Skip to content

Commit

Permalink
Merge pull request github#35729 from github/repo-sync
Browse files Browse the repository at this point in the history
Repo sync
  • Loading branch information
docs-bot authored Dec 20, 2024
2 parents ffde878 + 93c8546 commit 2eedaa9
Show file tree
Hide file tree
Showing 7 changed files with 52 additions and 7 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -233,7 +233,7 @@ By default, a group will include all types of dependencies.

### `patterns` and `exclude-patterns` (`groups`)

Both options support using `*` as a wild card to define matches with dependency names.
Both options support using `*` as a wild card to define matches with dependency names. If a dependency matches both a pattern and an exclude-pattern, then it is excluded from the group.

### `update-types` (`groups`)

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ On {% data variables.product.github %}, you can use {% data variables.product.pr

## Powered by skills

{% data variables.product.prodname_copilot_short %} is powered by a collection of skills that are dynamically selected based on the question you ask. You can tell which skill {% data variables.product.prodname_copilot_short %} used by clicking {% octicon "chevron-down" aria-label="the down arrow" %} to expand the status information in the chat window.
When using the GPT-4o and {% data variables.copilot.copilot_claude_sonnet %} models, {% data variables.product.prodname_copilot_short %} has access to a collection of skills to fetch data from {% data variables.product.github %}, which are dynamically selected based on the question you ask. You can tell which skill {% data variables.product.prodname_copilot_short %} used by clicking {% octicon "chevron-down" aria-label="the down arrow" %} to expand the status information in the chat window.

![Screenshot of the {% data variables.product.prodname_copilot_short %} chat panel with the status information expanded and the skill that was used highlighted with an orange outline.](/assets/images/help/copilot/chat-show-skill.png)

Expand Down Expand Up @@ -71,7 +71,7 @@ The skills you can use in {% data variables.product.prodname_copilot_chat_dotcom

### Limitations of AI models for {% data variables.product.prodname_copilot_chat_short %}

* If you want to use the skills listed in the table above{% ifversion ghec %}, or knowledge bases{% endif %}, on the {% data variables.product.github %} website, you must use the `gpt-4o` model.
* If you want to use the skills listed in the table above{% ifversion ghec %}, or knowledge bases{% endif %}, on the {% data variables.product.github %} website, only the GPT 4o and {% data variables.copilot.copilot_claude_sonnet %} models are supported.
* Experimental pre-release versions of the models may not interact with all filters correctly, including the duplication detection filter.

### Changing your AI model
Expand Down
2 changes: 1 addition & 1 deletion data/reusables/actions/environment-example.md
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ jobs:

When the above workflow runs, the `deployment` job will be subject to any rules configured for the `production` environment. For example, if the environment requires reviewers, the job will pause until one of the reviewers approves the job.

You can also specify a URL for the environment. The specified URL will appear on the deployments page for the repository (accessed by clicking **Environments** on the home page of your repository) and in the visualization graph for the workflow run. If a pull request triggered the workflow, the URL is also displayed as a **View deployment** button in the pull request timeline.
You can also specify a URL for the environment. The specified URL will appear on the deployments page for the repository (accessed by clicking **Environments** on the home page of your repository) and in the visualization graph for the workflow run. If a pull request triggered the workflow, the URL is also displayed as a **View deployment** button in the pull request timeline. When using the "Require deployments to succeed before merging" rule, only the `name` specified is being checked even if a URL has also been specified. See [AUTOTITLE](/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#require-deployments-to-succeed-before-merging).

```yaml
name: Deployment
Expand Down
1 change: 1 addition & 0 deletions data/reusables/actions/runner-essential-communications.md
Original file line number Diff line number Diff line change
Expand Up @@ -45,6 +45,7 @@ github-registry-files.githubusercontent.com

