Merge pull request github#36730 from github/repo-sync

Repo sync

Author: docs-bot

.github/workflows/codespace-review-up.yml

@@ -46,6 +46,14 @@ jobs:
       LOGIN: docs-bot
       REPO: github/docs-internal
     steps:
+      - name: Print event details
+        run: |
+          echo "github.event_name: ${{ github.event_name }}"
+          echo "github.event.action: ${{ github.event.action }}"
+          echo "github.actor: ${{ github.actor }}"
+          echo "github.event.pull_request.auto_merge: ${{ github.event.pull_request.auto_merge }}"
+          echo "github.triggering_actor: ${{ github.triggering_actor }}"
+
       - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
 
       - name: Check for existing codespace

.github/workflows/copy-api-issue-to-internal.yml

@@ -45,7 +45,7 @@ jobs:
 
       - name: Create an issue in the docs-content repo
         run: |
-          new_issue_url="$(gh issue create --title "$ISSUE_TITLE" --body "$ISSUE_BODY" --repo github/docs-content)"
+          new_issue_url="$(gh issue create --title "$ISSUE_TITLE" --body "$ISSUE_BODY" --repo github/docs-content --label 'skip FR board')"
           echo 'NEW_ISSUE='$new_issue_url >> $GITHUB_ENV
         env:
           GITHUB_TOKEN: ${{secrets.DOCS_BOT_PAT_WORKFLOW_READORG}}

content/admin/managing-your-enterprise-account/creating-github-apps-for-your-enterprise.md

@@ -10,14 +10,14 @@ permissions: Enterprise owners.
 shortTitle: Create a GitHub App
 ---
 
-{% data reusables.apps.enterprise-apps-beta %}
-
 You can create a {% data variables.product.prodname_github_app %} under your enterprise account. The app can only be installed on organizations within your enterprise, and can only be authorized by members of your enterprise. The app can't be installed on user accounts.
 
 ## Step 1: Registering a {% data variables.product.prodname_github_app %}
 
 To create a {% data variables.product.prodname_github_app %}, you must first register the app. See [AUTOTITLE](/apps/creating-github-apps/registering-a-github-app/registering-a-github-app).
 
+Apps can also be transferred to an enterprise from a member or organization. To transfer an app, see [AUTOTITLE](/apps/maintaining-github-apps/transferring-ownership-of-a-github-app).
+
 ## Step 2: Building a {% data variables.product.prodname_github_app %}
 
 After registering a {% data variables.product.prodname_github_app %}, you will want to write code to make your {% data variables.product.prodname_github_app %} do something. For examples of how to write code, see:
@@ -34,6 +34,8 @@ You should aim to follow best practices. See [AUTOTITLE](/apps/creating-github-a
 
 Once your {% data variables.product.prodname_github_app %} is registered, you'll need to make it available to organizations in your enterprise, either through **authorization** or **installation**, depending on the app’s purpose.
 
+Enterprise owners can modify the permissions for apps owned by their enterprise at any time. Permissions changes will be automatically accepted by organizations in the enterprise.
+
 ### Step 3a: Authorizing your {% data variables.product.prodname_github_app %}
 
 Some {% data variables.product.prodname_github_apps %}, like {% data variables.product.prodname_copilot_short %} extensions, require **authorization** but do not need to be installed on an organization. Users in your enterprise can authorize the app to access resources within organizations. However, the app will only have access to {% data variables.product.github %} resources where it is installed. See [AUTOTITLE](/apps/using-github-apps/authorizing-github-apps).

content/apps/creating-github-apps/registering-a-github-app/choosing-permissions-for-a-github-app.md

@@ -31,11 +31,18 @@ When a user installs an app on their account or organization, they see and grant
 
 The success of an API request with a user access token depends on the user's permissions as well as the app's permissions. For example, if the app was granted permission to write the contents of a repository, but the user can only read the contents, then the user access token can only read the contents. The success of an API request with an installation access token only depends on the app's permissions.
 
