Repo sync test

.github/allowed-actions.js

@@ -39,6 +39,6 @@ module.exports = [
   "repo-sync/pull-request@33777245b1aace1a58c87a29c90321aa7a74bd7d",
   "someimportantcompany/github-actions-slack-message@0b470c14b39da4260ed9e3f9a4f1298a74ccdefd",
   "tjenkinson/gh-action-auto-merge-dependency-updates@4d7756c04d9d999c5968697a621b81c47f533d61",
-  "EndBug/add-and-commit@9358097a71ad9fb9e2f9624c6098c89193d83575",
+  "EndBug/add-and-commit@b3c7c1e078a023d75fb0bd326e02962575ce0519",
   "dorny/paths-filter@eb75a1edc117d3756a18ef89958ee59f9500ba58",
 ];

.github/workflows/openapi-decorate.yml

@@ -25,13 +25,10 @@ jobs:
         run: script/rest/update-files.js --decorate-only
 
       - name: Check in the decorated files
-        uses: EndBug/add-and-commit@9358097a71ad9fb9e2f9624c6098c89193d83575
+        uses: EndBug/add-and-commit@b3c7c1e078a023d75fb0bd326e02962575ce0519
         with:
           # The arguments for the `git add` command
           add: 'lib/rest/static/decorated'
 
           # The message for the commit
           message: 'Add decorated OpenAPI schema files'
-
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Leave this line unchanged

content/github/administering-a-repository/about-dependabot-version-updates.md

@@ -40,7 +40,9 @@ You can configure version updates for repositories that contain a dependency man
 
 {% note %}
 
-{% data reusables.dependabot.private-dependencies-note %} Additionally, {% data variables.product.prodname_dependabot %} doesn't support private {% data variables.product.prodname_dotcom %} dependencies for all package managers. See the details in the table below.
+{% data reusables.dependabot.private-dependencies-note %} 
+
+{% data variables.product.prodname_dependabot %} doesn't support private {% data variables.product.prodname_dotcom %} dependencies for all package managers. See the details in the table below.
 
 {% endnote %}
 

content/github/administering-a-repository/enabling-and-disabling-version-updates.md

@@ -18,9 +18,12 @@ You enable {% data variables.product.prodname_dependabot_version_updates %} by c
 
 ### Enabling {% data variables.product.prodname_dependabot_version_updates %}
 
-{% data reusables.dependabot.create-dependabot-yml %}
-1. Use `package-ecosystem` to specify the package managers to monitor.
+{% data reusables.dependabot.create-dependabot-yml %} For information, see "[Configuration options for dependency updates](/github/administering-a-repository/configuration-options-for-dependency-updates)."
+1. Add a `version`. 
+1. Optionally, if you have dependencies in a private registry, add a `registries` section containing authentication details. 
+1. Add an `updates` section, with an entry for each package manager you want {% data variables.product.prodname_dependabot %} to monitor.
 1. For each package manager, use:
+    - `package-ecosystem` to specify the package manager.
     - `directory` to specify the location of the manifest or other definition files.
     - `schedule.interval` to specify how often to check for new versions.
 {% data reusables.dependabot.check-in-dependabot-yml %}

content/github/administering-a-repository/index.md

@@ -64,6 +64,7 @@ versions:
     {% link_in_list /enabling-and-disabling-version-updates %}
     {% link_in_list /listing-dependencies-configured-for-version-updates %}
     {% link_in_list /managing-pull-requests-for-dependency-updates %}
+    {% link_in_list /managing-encrypted-secrets-for-dependabot %}
     {% link_in_list /customizing-dependency-updates %}
     {% link_in_list /configuration-options-for-dependency-updates %}
     {% link_in_list /keeping-your-actions-up-to-date-with-dependabot %}

content/github/administering-a-repository/managing-encrypted-secrets-for-dependabot.md

