Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Secure me #18906

Open
wants to merge 9,905 commits into
base: 123MwanjeMike-patch-2
Choose a base branch
from
Open

Secure me #18906

wants to merge 9,905 commits into from

Conversation

Mikec90
Copy link

@Mikec90 Mikec90 commented Jul 1, 2022
edited

Why:

Closes [issue link]

What's being changed (if available, include any code snippets, screenshots, or gifs):

Check off the following:

  • I have reviewed my changes in staging (look for the "Automatically generated comment" and click the links in the "Preview" column to view your latest changes).
  • For content changes, I have completed the self-review checklist.

Writer impact (This section is for GitHub staff members only):

  • This pull request impacts the contribution experience
    • I have added the 'writer impact' label
    • I have added a description and/or a video demo of the changes below (e.g. a "before and after video")

ethanpalm and others added 30 commits Jan 26, 2022
@ethanpalm
Add image for raw file button
90858fa
@ethanpalm
Change download to copy
cf0f4fe
@ethanpalm
Merge branch 'main' into patch-1
3029c6d
@ethanpalm
remove translations to fix test
b025fde
@ethanpalm
Merge branch 'patch-1' of https://github.com/cadamini/docs into pr/14115
b11bce4
@joshspicer
Update allowing-your-codespace-to-access-a-private-image-registry.md
a546e57
@znull
Add github apps permissions for replica cache monitoring API (#24675)
f96b7ff
@lucascosti
Add section for self-hosted runner network check (#24542)
0358910
@mikesurowiec
Use registry + local cache instead of gha (#24658)
7593b2d
@actions-user
update search indexes
ddb2951
@jules-p @lucascosti
Update content/admin/policies/enforcing-policies-for-your-enterprise/…
2bd5aa7 
…enforcing-policies-for-github-actions-in-your-enterprise.md

Co-authored-by: Lucas Costi <lucascosti@users.noreply.github.com>
@jules-p @lucascosti
Update content/repositories/managing-your-repositorys-settings-and-fe…
7ac70fd 
…atures/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository.md

Co-authored-by: Lucas Costi <lucascosti@users.noreply.github.com>
@jules-p @lucascosti
Update content/organizations/managing-organization-settings/disabling…
cdd8c11 
…-or-limiting-github-actions-for-your-organization.md

Co-authored-by: Lucas Costi <lucascosti@users.noreply.github.com>
@jules-p
Merge branch 'main' into jules-4170
9e2cb58
@jules-p
Merge pull request #24424 from github/jules-4170
34ed49f 
Explains limitations of workflow settings for private forks
@ivyharriet
Merge branch 'main' into ivyharriet-jules-p-dev-docset
b3d564b
@actions-user
update search indexes
7c79dd8
@jules-p
adds feature based versioning
9dc8187
@pnsk @mchammer01
Update description for support entitlements (#24340)
9141a37 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
@peterbe
delete customRanking (#24659)
3c579b4
@catto @lecoursen
Update audit-logging.md (#24705)
3ab832f 
Co-authored-by: Laura Coursen <lecoursen@github.com>
@skedwards88
Add section on workflow_call keys (#24637)
353bba9
@peterbe
Revert "Bump helmet from 4.6.0 to 5.0.2 (#24573)" (#24722)
7335ccc 
This reverts commit ac55cca.
@peterbe
graphql-explorer.githubapp.com is no more (#24720)
9512ea5
@ethanpalm
Update @primer/octicons to 16.3.0 (#24688)
bd1280b 
* Update primer/octicons to 16.3.0

* Update package-lock.json
@dependabot @heiskr
Bump nanoid from 3.1.30 to 3.2.0 (#24723)
226d6d6 
Bumps [nanoid](https://github.com/ai/nanoid) from 3.1.30 to 3.2.0.
- [Release notes](https://github.com/ai/nanoid/releases)
- [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md)
- [Commits](ai/nanoid@3.1.30...3.2.0)

---
updated-dependencies:
- dependency-name: nanoid
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Kevin Heis <heiskr@users.noreply.github.com>
@peterbe
test that youtube embeds work (#24726)
fa00513 
* test that YouTube embeds work

* tidying
@saritai @felicitymay
Update content/code-security/supply-chain-security/understanding-your…
c412c74 
…-software-supply-chain/about-the-dependency-graph.md

Co-authored-by: Felicity Chapman <felicitymay@github.com>
@docubot @heiskr
New translation batch for es (#24668)
ac699d2 
* Add crowdin translations