-You can modify the permissions for your app at any time. When you modify the permissions, the owner of each account where the app was installed will be prompted to approve the new permissions. If the account owner does not approve the new permissions, their installation will continue to use the old permissions.
+For more information about specifying permissions during {% data variables.product.prodname_github_app %} registration, see [AUTOTITLE](/apps/creating-github-apps/setting-up-a-github-app/creating-a-github-app).
 
 Some webhooks and API access requires "Administration" permissions. If your app requires "Administration" permissions, consider explaining this requirement on your app's homepage. This will help users understand why your app needs a high level permission.
 
-For more information about specifying permissions during {% data variables.product.prodname_github_app %} registration, see [AUTOTITLE](/apps/creating-github-apps/setting-up-a-github-app/creating-a-github-app). For more information about modifying permissions, see [AUTOTITLE](/apps/maintaining-github-apps/editing-a-github-apps-permissions).
+## About changes to permissions
+
+You can modify the permissions for apps you own or manage at any time.{% ifversion enterprise-apps-public-beta %}
+
+* When you modify the permissions of an app owned by an **enterprise account**, the changes are automatically accepted by organizations in the enterprise.
+* When you modify the permissions of an app owned by a **user or organization**,{% else %} When you do so,{% endif %} the owner of each account where the app was installed will be prompted to approve the new permissions. If the account owner does not approve the new permissions, their installation will continue to use the old permissions.
+
+For more information about modifying permissions, see [AUTOTITLE](/apps/maintaining-github-apps/editing-a-github-apps-permissions).
 
 ## Choosing permissions for webhook access
 

content/apps/creating-github-apps/registering-a-github-app/making-a-github-app-public-or-private.md

@@ -22,18 +22,12 @@ shortTitle: Visibility
 
 ## About visibility for {% data variables.product.prodname_github_apps %}
 
-You can make your {% data variables.product.prodname_github_app %} registration public or private. {% ifversion fpt %}If you set your {% data variables.product.prodname_github_app %} registration to public, any user on {% data variables.product.github %} can install it. If you set your {% data variables.product.prodname_github_app %} registration to private, it can only be installed on the account that owns the app.
+A {% data variables.product.prodname_github_app %} can be {% ifversion fpt %}public or private{% elsif enterprise-apps-public-beta %}public, private, or internal{% endif %}.{% ifversion fpt or ghec %} If you set your {% data variables.product.prodname_github_app %} registration to public, any user on {% data variables.product.github %} can install it. If you set your {% data variables.product.prodname_github_app %} registration to private, it can only be installed on the account that owns the app.
 
-{% elsif ghes %}If you set your {% data variables.product.prodname_github_app %} registration to public, anyone on your {% data variables.product.prodname_ghe_server %} instance can install it, but the app is not available outside of your instance. If you set your {% data variables.product.prodname_github_app %} registration to private, it can only be installed on the account that owns the app.
-
-{% elsif ghec %}If a {% data variables.product.prodname_github_app %} is created by an {% data variables.product.prodname_emu %}, the "Public" option is disabled and the app is only installable by organizations within the {% data variables.product.prodname_emu %} enterprise. {% data variables.product.prodname_emu %} organizations can set their apps to be installable by any other organization in the enterprise, or just the organization that owns it. Apps created within an {% data variables.product.prodname_emu %} account are never installable on accounts outside of your enterprise.
-
-If a {% data variables.product.prodname_github_app %} registration is owned by an account that is not an {% data variables.product.prodname_emu %}, and the app is set to public, any user on {% data variables.product.github %} can install the app. If you set your {% data variables.product.prodname_github_app %} registration to private, it can only be installed on the account that owns the app.{% endif %}
-
-{% ifversion fpt or ghec %}You can register a {% data variables.product.prodname_github_app %} under your personal account or organization and make it available for other organizations to install. You do not need an enterprise plan or an organization account to make your {% data variables.product.prodname_github_app %} available to an organization even if the organization is owned by an enterprise on {% data variables.product.prodname_ghe_cloud %}.{% endif %}
+{% elsif ghes %} If you set your {% data variables.product.prodname_github_app %} registration to public, anyone on your {% data variables.product.prodname_ghe_server %} instance can install it, but the app is not available outside of your instance. If you set your {% data variables.product.prodname_github_app %} registration to private, it can only be installed on the account that owns the app.{% endif %}
 
