Merge pull request github#23885 from github/repo-sync

Octomerger · web-flow · commit ae3e11900456 · 2023-02-13T08:39:10.000-08:00
repo sync
diff --git a/content/actions/security-guides/automatic-token-authentication.md b/content/actions/security-guides/automatic-token-authentication.md
@@ -77,7 +77,7 @@ For information about the API endpoints {% data variables.product.prodname_githu
 
 The following table shows the permissions granted to the `GITHUB_TOKEN` by default. People with admin permissions to an {% ifversion not ghes %}enterprise, organization, or repository,{% else %}organization or repository{% endif %} can set the default permissions to be either permissive or restricted. For information on how to set the default permissions for the `GITHUB_TOKEN` for your enterprise, organization, or repository, see "[Enforcing policies for {% data variables.product.prodname_actions %} in your enterprise](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-github-actions-policies-for-your-enterprise#enforcing-a-policy-for-workflow-permissions-in-your-enterprise)," "[Disabling or limiting {% data variables.product.prodname_actions %} for your organization](/github/setting-up-and-managing-organizations-and-teams/disabling-or-limiting-github-actions-for-your-organization#setting-the-permissions-of-the-github_token-for-your-organization)," or "[Managing {% data variables.product.prodname_actions %} settings for a repository](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#setting-the-permissions-of-the-github_token-for-your-repository)."
 
-| Scope         | Default access<br>(permissive) | Default access<br>(restricted) | Maximum access for<br>pull requests from<br>public forked repositories<sup>[†]</sup> |
+| Scope         | Default access<br>(permissive) | Default access<br>(restricted) | Maximum access for<br>pull requests from<br>public forked repositories [1] |
 |---------------|-----------------------------|-----------------------------|--------------------------------|
 | actions       | read/write  | none | read |
 | checks        | read/write  | none | read |
@@ -93,7 +93,7 @@ The following table shows the permissions granted to the `GITHUB_TOKEN` by defau
 | security-events     | read/write | none | read |
 | statuses      | read/write  | none | read |
 
-[†] Private repositories can control if pull requests from forks can run workflows, and configure the permissions assigned to `GITHUB_TOKEN`. For more information, see "[Managing GitHub Actions settings for a repository](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#enabling-workflows-for-forks-of-private-repositories)."
+[1] Private repositories can control if pull requests from forks can run workflows, and configure the permissions assigned to `GITHUB_TOKEN`. For more information, see "[Managing GitHub Actions settings for a repository](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#enabling-workflows-for-forks-of-private-repositories)."
 
 {% data reusables.actions.workflow-runs-dependabot-note %}
 
diff --git a/content/billing/managing-billing-for-github-codespaces/about-billing-for-github-codespaces.md b/content/billing/managing-billing-for-github-codespaces/about-billing-for-github-codespaces.md
@@ -82,9 +82,9 @@ A {% data variables.product.prodname_github_codespaces %} instance (a "codespace
 |                     |  8 core      | 1 hour          | 8                         | $0.72 |
 |                     |  16 core     | 1 hour          | 16                        | $1.44 |
 |                     |  32 core     | 1 hour          | 32                        | $2.88 |
-| Codespaces storage  |  Storage     | 1 GB-month<sup>*</sup> | N/A                | $0.07 |
+| Codespaces storage  |  Storage     | 1 GB-month [1] | N/A                | $0.07 |
 
-<sup>*</sup> See "[Billing for storage usage](#billing-for-storage-usage)" below for details of the GB-month unit of measure.
+[1] See "[Billing for storage usage](#billing-for-storage-usage)" below for details of the GB-month unit of measure.
 
 If you enable prebuilding of codespaces this will incur additional charges. For more information, see "[Billing for {% data variables.product.prodname_codespaces %} prebuilds](#billing-for-codespaces-prebuilds)."
 