@@ -0,0 +1,72 @@
+---
+title: Managing encrypted secrets for Dependabot
+intro: You can store sensitive information, like passwords and access tokens, as encrypted secrets and then reference these in the {% data variables.product.prodname_dependabot %} configuration file.
+versions:
+  free-pro-team: '*'
+---
+
+### About encrypted secrets for {% data variables.product.prodname_dependabot %}
+
+{% data variables.product.prodname_dependabot %} secrets are encrypted credentials that you create at either the organization level or the repository level.
+When you add a secret at the organization level, you can specify which repositories can access the secret. You can use secrets to allow {% data variables.product.prodname_dependabot %} to update dependencies located in private package registries. When you add a secret it's encrypted before it reaches {% data variables.product.prodname_dotcom %} and it remains encrypted until it's used by {% data variables.product.prodname_dependabot %} to access a private package registry.
+
+After you add a {% data variables.product.prodname_dependabot %} secret, you can reference it in the _dependabot.yml_ configuration file like this: {% raw %}`${{secrets.NAME}}`{% endraw %}, where "NAME" is the name you chose for the secret. For example: 
+
+{% raw %}
+```yaml
+password: ${{secrets.MY_ARTIFACTORY_PASSWORD}}
+```
+{% endraw %}
+
+For more information, see "[Configuration options for dependency updates](/github/administering-a-repository/configuration-options-for-dependency-updates#configuration-options-for-private-registries)."
+
+#### Naming your secrets
+
+The name of a {% data variables.product.prodname_dependabot %} secret:
+* Can only contain alphanumeric characters (`[A-Z]`, `[0-9]`) or underscores (`_`). Spaces are not allowed. If you enter lowercase letters these are changed to uppercase.
+* Must not start with the `GITHUB_` prefix.
+* Must not start with a number.
+
+### Adding a repository secret for {% data variables.product.prodname_dependabot %}
+
+{% data reusables.github-actions.permissions-statement-secrets-repository %}
+
+{% data reusables.repositories.navigate-to-repo %}
+{% data reusables.repositories.sidebar-settings %}
+{% data reusables.github-actions.sidebar-secret %}
+{% data reusables.dependabot.dependabot-secrets-button %}
+1. Click **New repository secret**.
+1. Type a name for your secret in the **Name** input box.
+1. Enter the value for your secret.
+1. Click **Add secret**.
+
+   The name of the secret is listed on the Dependabot secrets page. You can click **Update** to change the secret value. You can click **Remove** to delete the secret.
+
+   ![Update or remove a repository secret](/assets/images/help/dependabot/update-remove-repo-secret.png)
+
+### Adding an organization secret for {% data variables.product.prodname_dependabot %}
+
+When creating a secret in an organization, you can use a policy to limit which repositories can access that secret. For example, you can grant access to all repositories, or limit access to only private repositories or a specified list of repositories.
+
+{% data reusables.github-actions.permissions-statement-secrets-organization %}
+
+{% data reusables.organizations.navigate-to-org %}
+{% data reusables.organizations.org_settings %}
+{% data reusables.github-actions.sidebar-secret %}
+{% data reusables.dependabot.dependabot-secrets-button %}
+1. Click **New organization secret**.
+1. Type a name for your secret in the **Name** input box.
+1. Enter the **Value** for your secret.
+1. From the **Repository access** dropdown list, choose an access policy.
+1. If you chose **Selected repositories**:
+
+   * Click {% octicon "gear" aria-label="The Gear icon" %}.
+   * Choose the repositories that can access this secret. 
+     ![Select repositories for this secret](/assets/images/help/dependabot/secret-repository-access.png)
+   * Click **Update selection**.
+
+1. Click **Add secret**.
+
+   The name of the secret is listed on the Dependabot secrets page. You can click **Update** to change the secret value or its access policy. You can click **Remove** to delete the secret.
+
+   ![Update or remove an organization secret](/assets/images/help/dependabot/update-remove-repo-secret.png)

content/github/managing-security-vulnerabilities/troubleshooting-dependabot-errors.md

@@ -76,9 +76,20 @@ There are separate limits for security and version update pull requests, so that
 
 The best way to resolve this error is to merge or close some of the existing pull requests and trigger a new pull request manually. For more information, see "[Triggering a {% data variables.product.prodname_dependabot %} pull request manually](#triggering-a-dependabot-pull-request-manually)."
 