 {% ifversion enterprise-apps-public-beta %}
-Additionally, you can register a {% data variables.product.prodname_github_app %} under your enterprise. You can't make this app public, the app can only be installed on organizations within your enterprise, and can only be authorized by members of your enterprise.
+{% data variables.product.prodname_github_apps %} owned by an enterprise account{% ifversion ghec %}, or by a {% data variables.enterprise.prodname_managed_user %} in an enterprise,{% endif %} have "internal" visibility. Internal apps can only be installed by organizations within the enterprise and authorized by users within the enterprise. Members of the enterprise and unaffiliated users can authorize these apps, but outside collaborators cannot.
 {% endif %}
 
 If you want your {% data variables.product.prodname_github_app %} to be available to organizations in a {% data variables.product.prodname_ghe_server %} instance that you are not part of, then you need to take additional steps. For more information, see [AUTOTITLE](/apps/sharing-github-apps/making-your-github-app-available-for-github-enterprise-server).
@@ -52,8 +46,8 @@ Private {% data variables.product.prodname_github_apps %} can only be installed
 
 {% ifversion enterprise-apps-public-beta %}
 
-### Enterprise-owned installation flow
+### "Internal" installation flow
 
-Enterprise-owned {% data variables.product.prodname_github_apps %} can only be installed by organization owners of organizations within the enterprise by using the installation URL. The app can not be installed on user accounts.
+Enterprise-owned {% data variables.product.prodname_github_apps %}{% ifversion ghec %} and apps owned by {% data variables.enterprise.prodname_managed_users %}{% endif %} can only be installed by organization owners of organizations within the enterprise by using the installation URL. The app can not be installed on user accounts.
 
 {% endif %}

content/apps/creating-github-apps/registering-a-github-app/registering-a-github-app.md

@@ -27,8 +27,6 @@ You can register a {% data variables.product.prodname_github_app %} in a few dif
 * Under an **organization you own**.
 * Under an **organization** that has granted you permission to manage all its apps. See [AUTOTITLE](/organizations/managing-programmatic-access-to-your-organization/adding-github-app-managers-in-your-organization).{% ifversion enterprise-apps-public-beta %}
 * Under your **enterprise**, but it can only be installed on organizations within the enterprise.
-
-  {% data reusables.apps.enterprise-apps-beta %}
 {% endif %}
 
 {% data reusables.apps.maximum-github-apps-allowed %}

content/apps/maintaining-github-apps/transferring-ownership-of-a-github-app.md

@@ -17,13 +17,11 @@ shortTitle: Transfer ownership
 
 ## About transferring {% data variables.product.prodname_github_apps %}
 
-The owner of a {% data variables.product.prodname_github_app %} registration can transfer ownership of the {% data variables.product.prodname_github_app %} registration to another user or organization. If an organization has designated any app managers for an app owned by the organization, the app managers can also transfer ownership of the {% data variables.product.prodname_github_app %} registration. For more information about app managers, see [AUTOTITLE](/organizations/managing-programmatic-access-to-your-organization/adding-and-removing-github-app-managers-in-your-organization).
+The owner of a {% data variables.product.prodname_github_app %} registration can transfer ownership of the {% data variables.product.prodname_github_app %} registration to another account. If an organization has designated any app managers for an app owned by the organization, the app managers can also transfer ownership of the {% data variables.product.prodname_github_app %} registration. For more information about app managers, see [AUTOTITLE](/organizations/managing-programmatic-access-to-your-organization/adding-and-removing-github-app-managers-in-your-organization).
 
-You can only transfer ownership to a user or organization. You cannot transfer ownership to a team.
+You can transfer apps from a user or organization to another account. You cannot transfer ownership to a team.
 
