokens) (PAT) to avoid hitting rate limits. The PAT does not need any scopes/permissions.
+
 **Validation sample in Go**
 ```golang
 package main
 
@@ -15,7 +15,7 @@ versions:
 
 Saved replies allow you to create a reusable response to issues and pull requests. Save time by creating a saved reply for the responses you use most frequently.
 
-Once you've added a saved reply, it can be used in both issues and pull requests. Saved replies are tied to your personal account. Once they're created, you'll be able to use them across repositories and organizations.
+Once you've added a saved reply, it can be used in issues, pull requests, and discussions. Saved replies are tied to your personal account. Once they're created, you'll be able to use them across repositories and organizations.
 
 You can create a maximum of 100 saved replies. If you've reached the maximum limit, you can delete saved replies that you no longer use or edit existing saved replies.
 
 
@@ -95,7 +95,7 @@ You can also find the node ID of all projects in your organization. The followin
 curl --request POST \
   --url https://api.github.com/graphql \
   --header 'Authorization: Bearer TOKEN' \
-  --data '{"query":"{organization(login: \"ORGANIZATION") {projectsV2(first: 20) {nodes {id title}}}}"}'
+  --data '{"query":"{organization(login: \"ORGANIZATION\") {projectsV2(first: 20) {nodes {id title}}}}"}'
 ```
 {% endcurl %}
 
@@ -566,7 +566,7 @@ The following example will update the value of a text field for an item. Replace
 curl --request POST \
   --url https://api.github.com/graphql \
   --header 'Authorization: Bearer TOKEN' \
-  --data '{"query":"mutation {updateProjectV2ItemFieldValue( input: { projectId: "PROJECT_ID" itemId: "ITEM_ID" fieldId: "FIELD_ID" value: { text: "Updated text" }}) { projectV2Item { id }}}"}'
+  --data '{"query":"mutation {updateProjectV2ItemFieldValue( input: { projectId: \"PROJECT_ID\" itemId: \"ITEM_ID\" fieldId: \"FIELD_ID\" value: { text: \"Updated text\" }}) { projectV2Item { id }}}"}'
 ```
 {% endcurl %}
 
@@ -620,7 +620,7 @@ The following example will update the value of a single select field for an item
 curl --request POST \
   --url https://api.github.com/graphql \
   --header 'Authorization: Bearer TOKEN' \
-  --data '{"query":"mutation {updateProjectV2ItemFieldValue( input: { projectId: "PROJECT_ID" itemId: "ITEM_ID" fieldId: "FIELD_ID" value: { singleSelectOptionId: "OPTION_ID" }}) { projectV2Item { id }}}"}'
+  --data '{"query":"mutation {updateProjectV2ItemFieldValue( input: { projectId: \"PROJECT_ID\" itemId: \"ITEM_ID\" fieldId: \"FIELD_ID\" value: { singleSelectOptionId: \"OPTION_ID\" }}) { projectV2Item { id }}}"}'
 ```
 {% endcurl %}
 
@@ -660,7 +660,7 @@ The following example will update the value of an iteration field for an item.
 curl --request POST \
   --url https://api.github.com/graphql \
   --header 'Authorization: Bearer TOKEN' \
-  --data '{"query":"mutation {updateProjectV2ItemFieldValue( input: { projectId: "PROJECT_ID" itemId: "ITEM_ID" fieldId: "FIELD_ID" value: { singleSelectOptionId: "OPTION_ID" }}) { projectV2Item { id }}}"}'
+  --data '{"query":"mutation {updateProjectV2ItemFieldValue( input: { projectId: \"PROJECT_ID\" itemId: \"ITEM_ID\" fieldId: \"FIELD_ID\" value: { singleSelectOptionId: \"OPTION_ID\" }}) { projectV2Item { id }}}"}'
 ```
 {% endcurl %}