Merge branch 'main' into oxidizegithub

content/code-security/dependabot/working-with-dependabot/dependabot-options-reference.md

@@ -233,7 +233,7 @@ By default, a group will include all types of dependencies.
 
 ### `patterns` and `exclude-patterns` (`groups`)
 
-Both options support using `*` as a wild card to define matches with dependency names.
+Both options support using `*` as a wild card to define matches with dependency names. If a dependency matches both a pattern and an exclude-pattern, then it is excluded from the group.
 
 ### `update-types` (`groups`)
 

content/copilot/using-github-copilot/asking-github-copilot-questions-in-github.md

@@ -35,7 +35,7 @@ On {% data variables.product.github %}, you can use {% data variables.product.pr
 
 ## Powered by skills
 
-{% data variables.product.prodname_copilot_short %} is powered by a collection of skills that are dynamically selected based on the question you ask. You can tell which skill {% data variables.product.prodname_copilot_short %} used by clicking {% octicon "chevron-down" aria-label="the down arrow" %} to expand the status information in the chat window.
+When using the GPT-4o and {% data variables.copilot.copilot_claude_sonnet %} models, {% data variables.product.prodname_copilot_short %} has access to a collection of skills to fetch data from {% data variables.product.github %}, which are dynamically selected based on the question you ask. You can tell which skill {% data variables.product.prodname_copilot_short %} used by clicking {% octicon "chevron-down" aria-label="the down arrow" %} to expand the status information in the chat window.
 
 ![Screenshot of the {% data variables.product.prodname_copilot_short %} chat panel with the status information expanded and the skill that was used highlighted with an orange outline.](/assets/images/help/copilot/chat-show-skill.png)
 
@@ -71,7 +71,7 @@ The skills you can use in {% data variables.product.prodname_copilot_chat_dotcom
 
 ### Limitations of AI models for {% data variables.product.prodname_copilot_chat_short %}
 
-* If you want to use the skills listed in the table above{% ifversion ghec %}, or knowledge bases{% endif %}, on the {% data variables.product.github %} website, you must use the `gpt-4o` model.
+* If you want to use the skills listed in the table above{% ifversion ghec %}, or knowledge bases{% endif %}, on the {% data variables.product.github %} website, only the GPT 4o and {% data variables.copilot.copilot_claude_sonnet %} models are supported.
 * Experimental pre-release versions of the models may not interact with all filters correctly, including the duplication detection filter.
 
 ### Changing your AI model

content/get-started/writing-on-github/working-with-advanced-formatting/creating-and-highlighting-code-blocks.md

@@ -66,6 +66,9 @@ This will display the code block with syntax highlighting:
 
 ![Screenshot of three lines of Ruby code as displayed on {% data variables.product.prodname_dotcom %}. Elements of the code display in purple, blue, and red type for scannability.](/assets/images/help/writing/code-block-syntax-highlighting-rendered.png)
 
+> [!TIP]
+> When you create a fenced code block that you also want to have syntax highlighting on a GitHub Pages site, use lower-case language identifiers. For more information, see [AUTOTITLE](/pages/setting-up-a-github-pages-site-with-jekyll/about-github-pages-and-jekyll#syntax-highlighting).
+
 We use [Linguist](https://github.com/github-linguist/linguist) to perform language detection and to select [third-party grammars](https://github.com/github-linguist/linguist/blob/main/vendor/README.md) for syntax highlighting. You can find out which keywords are valid in [the languages YAML file](https://github.com/github-linguist/linguist/blob/main/lib/linguist/languages.yml).
 
 ## Creating diagrams

content/organizations/managing-programmatic-access-to-your-organization/viewing-api-insights-in-your-organization.md

@@ -12,8 +12,6 @@ topics:
   - REST
 ---
 
-> [!NOTE] This feature is currently in {% data variables.release-phases.public_preview %} and is subject to change. We welcome your feedback in [this {% data variables.product.prodname_github_community %} discussion](https://github.co/api-insights-discussion).
-
 ## About API insights
 
 As a {% data variables.product.prodname_ghe_cloud %} organization owner, you and your designated users can view REST API activity for your entire organization or specific apps and users. This helps you understand the sources of your REST API activity and manage against your primary rate limits, giving you visibility into the timeframe, apps, and API endpoints involved. To learn more about primary rate limits, see [AUTOTITLE](/rest/using-the-rest-api/rate-limits-for-the-rest-api#about-primary-rate-limits).