-#### {% data variables.product.prodname_dependabot %} can't resolve your dependency files
+#### {% data variables.product.prodname_dependabot %} can't resolve or access your dependencies
 
-If {% data variables.product.prodname_dependabot %} attempts to check whether dependency references need to be updated in a repository, but can't access one or more of the referenced files, the operation will fail with the error message "{% data variables.product.prodname_dependabot %} can't resolve your LANGUAGE dependency files." The API error type is `git_dependencies_not_reachable`.  
+If {% data variables.product.prodname_dependabot %} attempts to check whether dependency references need to be updated in a repository, but can't access one or more of the referenced files, the operation will fail with the error message "{% data variables.product.prodname_dependabot %} can't resolve your LANGUAGE dependency files." The API error type is `git_dependencies_not_reachable`.
+
+Similarly, if {% data variables.product.prodname_dependabot %} can't access a private package registry in which a dependency is located, one of the following errors is generated:
+
+*	"Dependabot can't reach a dependency in a private package registry"<br>
+   (API error type: `private_source_not_reachable`)
+*	"Dependabot can't authenticate to a private package registry"<br>
+   (API error type:`private_source_authentication_failure`)
+*	"Dependabot timed out while waiting for a private package registry"<br>
+   (API error type:`private_source_timed_out`)
+*	"Dependabot couldn't validate the certificate for a private package registry"<br>
+   (API error type:`private_source_certificate_failure`)
 
 To allow {% data variables.product.prodname_dependabot %} to update the dependency references successfully, make sure that all of the referenced dependencies are hosted at accessible locations. 
 

content/github/setting-up-and-managing-organizations-and-teams/managing-security-and-analysis-settings-for-your-organization.md

@@ -94,13 +94,17 @@ You can enable or disable features for all repositories. {% if currentVersion ==
 
 {% if currentVersion == "free-pro-team@latest" %}
 
-### Allowing Dependabot to access private repositories
+### Allowing {% data variables.product.prodname_dependabot %} to access private dependencies
 
 {% data reusables.dependabot.beta-note %}
 
-{% data variables.product.prodname_dependabot %} can check for outdated dependency references in a project and automatically generate a pull request to update them. To do this, {% data variables.product.prodname_dependabot %} must have access to all of the targeted dependency files. Typically, version updates will fail if one or more dependencies are inaccessible.
+{% data variables.product.prodname_dependabot %} can check for outdated dependency references in a project and automatically generate a pull request to update them. To do this, {% data variables.product.prodname_dependabot %} must have access to all of the targeted dependency files. Typically, version updates will fail if one or more dependencies are inaccessible. For more information, see "[About {% data variables.product.prodname_dependabot %} version updates](/github/administering-a-repository/about-dependabot-version-updates)."
 
-By default, {% data variables.product.prodname_dependabot %} can't update dependencies that are located in private repositories. However, if a dependency is in a private {% data variables.product.prodname_dotcom %} repository within the same organization as the project that uses that dependency, you can allow {% data variables.product.prodname_dependabot %} to update the version successfully by giving it access to the host repository. For more information, including details of limitations to private dependency support, see "[About Dependabot version updates](/github/administering-a-repository/about-dependabot-version-updates)."
+By default, {% data variables.product.prodname_dependabot %} can't update dependencies that are located in private repositories or private package registries. However, if a dependency is in a private {% data variables.product.prodname_dotcom %} repository within the same organization as the project that uses that dependency, you can allow {% data variables.product.prodname_dependabot %} to update the version successfully by giving it access to the host repository.
+
+If your code depends on packages in a private registry, you can allow {% data variables.product.prodname_dependabot %} to update the versions of these dependencies by configuring this at the repository level. You do this by adding authentication details to the _dependabot.yml_ file for the repository. For more information, see "[Configuration options for dependency updates](/github/administering-a-repository/configuration-options-for-dependency-updates#configuration-options-for-private-registries)."
+
+To allow {% data variables.product.prodname_dependabot %} to access a private {% data variables.product.prodname_dotcom %} repository:
 