```shell copy
*.pkg.github.com
pkg-containers.githubusercontent.com
ghcr.io
```

Expand Down
2 changes: 1 addition & 1 deletion data/reusables/dependabot/private-dependencies-note.md
Original file line number Diff line number Diff line change
@@ -1 +1 @@
When running security or version updates, some ecosystems must be able to resolve all dependencies from their source to verify that updates have been successful. If your manifest or lock files contain any private dependencies, {% data variables.product.prodname_dependabot %} must be able to access the location at which those dependencies are hosted. Organization owners can grant {% data variables.product.prodname_dependabot %} access to private repositories containing dependencies for a project within the same organization. For more information, see "[AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#allowing-dependabot-to-access-private{% ifversion ghec or ghes %}-or-internal{% endif %}-dependencies)." You can configure access to private registries in a repository's `dependabot.yml` configuration file. For more information, see "[AUTOTITLE](/code-security/dependabot/working-with-dependabot/dependabot-options-reference#configuration-options-for-private-registries)."
When running security or version updates, some ecosystems must be able to resolve all dependencies from their source to verify that updates have been successful. If your manifest or lock files contain any private dependencies, {% data variables.product.prodname_dependabot %} must be able to access the location at which those dependencies are hosted. Organization owners can grant {% data variables.product.prodname_dependabot %} access to private repositories containing dependencies for a project within the same organization. For more information, see [AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#allowing-dependabot-to-access-private{% ifversion ghec or ghes %}-or-internal{% endif %}-dependencies). You can configure access to private registries in a repository's `dependabot.yml` configuration file. For more information, see [AUTOTITLE](/code-security/dependabot/working-with-dependabot/configuring-access-to-private-registries-for-dependabot).
44 changes: 44 additions & 0 deletions src/secret-scanning/data/public-docs.yml
Original file line number Diff line number Diff line change
Expand Up @@ -955,6 +955,17 @@
hasPushProtection: true
hasValidityCheck: false
isduplicate: false
- provider: Databento
supportedSecret: Databento API Key
secretType: databento_api_key
versions:
fpt: '*'
ghec: '*'
isPublic: true
isPrivateWithGhas: false
hasPushProtection: false
hasValidityCheck: false
isduplicate: false
- provider: Databricks
supportedSecret: Databricks Access Token
secretType: databricks_access_token
Expand Down Expand Up @@ -1998,6 +2009,28 @@
hasPushProtection: false
hasValidityCheck: false
isduplicate: false
- provider: Lichess
supportedSecret: Lichess OAuth Access Token
secretType: lichess_oauth_access_token
versions:
fpt: '*'
ghec: '*'
isPublic: true
isPrivateWithGhas: false
hasPushProtection: false
hasValidityCheck: false
isduplicate: false
- provider: Lichess
supportedSecret: Lichess Personal Access Token
secretType: lichess_personal_access_token
versions:
fpt: '*'
ghec: '*'
isPublic: true
isPrivateWithGhas: false
hasPushProtection: false
hasValidityCheck: false
isduplicate: false
- provider: Lightspeed
supportedSecret: Lightspeed Personal Access Token
secretType: lightspeed_xs_pat
Expand Down Expand Up @@ -2488,6 +2521,17 @@
hasPushProtection: true
hasValidityCheck: '{% ifversion fpt or ghes %}false{% else %}true{% endif %}'
isduplicate: true
- provider: OpenRouter
supportedSecret: OpenRouter API Key
secretType: openrouter_api_key
versions:
fpt: '*'
ghec: '*'
isPublic: true
isPrivateWithGhas: false
hasPushProtection: false
hasValidityCheck: false
isduplicate: false
- provider: Orbit
supportedSecret: Orbit API Token
secretType: orbit_api_token
Expand Down
4 changes: 2 additions & 2 deletions src/secret-scanning/lib/config.json
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
{
"sha": "e6054aab2e4808013fc252da4eecc896e43a5ffc",
"blob-sha": "ad9b0dbbff0337145d4929b99b65877c4b1ebeed",
"sha": "cc2ad2addc1a78be626037470b48db546e8a35ec",
"blob-sha": "7cd3674e6d0419376506fc41828588bd3eaed01d",
"targetFilename": "code-security/secret-scanning/introduction/supported-secret-scanning-patterns"
}

0 comments on commit 2eedaa9

Please sign in to comment.