diff --git a/content/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/configuring-codeql-cli-in-your-ci-system.md b/content/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/configuring-codeql-cli-in-your-ci-system.md
@@ -3,7 +3,6 @@ title: Configuring CodeQL CLI in your CI system
 shortTitle: Configure CodeQL CLI
 intro: 'You can configure your continuous integration system to run the {% data variables.product.prodname_codeql_cli %}, perform {% data variables.product.prodname_codeql %} analysis, and upload the results to {% data variables.product.product_name %} for display as {% data variables.product.prodname_code_scanning %} alerts.'
 product: '{% data reusables.gated-features.code-scanning %}'
-miniTocMaxHeadingLevel: 3
 redirect_from:
   - /code-security/secure-coding/using-codeql-code-scanning-with-your-existing-ci-system/configuring-codeql-cli-in-your-ci-system
 versions:
@@ -161,7 +160,7 @@ codeql database analyze &lt;database&gt; --format=&lt;format&gt; \
 
 For more information, see [Analyzing databases with the {% data variables.product.prodname_codeql_cli %}](/code-security/codeql-cli/using-the-codeql-cli/analyzing-databases-with-the-codeql-cli/)."
 
-### Basic example
+### Basic example of analyzing a CodeQL database
 
 This example analyzes a {% data variables.product.prodname_codeql %} database stored at `/codeql-dbs/example-repo` and saves the results as a SARIF file: `/temp/example-repo-js.sarif`. It uses `--sarif-category` to include extra information in the SARIF file that identifies the results as JavaScript. This is essential when you have more than one {% data variables.product.prodname_codeql %} database to analyze for a single commit in a repository.
 
@@ -205,7 +204,7 @@ When you have decided on the most secure and reliable method for your CI server,
 
 For more information, see [github upload-results](https://codeql.github.com/docs/codeql-cli/manual/github-upload-results/) in the documentation for the {% data variables.product.prodname_codeql_cli %}.
 
-### Basic example
+### Basic example of uploading results to {% data variables.product.product_name %}
 
 This example uploads results from the SARIF file `temp/example-repo-js.sarif` to the repository `my-org/example-repo`. It tells the {% data variables.product.prodname_code_scanning %} API that the results are for the commit `deb275d2d5fe9a522a0b7bd8b6b6a1c939552718` on the `main` branch.
 
@@ -242,7 +241,7 @@ For more information about pack compatibility, see "[About {% data variables.pro
 {% endnote %}
 {% endif %}
 
-### Basic example
+### Basic example of downloading and using query packs
 
 This example runs the `codeql database analyze` command with the `--download` option to:
 
diff --git a/content/code-security/codeql-cli/using-the-codeql-cli/getting-started-with-the-codeql-cli.md b/content/code-security/codeql-cli/using-the-codeql-cli/getting-started-with-the-codeql-cli.md
@@ -30,10 +30,8 @@ structures. To get started quickly, we recommend adopting a relatively simple
 setup, as outlined in the steps below.
 
 If you use Linux, Windows, or macOS version 10.14 (“Mojave”) or earlier, simply
-follow the steps below. For macOS version 10.15 (“Catalina”) or newer, steps 1
-and 4 are slightly different—for further details, see the sections labeled
-**Information for macOS “Catalina” (or newer) users**. If you are using macOS
-on Apple Silicon (e.g. Apple M1), ensure that the [Xcode command-line developer
+follow the steps below. For macOS version 10.15 (“Catalina”) or newer, there are additional notes for some of the steps. If you are using macOS
+on Apple Silicon (for example, Apple M1), ensure that the [Xcode command-line developer
 tools](https://developer.apple.com/downloads/index.action) and [Rosetta 2](https://support.apple.com/en-us/HT211861) are installed.
 
 {% note %}
@@ -67,7 +65,7 @@ for the version you require.
 If you want the CLI for a specific platform, download the appropriate `codeql-PLATFORM.zip` file.
 Alternatively, you can download `codeql.zip`, which contains the CLI for all supported platforms.
 
-#### Information for macOS “Catalina” (or newer) users
+#### Download information for macOS “Catalina” (or newer) users
 
 If you use macOS version 10.15 (“Catalina”), version 11 (“Big Sur”), or the upcoming version 12 (“Monterey”), you need to ensure that your web browser does not automatically extract zip files. If you use Safari, complete the following steps before downloading the {% data variables.product.prodname_codeql_cli %} zip archive:
 
@@ -81,7 +79,7 @@ If you use macOS version 10.15 (“Catalina”), version 11 (“Big Sur”), or
 For Linux, Windows, and macOS users (version 10.14 “Mojave”, and earlier)
 simply extract the zip archive.
 