content/pages/setting-up-a-github-pages-site-with-jekyll/about-github-pages-and-jekyll.md

@@ -110,6 +110,9 @@ To make your site easier to read, code snippets are highlighted on {% data varia
 
 By default, code blocks on your site will be highlighted by Jekyll. Jekyll uses the [Rouge](https://github.com/rouge-ruby/rouge) highlighter (which is compatible with [Pygments](https://pygments.org/)). If you specify Pygments in your `_config.yml` file, Rouge will be used as the fallback instead. Jekyll cannot use any other syntax highlighter, and you'll get a page build warning if you specify another syntax highlighter in your `_config.yml` file. For more information, see [AUTOTITLE](/pages/setting-up-a-github-pages-site-with-jekyll/about-jekyll-build-errors-for-github-pages-sites).
 
+> [!NOTE]
+> Rouge only recognizes lower-case language identifiers for fenced code blocks. For a list of supported languages, see [Languages](https://rouge-ruby.github.io/docs/file.Languages.html).
+
 If you want to use another highlighter, such as [highlight.js](https://github.com/highlightjs/highlight.js), you must disable Jekyll's syntax highlighting by updating your project's `_config.yml` file.
 
 ```yaml

content/webhooks/using-webhooks/automatically-redelivering-failed-deliveries-for-a-github-app-webhook.md

@@ -76,7 +76,7 @@ jobs:
       - name: Setup Node.js
         uses: {% data reusables.actions.action-setup-node %}
         with:
-          node-version: '18.x'
+          node-version: '20.x'
 
       # This step installs the octokit library. The script that this workflow will run uses the octokit library.
       - name: Install dependencies
@@ -98,18 +98,18 @@ jobs:
           WORKFLOW_REPO: {% raw %}${{ github.event.repository.name }}{% endraw %}
           WORKFLOW_REPO_OWNER: {% raw %}${{ github.repository_owner }}{% endraw %}
         run: |
-          node .github/workflows/scripts/redeliver-failed-deliveries.js
+          node .github/workflows/scripts/redeliver-failed-deliveries.mjs
 ```
 
 ## Adding the script
 
 This section demonstrates how you can write a script to find and redeliver failed deliveries.
 
-Copy this script into a file called `.github/workflows/scripts/redeliver-failed-deliveries.js` in the same repository where you saved the {% data variables.product.prodname_actions %} workflow file above.
+Copy this script into a file called `.github/workflows/scripts/redeliver-failed-deliveries.mjs` in the same repository where you saved the {% data variables.product.prodname_actions %} workflow file above.
 
 ```javascript copy annotate
 // This script uses {% data variables.product.company_short %}'s Octokit SDK to make API requests. For more information, see "[AUTOTITLE](/rest/guides/scripting-with-the-rest-api-and-javascript)."
-const { App, Octokit } = require("octokit");
+import { App, Octokit } from "octokit";
 
 //
 async function checkAndRedeliverWebhooks() {

data/reusables/actions/branch-requirement.md

@@ -1,2 +1,2 @@
 > [!NOTE]
-> This event will only trigger a workflow run if the workflow file is on the default branch.
+> This event will only trigger a workflow run if the workflow file exists on the default branch.

data/reusables/actions/environment-example.md

@@ -21,7 +21,7 @@ jobs:
 
 When the above workflow runs, the `deployment` job will be subject to any rules configured for the `production` environment. For example, if the environment requires reviewers, the job will pause until one of the reviewers approves the job.
 
-You can also specify a URL for the environment. The specified URL will appear on the deployments page for the repository (accessed by clicking **Environments** on the home page of your repository) and in the visualization graph for the workflow run. If a pull request triggered the workflow, the URL is also displayed as a **View deployment** button in the pull request timeline.
+You can also specify a URL for the environment. The specified URL will appear on the deployments page for the repository (accessed by clicking **Environments** on the home page of your repository) and in the visualization graph for the workflow run. If a pull request triggered the workflow, the URL is also displayed as a **View deployment** button in the pull request timeline. When using the "Require deployments to succeed before merging" rule, only the `name` specified is being checked even if a URL has also been specified. See [AUTOTITLE](/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#require-deployments-to-succeed-before-merging).
 
