diff --git a/CHANGELOG.md b/CHANGELOG.md index 2ea2f683230c..83e675a805f9 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,11 @@ # Docs changelog +**13 November 2025** + +We've published a new tutorial on [using custom instructions for Copilot code review](https://docs.github.com/copilot/tutorials/use-custom-instructions). In this tutorial you'll learn how to write effective custom instructions that help Copilot provide more relevant and actionable code reviews. + +
+ **31 October 2025** A large amount of new information was added to the GitHub documentation website to coincide with the GitHub Universe 2025 conference. Here are links to some of the new and updated articles. diff --git a/content/code-security/secret-scanning/introduction/supported-secret-scanning-patterns.md b/content/code-security/secret-scanning/introduction/supported-secret-scanning-patterns.md index 6542edd249d0..5659aca66ce7 100644 --- a/content/code-security/secret-scanning/introduction/supported-secret-scanning-patterns.md +++ b/content/code-security/secret-scanning/introduction/supported-secret-scanning-patterns.md @@ -53,6 +53,9 @@ This table lists the secrets supported by {% data variables.product.prodname_sec Precision levels are estimated based on the pattern type's typical false positive rates. + +{% ifversion fpt or ghec %} + | Provider | Token | Description | Precision | |:---------|:--------------------------------------|:------------|:----------| | Generic | ec_private_key | Elliptic Curve (EC) private keys used for cryptographic operations | High | @@ -66,7 +69,29 @@ Precision levels are estimated based on the pattern type's typical false positiv | Generic | postgres_connection_string | Connection strings for PostgreSQL databases containing credentials | High | | Generic | rsa_private_key | RSA private keys used for cryptographic operations | High | -`generic_private_key` support is only available on {% data variables.product.prodname_ghe_server %} from version 3.20. +{% endif %} + + +{% ifversion ghes %} + +| Provider | Token | Description | Precision | +|:---------|:--------------------------------------|:------------|:----------| +| {% ifversion ghes > 3.18 %} | +| Generic | ec_private_key | Elliptic Curve (EC) private keys used for cryptographic operations | High | +| {% endif %} | +| {% ifversion ghes > 3.19 %} | +| Generic | generic_private_key | Cryptographic private keys with `-----BEGIN PRIVATE KEY-----` header | High | +| {% endif %} | +| Generic | http_basic_authentication_header | HTTP Basic Authentication credentials in request headers | Medium | +| Generic | http_bearer_authentication_header | HTTP Bearer tokens used for API authentication | Medium | +| Generic | mongodb_connection_string | Connection strings for MongoDB databases containing credentials | High | +| Generic | mysql_connection_string | Connection strings for MySQL databases containing credentials | High | +| Generic | openssh_private_key | OpenSSH format private keys used for SSH authentication | High | +| Generic | pgp_private_key | PGP (Pretty Good Privacy) private keys used for encryption and signing | High | +| Generic | postgres_connection_string | Connection strings for PostgreSQL databases containing credentials | High | +| Generic | rsa_private_key | RSA private keys used for cryptographic operations | High | + +{% endif %} >[!NOTE] > Validity checks are **not supported** for non-provider patterns. diff --git a/content/code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/delegated-bypass-for-push-protection/about-delegated-bypass-for-push-protection.md b/content/code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/delegated-bypass-for-push-protection/about-delegated-bypass-for-push-protection.md index 24ab8e31e0c2..ed96fac24dd6 100644 --- a/content/code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/delegated-bypass-for-push-protection/about-delegated-bypass-for-push-protection.md +++ b/content/code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/delegated-bypass-for-push-protection/about-delegated-bypass-for-push-protection.md @@ -19,7 +19,7 @@ shortTitle: About delegated bypass {% data reusables.secret-scanning.push-protection-delegate-bypass-beta-note %} -By default, when push protection is enabled for a repository, anyone with write access can still push a secret to the repository, provided that they specify a reason for bypassing push protection. +When push protection is enabled for a repository, users with write access can bypass push protection and push a secret if they provide a reason and the bypass is approved. With delegated bypass for push protection, you can: diff --git a/content/communities/setting-up-your-project-for-healthy-contributions/creating-a-default-community-health-file.md b/content/communities/setting-up-your-project-for-healthy-contributions/creating-a-default-community-health-file.md index 90943cba3690..fec470812352 100644 --- a/content/communities/setting-up-your-project-for-healthy-contributions/creating-a-default-community-health-file.md +++ b/content/communities/setting-up-your-project-for-healthy-contributions/creating-a-default-community-health-file.md @@ -18,7 +18,7 @@ shortTitle: Community health file Default community health files are a set of predefined files that provide guidance and templates for maintaining a healthy and collaborative open source project. These files help you automate and standardize various aspects of your project's development and community interaction, promoting transparency, good practices, and collaboration. -You can add default community health files to a public repository called `.github` and {% data variables.product.github %} will use and display default files for any repository owned by the account that does not have its own file of that type in the following order: +You can add default community health files to a **public**{% ifversion ghec or ghes %} or **internal**{% endif %} repository called `.github` and {% data variables.product.github %} will use and display default files for any repository owned by the account that does not have its own file of that type in the following order: * The `.github` folder * The root of the repository @@ -26,7 +26,7 @@ You can add default community health files to a public repository called `.githu If no corresponding file is found in the current repository, {% data variables.product.github %} will use the default file from the `.github` repository, following the same order of precedence. -**Note:** The `.github` repository must be **public** for templates to be applied organization-wide. Private `.github` repositories are not supported. +**Note:** The `.github` repository must be **public**{% ifversion ghec or ghes %} or **internal**{% endif %} for templates to be applied organization-wide. Private `.github` repositories are not supported. For example, anyone who creates an issue or pull request in a repository that does not have its own `CONTRIBUTING.md` file will see a link to the default `CONTRIBUTING.md` from the `.github` repository. However, if a repository has any files in its own `.github/ISSUE_TEMPLATE` folder, such as issue templates or a `_config.yml` file, none of the contents of the default `.github/ISSUE_TEMPLATE` folder will be used. This allows repository maintainers to override the default files with specific templates or content on per-repository basis. @@ -66,7 +66,7 @@ You cannot create a default license file. License files must be added to individ ![Screenshot of the owner menu for a new {% data variables.product.prodname_dotcom %} repository. The menu shows two options, octocat and github.](/assets/images/help/repository/create-repository-owner.png) 1. In the "Repository name" field, type **.github**. 1. Optionally, in the "Description" field, type a description. -1. Make sure the repository status is set to **Public**. A repository for default files cannot be private. +1. Make sure the repository status is set to **Public**{% ifversion ghec or ghes %} or **Internal**{% endif %}. A repository for default files cannot be private. {% data reusables.repositories.initialize-with-readme %} {% data reusables.repositories.create-repo %} 1. In the repository, create one of the supported community health files. Issue templates and their configuration file must be in a folder called `.github/ISSUE_TEMPLATE`. All other supported files may be in the root of the repository, the `.github` folder, or the `docs` folder. For more information, see [AUTOTITLE](/repositories/working-with-files/managing-files/creating-new-files).