 1. Go to the security and analysis settings for your organization. For more information, see "[Displaying the security and analysis settings](#displaying-the-security-and-analysis-settings)."
 1. Under "{% data variables.product.prodname_dependabot %} private repository access", click **Add private repositories** or **Add internal and private repositories**.

data/reusables/dependabot/dependabot-secrets-button.md

@@ -0,0 +1,2 @@
+1. In the sidebar, click **{% data variables.product.prodname_dependabot %}**.
+   ![{% data variables.product.prodname_dependabot %} secrets sidebar option](/assets/images/help/dependabot/dependabot-secrets.png)

data/reusables/dependabot/private-dependencies-note.md

@@ -1,3 +1 @@
-When running security or version updates, some ecosystems must be able to resolve all dependencies from their source to verify that updates have been successful. If your manifest or lock files contain any private dependencies, {% data variables.product.prodname_dependabot %} must be able to access the location at which those dependencies are hosted. Organization owners can grant {% data variables.product.prodname_dependabot %} access to private repositories containing dependencies for a project within the same organization. For more information, see "[Managing security and analysis settings for your organization](/github/setting-up-and-managing-organizations-and-teams/managing-security-and-analysis-settings-for-your-organization#allowing-dependabot-to-access-private-repositories)."
-
-Currently, {% data variables.product.prodname_dependabot %} version updates doesn't support manifest or lock files that contain any dependencies hosted in private registries, or in private {% data variables.product.prodname_dotcom %} repositories that belong to a different organization than the dependent project. 
+When running security or version updates, some ecosystems must be able to resolve all dependencies from their source to verify that updates have been successful. If your manifest or lock files contain any private dependencies, {% data variables.product.prodname_dependabot %} must be able to access the location at which those dependencies are hosted. Organization owners can grant {% data variables.product.prodname_dependabot %} access to private repositories containing dependencies for a project within the same organization. For more information, see "[Managing security and analysis settings for your organization](/github/setting-up-and-managing-organizations-and-teams/managing-security-and-analysis-settings-for-your-organization#allowing-dependabot-to-access-private-dependencies)." You can configure access to private registries in a repository's _dependabot.yml_ configuration file. For more information, see "[Configuration options for dependency updates](/github/administering-a-repository/configuration-options-for-dependency-updates#configuration-options-for-private-registries)."

data/reusables/dependabot/supported-package-managers.md

@@ -1,30 +1,30 @@
 The following table shows, for each package manager:
 - The YAML value to use in the *dependabot.yml* file
 - The supported versions of the package manager
-- Whether dependencies in private {% data variables.product.prodname_dotcom %} repositories are supported
+- Whether dependencies in private {% data variables.product.prodname_dotcom %} repositories or registries are supported
 - Whether vendored dependencies are supported
 