-#### Information for macOS “Catalina” (or newer) users
+#### Extraction information for macOS “Catalina” (or newer) users
 
 macOS “Catalina”, “Big Sur”, or “Monterey” users should run the following commands in the Terminal, where `${extraction-root}` is the path to the directory where you will extract the {% data variables.product.prodname_codeql_cli %} zip archive:
 
diff --git a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md
@@ -85,12 +85,12 @@ The recommended formats explicitly define which versions are used for all direct
 | Composer             | PHP           | `composer.lock` | `composer.json`, `composer.lock` |
 | NuGet | .NET languages (C#, F#, VB), C++  |   `.csproj`, `.vbproj`, `.nuspec`, `.vcxproj`, `.fsproj` |  `.csproj`, `.vbproj`, `.nuspec`, `.vcxproj`, `.fsproj`, `packages.config` |
 {%- ifversion github-actions-in-dependency-graph %}
-| {% data variables.product.prodname_actions %} workflows<sup>[†]</sup> | YAML | `.yml`, `.yaml` | `.yml`, `.yaml` |
+| {% data variables.product.prodname_actions %} workflows [1] | YAML | `.yml`, `.yaml` | `.yml`, `.yaml` |
 {%- endif %}
 | Go modules | Go | `go.sum` | `go.mod`, `go.sum` |
 | Maven | Java, Scala |  `pom.xml`  | `pom.xml`  |
 | npm | JavaScript |            `package-lock.json` | `package-lock.json`, `package.json`|
-| pip             | Python                    | `requirements.txt`, `pipfile.lock` | `requirements.txt`, `pipfile`, `pipfile.lock`, `setup.py`<sup>[‡]</sup> |
+| pip             | Python                    | `requirements.txt`, `pipfile.lock` | `requirements.txt`, `pipfile`, `pipfile.lock`, `setup.py`[2] |
 {%- ifversion dependency-graph-dart-support %}
 | pub             | Dart                    | `pubspec.lock` | `pubspec.yaml`, `pubspec.lock` |
 {%- endif %}
@@ -101,11 +101,11 @@ The recommended formats explicitly define which versions are used for all direct
 | Yarn | JavaScript | `yarn.lock` | `package.json`, `yarn.lock` |
 
 {% ifversion github-actions-in-dependency-graph %}
-[†] {% data reusables.enterprise.3-5-missing-feature %} {% data variables.product.prodname_actions %} workflows must be located in the `.github/workflows/` directory of a repository to be recognized as manifests. Any actions or workflows referenced using the syntax `jobs[*].steps[*].uses` or `jobs.<job_id>.uses` will be parsed as dependencies. For more information, see "[Workflow syntax for {% data variables.product.prodname_actions %}](/actions/using-workflows/workflow-syntax-for-github-actions)."
+[1] {% data reusables.enterprise.3-5-missing-feature %} {% data variables.product.prodname_actions %} workflows must be located in the `.github/workflows/` directory of a repository to be recognized as manifests. Any actions or workflows referenced using the syntax `jobs[*].steps[*].uses` or `jobs.<job_id>.uses` will be parsed as dependencies. For more information, see "[Workflow syntax for {% data variables.product.prodname_actions %}](/actions/using-workflows/workflow-syntax-for-github-actions)."
 
 {% endif %}
 
-[‡] If you list your Python dependencies within a `setup.py` file, we may not be able to parse and list every dependency in your project.
+[2] If you list your Python dependencies within a `setup.py` file, we may not be able to parse and list every dependency in your project.
 
 {% ifversion github-actions-in-dependency-graph %}
 {% note %}
diff --git a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/using-the-dependency-submission-api.md b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/using-the-dependency-submission-api.md
@@ -29,14 +29,14 @@ The simplest way to use the Dependency submission API is by adding a pre-made ac
 
 Ecosystem | Action | Maintained by {% data variables.product.prodname_dotcom %}
 --- | --- | --- |
-Any<sup>[†]</sup> | [Anchore SBOM Action](https://github.com/marketplace/actions/anchore-sbom-action) | |
+Any [1] | [Anchore SBOM Action](https://github.com/marketplace/actions/anchore-sbom-action) | |
 Go | [Go Dependency Submission](https://github.com/marketplace/actions/go-dependency-submission) | **✓** |
 Gradle | [Gradle Dependency Submission](https://github.com/marketplace/actions/gradle-dependency-submission) | |
 Maven | [Maven Dependency Tree Dependency Submission](https://github.com/marketplace/actions/maven-dependency-tree-dependency-submission) | **✓** |
 Mill | [Mill Dependency Submission](https://github.com/marketplace/actions/mill-dependency-submission) | |
 Scala | [Sbt Dependency Submission](https://github.com/marketplace/actions/sbt-dependency-submission) | |
 
-[†] This action is ecosystem-agnostic.
+[1] This action is ecosystem-agnostic.
 