 ```yaml
 name: Deployment

data/reusables/actions/runner-essential-communications.md

@@ -45,6 +45,7 @@ github-registry-files.githubusercontent.com
 
 ```shell copy
 *.pkg.github.com
+pkg-containers.githubusercontent.com
 ghcr.io
 ```
 

data/reusables/dependabot/private-dependencies-note.md

@@ -1 +1 @@
-When running security or version updates, some ecosystems must be able to resolve all dependencies from their source to verify that updates have been successful. If your manifest or lock files contain any private dependencies, {% data variables.product.prodname_dependabot %} must be able to access the location at which those dependencies are hosted. Organization owners can grant {% data variables.product.prodname_dependabot %} access to private repositories containing dependencies for a project within the same organization. For more information, see "[AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#allowing-dependabot-to-access-private{% ifversion ghec or ghes %}-or-internal{% endif %}-dependencies)." You can configure access to private registries in a repository's `dependabot.yml` configuration file. For more information, see "[AUTOTITLE](/code-security/dependabot/working-with-dependabot/dependabot-options-reference#configuration-options-for-private-registries)."
+When running security or version updates, some ecosystems must be able to resolve all dependencies from their source to verify that updates have been successful. If your manifest or lock files contain any private dependencies, {% data variables.product.prodname_dependabot %} must be able to access the location at which those dependencies are hosted. Organization owners can grant {% data variables.product.prodname_dependabot %} access to private repositories containing dependencies for a project within the same organization. For more information, see [AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#allowing-dependabot-to-access-private{% ifversion ghec or ghes %}-or-internal{% endif %}-dependencies). You can configure access to private registries in a repository's `dependabot.yml` configuration file. For more information, see [AUTOTITLE](/code-security/dependabot/working-with-dependabot/configuring-access-to-private-registries-for-dependabot).

src/secret-scanning/data/public-docs.yml

@@ -955,6 +955,17 @@
   hasPushProtection: true
   hasValidityCheck: false
   isduplicate: false
+- provider: Databento
+  supportedSecret: Databento API Key
+  secretType: databento_api_key
+  versions:
+    fpt: '*'
+    ghec: '*'
+  isPublic: true
+  isPrivateWithGhas: false
+  hasPushProtection: false
+  hasValidityCheck: false
+  isduplicate: false
 - provider: Databricks
   supportedSecret: Databricks Access Token
   secretType: databricks_access_token
@@ -1998,6 +2009,28 @@
   hasPushProtection: false
   hasValidityCheck: false
   isduplicate: false
+- provider: Lichess
+  supportedSecret: Lichess OAuth Access Token
+  secretType: lichess_oauth_access_token
+  versions:
+    fpt: '*'
+    ghec: '*'
+  isPublic: true
+  isPrivateWithGhas: false
+  hasPushProtection: false
+  hasValidityCheck: false
+  isduplicate: false
+- provider: Lichess
+  supportedSecret: Lichess Personal Access Token
+  secretType: lichess_personal_access_token
+  versions:
+    fpt: '*'
+    ghec: '*'
+  isPublic: true
+  isPrivateWithGhas: false
+  hasPushProtection: false
+  hasValidityCheck: false
+  isduplicate: false
 - provider: Lightspeed
   supportedSecret: Lightspeed Personal Access Token
   secretType: lightspeed_xs_pat
@@ -2488,6 +2521,17 @@
   hasPushProtection: true
   hasValidityCheck: '{% ifversion fpt or ghes %}false{% else %}true{% endif %}'
   isduplicate: true
+- provider: OpenRouter
+  supportedSecret: OpenRouter API Key
+  secretType: openrouter_api_key
+  versions:
+    fpt: '*'
+    ghec: '*'
+  isPublic: true
+  isPrivateWithGhas: false
+  hasPushProtection: false
+  hasValidityCheck: false
+  isduplicate: false
 - provider: Orbit
   supportedSecret: Orbit API Token
   secretType: orbit_api_token

src/secret-scanning/lib/config.json

@@ -1,5 +1,5 @@
 {
-  "sha": "e6054aab2e4808013fc252da4eecc896e43a5ffc",
-  "blob-sha": "ad9b0dbbff0337145d4929b99b65877c4b1ebeed",
+  "sha": "cc2ad2addc1a78be626037470b48db546e8a35ec",
+  "blob-sha": "7cd3674e6d0419376506fc41828588bd3eaed01d",
   "targetFilename": "code-security/secret-scanning/introduction/supported-secret-scanning-patterns"
 }