-Package manager | YAML value | Supported versions | Private repositories | Vendoring 
---- | --- | --- |:---:|:---:
-Bundler | `bundler` | v1 | | **✓** |
-Cargo | `cargo` | v1 | **✓** | |
-Composer | `composer` | v1, v2  | **✓** | |
-Docker | `docker` | v1 | **✓** | |
-Elixir | `mix` | v1 | | |
-Elm | `elm` | v0.18, v0.19 | **✓** | |
-git submodule | `gitsubmodule` | N/A (no version) | **✓** | |
-GitHub Actions | `github-actions` |  N/A (no version) | **✓** | |
-Go modules | `gomod` | v1 | **✓** | **✓** |
-Gradle | `gradle` | N/A (no version)<sup>[1]</sup> | **✓** | |
-Maven | `maven` | N/A (no version)<sup>[2]</sup> | **✓** | |
-npm | `npm` | v6, v7 | **✓** | |
-NuGet | `nuget` | <= 4.8<sup>[3]</sup> | **✓** | |
-pip | `pip` | v20 | | |
-pipenv | `pip` | <= 2018.11.26 | | |
-pip-compile | `pip` | 5.5.0 | | |
-poetry | `pip` | v1 | | |
-Terraform | `terraform` | <= 0.11 | **✓** | |
-yarn | `npm` | v1 | **✓** | |
+Package manager | YAML value      | Supported versions | Private repositories | Private registries | Vendoring 
+---------------|------------------|------------------|:---:|:---:|:---:
+Bundler        | `bundler`        | v1               | | **✓** | **✓** |
+Cargo          | `cargo`          | v1               | **✓** | **✓** | |
+Composer       | `composer`       | v1, v2           | **✓** | **✓** | |
+Docker         | `docker`         | v1               | **✓** | **✓** | |
+Hex            | `mix`            | v1               | | **✓** | |
+elm-package    | `elm`            | v0.18, v0.19     | **✓** | **✓** | |
+git submodule  | `gitsubmodule`   | N/A (no version) | **✓** | **✓** | |
+GitHub Actions | `github-actions` | N/A (no version) | **✓** | **✓** | |
+Go modules     | `gomod`          | v1               | **✓** | **✓** | **✓** |
+Gradle         | `gradle`         | N/A (no version)<sup>[1]</sup>   | **✓** | **✓** | |
+Maven          | `maven`          | N/A (no version)<sup>[2]</sup>   | **✓** | **✓** | |
+npm            | `npm`            | v6, v7           | **✓** | **✓** | |
+NuGet          | `nuget`          | <= 4.8<sup>[3]</sup> | **✓** | **✓** | |
+pip            | `pip`            | v20              | | **✓** | |
+pipenv         | `pip`            | <= 2018.11.26    | | **✓** | |
+pip-compile    | `pip`            | 5.5.0            | | **✓** | |
+poetry         | `pip`            | v1               | | **✓** | |
+Terraform      | `terraform`      | <= 0.11          | **✓** | **✓** | |
+yarn           | `npm`            | v1               | **✓** | **✓** | |
 
 [1] {% data variables.product.prodname_dependabot %} doesn't run Gradle but supports updates to the following files: `build.gradle` and `build.gradle.kts` (for Kotlin projects).
 

includes/footer.html

@@ -12,7 +12,7 @@ <h4 class="mb-3 text-mono text-gray-light text-normal">{% data ui.footer.product
           <li class="lh-condensed mb-3"><a href="https://github.com/features" class="link-gray">{% data ui.footer.product.links.features %}</a></li>
           <li class="lh-condensed mb-3"><a href="https://github.com/security" class="link-gray">{% data ui.footer.product.links.security %}</a></li>
           <li class="lh-condensed mb-3"><a href="https://github.com/enterprise" class="link-gray">{% data ui.footer.product.links.enterprise %}</a></li>
-          <li class="lh-condensed mb-3"><a href="https://github.com/case-studies?type=customers" class="link-gray">{% data ui.footer.product.links.case_studies %}</a></li>
+          <li class="lh-condensed mb-3"><a href="https://github.com/customer-stories?type=enterprise" class="link-gray">{% data ui.footer.product.links.case_studies %}</a></li>
           <li class="lh-condensed mb-3"><a href="https://github.com/pricing" class="link-gray">{% data ui.footer.product.links.pricing %}</a></li>
           <li class="lh-condensed mb-3"><a href="https://resources.github.com" class="link-gray">{% data ui.footer.product.links.resources %}</a></li>
         </ul>