 For example, the following [Go Dependency Submission](https://github.com/actions/go-dependency-submission) workflow calculates the dependencies for a Go build-target (a Go file with a `main` function) and submits the list to the Dependency Submission API. 
 
diff --git a/content/organizations/managing-user-access-to-your-organizations-repositories/repository-roles-for-an-organization.md b/content/organizations/managing-user-access-to-your-organizations-repositories/repository-roles-for-an-organization.md
@@ -163,8 +163,8 @@ In this section, you can find the access required for security features, such as
 | [View dependency reviews](/code-security/supply-chain-security/about-dependency-review) | **✔️** | **✔️** | **✔️** | **✔️** | **✔️** |{% endif %}
 | [View {% data variables.product.prodname_code_scanning %} alerts on pull requests](/github/finding-security-vulnerabilities-and-errors-in-your-code/triaging-code-scanning-alerts-in-pull-requests) | **✔️** | **✔️** | **✔️** | **✔️** | **✔️** |
 | [List, dismiss, and delete {% data variables.product.prodname_code_scanning %} alerts](/github/finding-security-vulnerabilities-and-errors-in-your-code/managing-code-scanning-alerts-for-your-repository) | | | **✔️** | **✔️** | **✔️** |
-| [View and dismiss {% data variables.secret-scanning.alerts %} in a repository](/github/administering-a-repository/managing-alerts-from-secret-scanning) | | | **✔️**{% ifversion not ghae %}<sup>[1]</sup>{% endif %} | **✔️**{% ifversion not ghae %}<sup>[1]</sup>{% endif %} | **✔️** |{% ifversion ghes or ghae or ghec %}<!--Not available for FPT-->
-| [Resolve, revoke, or re-open {% data variables.secret-scanning.alerts %}](/github/administering-a-repository/managing-alerts-from-secret-scanning) | | | **✔️**{% ifversion not ghae %}<sup>[1]</sup>{% endif %} | **✔️**{% ifversion not ghae %}<sup>[1]</sup>{% endif %} | **✔️** |{% endif %}{% ifversion ghes or ghae or ghec %}
+| [View and dismiss {% data variables.secret-scanning.alerts %} in a repository](/github/administering-a-repository/managing-alerts-from-secret-scanning) | | | **✔️**{% ifversion not ghae %}[1]{% endif %} | **✔️**{% ifversion not ghae %}[1]{% endif %} | **✔️** |{% ifversion ghes or ghae or ghec %}<!--Not available for FPT-->
+| [Resolve, revoke, or re-open {% data variables.secret-scanning.alerts %}](/github/administering-a-repository/managing-alerts-from-secret-scanning) | | | **✔️**{% ifversion not ghae %}[1]{% endif %} | **✔️**{% ifversion not ghae %}[1]{% endif %} | **✔️** |{% endif %}{% ifversion ghes or ghae or ghec %}
 | [Designate additional people or teams to receive {% data variables.secret-scanning.alerts %}](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository#granting-access-to-security-alerts) in repositories | | | | | **✔️** |{% endif %}
 