-{% ifversion enterprise-apps-public-beta %}
->[!NOTE] If your {% data variables.product.prodname_github_app %} is owned by an enterprise, you cannot transfer ownership.
-{% endif %}
+{% data reusables.apps.transfer-to-enterprise %}
 
 ## Transferring a {% data variables.product.prodname_github_app %} registration
 
@@ -33,6 +31,9 @@ You can only transfer ownership to a user or organization. You cannot transfer o
 1. Select the {% data variables.product.prodname_github_app %} whose ownership you want to transfer.
 {% data reusables.user-settings.github_apps_advanced %}
 1. Click **Transfer ownership**.
-1. Under "Type the name of the {% data variables.product.prodname_github_app %} to confirm", type the name of the {% data variables.product.prodname_github_app %} you want to transfer.
-1. Under "New owner's {% data variables.product.prodname_dotcom %} username or organization name", type the name of the user or organization you want to transfer the {% data variables.product.prodname_github_app %} to.
+1. Under "New owner's {% data variables.product.prodname_dotcom %} {% ifversion fpt or enterprise-apps-public-beta %}username, organization, or enterprise name",{% else %}username or organization name",{% endif %} type the name of the account you want to transfer the {% data variables.product.prodname_github_app %} to.
+{%- ifversion fpt or enterprise-apps-public-beta %}
+1. Select the account from the dropdown that you wish to transfer to. Be aware that enterprises and organizations can have the same name, so check that you are transferring to the correct account type.
+1. If transferring the app would uninstall it from your account, a warning will appear.
+{%- endif %}
 1. Click **Transfer this {% data variables.product.prodname_github_app %}**.

content/code-security/secret-scanning/copilot-secret-scanning/enabling-ai-powered-generic-secret-detection.md

@@ -35,10 +35,11 @@ You can then enable {% data variables.secret-scanning.generic-secret-detection %
 
 ### Enabling {% data variables.secret-scanning.generic-secret-detection %} for your organization
 
-{% data reusables.profile.access_org %}
-{% data reusables.profile.org_settings %}
-{% data reusables.security-configurations.display-global-settings %}
-1. Under "Secret scanning", select the checkbox next to "Scan for generic secrets".
+You must configure {% data variables.secret-scanning.generic-secret-detection %} for your organization using a {% data variables.product.prodname_custom_security_configuration %}. You can then apply the {% data variables.product.prodname_security_configuration %} to all (or selected) repositories in your organization.
+
+1. Create a new {% data variables.product.prodname_custom_security_configuration %}, or edit an existing one. See [AUTOTITLE](/code-security/securing-your-organization/enabling-security-features-in-your-organization/creating-a-custom-security-configuration#creating-a-custom-security-configuration).
+1. When creating the custom security configuration, under "{% data variables.product.prodname_secret_scanning_caps %}", ensure that the dropdown menus for "Alerts" and "Generic secrets" are set to **Enabled**.
+1. Apply the {% data variables.product.prodname_custom_security_configuration %} to one or more repositories. For more information, see [Applying a {% data variables.product.prodname_custom_security_configuration %}](/code-security/securing-your-organization/meeting-your-specific-security-needs-with-custom-security-configurations/applying-a-custom-security-configuration).
 
 For information on how to view alerts for generic secrets that have been detected using AI, see [AUTOTITLE](/code-security/secret-scanning/managing-alerts-from-secret-scanning/viewing-alerts).
 

data/reusables/apps/transfer-to-enterprise.md

@@ -0,0 +1,8 @@
+{% ifversion enterprise-apps-public-beta %}
+You can also transfer ownership of a **private** or **internal** app from a user or organization to an enterprise account that the owner belongs to. When you do this:
+
+* The app's visibility becomes **internal** if it was not previously, making it available to install in any organization in the enterprise. The app is not uninstalled from any organization.
+* The app is uninstalled from all user accounts. Because transfers are limited to private and internal apps, this will only ever be your own user account.
+
+For more information about app visibility, see [AUTOTITLE](/apps/creating-github-apps/registering-a-github-app/making-a-github-app-public-or-private).
+{% endif %}