 [1] Repository writers and maintainers can only see alert information for their own commits.
diff --git a/data/reusables/actions/supported-github-runners.md b/data/reusables/actions/supported-github-runners.md
@@ -51,7 +51,7 @@ Ubuntu 20.04
 </tr>
 <tr>
 <td>
-Ubuntu 18.04 <sup>[deprecated]</sup>
+Ubuntu 18.04 [deprecated]
 </td>
 <td>
 <code>ubuntu-18.04</code>
@@ -83,7 +83,7 @@ macOS Big Sur 11
 </tr>
 <tr>
 <td>
-macOS Catalina 10.15 <sup>[deprecated]</sup>
+macOS Catalina 10.15 [deprecated]
 </td>
 <td>
 <code>macos-10.15</code>
diff --git a/data/reusables/dependabot/supported-package-managers.md b/data/reusables/dependabot/supported-package-managers.md
@@ -9,23 +9,23 @@ Package manager | YAML value      | Supported versions | Private repositories |
 Bundler        | `bundler`        | v1, v2           | | **✓** | **✓** |
 Cargo          | `cargo`          | v1               | **✓** | **✓** | |
 Composer       | `composer`       | v1, v2           | **✓** | **✓** | |
-Docker {% ifversion dependabot-version-updates-enhanced-docker-support %}<sup>[1]</sup>{% endif %}         | `docker`         | v1               | **✓** | **✓** | |
+Docker {% ifversion dependabot-version-updates-enhanced-docker-support %}[1]{% endif %}         | `docker`         | v1               | **✓** | **✓** | |
 Hex            | `mix`            | v1               | | **✓** | |
 elm-package    | `elm`            | v0.19            | **✓** | **✓** | |
 git submodule  | `gitsubmodule`   | N/A (no version) | **✓** | **✓** | |
-{% data variables.product.prodname_actions %} <sup>[2]</sup>   | `github-actions` | N/A (no version) | **✓** | **✓** | |
+{% data variables.product.prodname_actions %} [2]   | `github-actions` | N/A (no version) | **✓** | **✓** | |
 Go modules     | `gomod`          | v1               | **✓** | **✓** | **✓** |
-Gradle <sup>[3]</sup>         | `gradle`         | N/A (no version)   | **✓** | **✓** | |
-Maven <sup>[4]</sup>       | `maven`          | N/A (no version)   | **✓** | **✓** | |
+Gradle [3]         | `gradle`         | N/A (no version)   | **✓** | **✓** | |
+Maven [4]       | `maven`          | N/A (no version)   | **✓** | **✓** | |
 npm            | `npm`            | v6, v7, v8       | **✓** | **✓** | |
-NuGet          | `nuget`          | <= 4.8<sup>[5]</sup> | **✓** | **✓** | |
-pip{% ifversion dependabot-PEP621-support %}<sup>[6]</sup>{% endif %}          | `pip`            | v21.1.2          | | **✓** | |
+NuGet          | `nuget`          | <= 4.8 [5] | **✓** | **✓** | |
+pip{% ifversion dependabot-PEP621-support %} [6]{% endif %}          | `pip`            | v21.1.2          | | **✓** | |
 pipenv         | `pip`            | <= 2021-05-29    | | **✓** | |
-pip-compile{% ifversion dependabot-PEP621-support %}<sup>[6]</sup>{% endif %}   | `pip`            | 6.1.0            | | **✓** | |
+pip-compile{% ifversion dependabot-PEP621-support %} [6]{% endif %}   | `pip`            | 6.1.0            | | **✓** | |
 poetry         | `pip`            | v1               | | **✓** | |{% ifversion fpt or ghec or ghes > 3.4 %}
-pub <sup>[7]</sup>           | `pub`            | v2  | | | |{% endif %}
+pub [7]           | `pub`            | v2  | | | |{% endif %}
 Terraform      | `terraform`      | >= 0.13, <= 1.3.x  | **✓** | **✓** | |
-{% ifversion dependabot-yarn-v3-update %}yarn           | `npm`            | v1, v2, v3       | **✓** | **✓** | **✓**<sup>[8]</sup> |{% else %}yarn           | `npm`            | v1               | **✓** | **✓** |  |
+{% ifversion dependabot-yarn-v3-update %}yarn           | `npm`            | v1, v2, v3       | **✓** | **✓** | **✓**[8] |{% else %}yarn           | `npm`            | v1               | **✓** | **✓** |  |
 {% endif %}
 
 {% tip %}
diff --git a/data/reusables/github-ae/saml-idp-table.md b/data/reusables/github-ae/saml-idp-table.md
diff --git a/data/reusables/supported-languages/php.md b/data/reusables/supported-languages/php.md
diff --git a/data/reusables/supported-languages/ruby.md b/data/reusables/supported-languages/ruby.md
diff --git a/data/reusables/supported-languages/scala.md b/data/reusables/supported-languages/scala.md