* Run script/i18n/homogenize-frontmatter.js

* Run script/i18n/fix-translation-errors.js

* Run script/i18n/lint-translation-files.js --check parsing

* run script/i18n/reset-files-with-broken-liquid-tags.js --language=es

* run script/i18n/reset-known-broken-translation-files.js

Co-authored-by: Kevin Heis <heiskr@users.noreply.github.com>
@dependabot @heiskr
Bump @jest/globals from 27.4.2 to 27.4.6 (#24579)
da1cf9a 
Bumps [@jest/globals](https://github.com/facebook/jest/tree/HEAD/packages/jest-globals) from 27.4.2 to 27.4.6.
- [Release notes](https://github.com/facebook/jest/releases)
- [Changelog](https://github.com/facebook/jest/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/jest/commits/v27.4.6/packages/jest-globals)

---
updated-dependencies:
- dependency-name: "@jest/globals"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Kevin Heis <heiskr@users.noreply.github.com>
dependabot bot and others added 19 commits Feb 2, 2022
@dependabot @rsese
Bump @babel/eslint-parser from 7.16.3 to 7.16.5 (#24894)
b653d71 
Bumps [@babel/eslint-parser](https://github.com/babel/babel/tree/HEAD/eslint/babel-eslint-parser) from 7.16.3 to 7.16.5.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.16.5/eslint/babel-eslint-parser)

---
updated-dependencies:
- dependency-name: "@babel/eslint-parser"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Robert Sese <robert.sese@gmail.com>
@Octomerger
Merge pull request github#14940 from github/repo-sync
f4a3318 
repo sync
@dependabot @rsese
Bump prettier from 2.5.0 to 2.5.1 (#24921)
64415b8 
Bumps [prettier](https://github.com/prettier/prettier) from 2.5.0 to 2.5.1.
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md)
- [Commits](prettier/prettier@2.5.0...2.5.1)

---
updated-dependencies:
- dependency-name: prettier
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Robert Sese <robert.sese@gmail.com>
@Octomerger
Merge branch 'main' into repo-sync
f923e62
@Octomerger
Merge pull request github#14942 from github/repo-sync
f3b3fe6 
repo sync
@ivyharriet
Merge branch 'main' into ivyharriet-jules-p-dev-docset
9e30bf1
@ivyharriet
Merge pull request #22956 from github/ivyharriet-jules-p-dev-docset
607bd1d 
Move 'Customizing your GitHub workflow' and 'Extending GitHub' content out of GitHub docset
@Octomerger
Merge branch 'main' into repo-sync
2868933
@Octomerger
Merge pull request github#14945 from github/repo-sync
7cc07bf 
repo sync
@actions-user
update search indexes
faca853
@Octomerger
Merge branch 'main' into repo-sync
6799cb2
@Octomerger
Merge pull request github#14947 from github/repo-sync
520de73 
repo sync
@dependabot
Bump follow-redirects from 1.14.7 to 1.14.9
9b7b5c9 
Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.7 to 1.14.9.
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](follow-redirects/follow-redirects@v1.14.7...v1.14.9)

---
updated-dependencies:
- dependency-name: follow-redirects
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@snyk-bot
fix: translations/zh-CN/content/actions/creating-actions/dockerfile-s…
dcd605d 
…upport-for-github-actions.md to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-DEBIAN9-APT-407402
- https://snyk.io/vuln/SNYK-DEBIAN9-DPKG-2847943
- https://snyk.io/vuln/SNYK-DEBIAN9-E2FSPROGS-540843
- https://snyk.io/vuln/SNYK-DEBIAN9-LIBGCRYPT20-1582895
- https://snyk.io/vuln/SNYK-DEBIAN9-TAR-312293
@Mikec90
Merge pull request #66 from Mikec90/snyk-fix-02e6783adee8359377ecda98…
aff3d35 
…cbd4c7d3

[Snyk] Security upgrade debian from 9.5-slim to buster-20220527-slim
@Mikec90
Bot update
57fda7e
@Mikec90
Private
1fe0d6a
@Mikec90
Merge pull request #9 from Mikec90/dependabot/npm_and_yarn/follow-red…
f15695c 
…irects-1.14.9

Bump follow-redirects from 1.14.7 to 1.14.9
@Mikec90
Go bot
2578d10
@Mikec90 Mikec90 requested review from as code owners Jul 1, 2022
@welcome
Copy link

@welcome welcome bot commented Jul 1, 2022

Thanks for opening this pull request! A GitHub docs team member should be by to give feedback soon. In the meantime, please check out the contributing guidelines.

@github-actions github-actions bot added the triage label Jul 1, 2022
@github-actions github-actions bot added this to Triage in Docs open source board Jul 1, 2022
@cmwilson21 cmwilson21 added invalid and removed triage invalid labels Jul 5, 2022
@FW4248

This comment was marked as spam.

Sign in to view
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@github/site-policy-admins site-policy-admins

@github/docs-localization docs-localization

@github/docs-engineering docs-engineering

Assignees
No one assigned
Labels
invalid
Projects
Docs open source board
Triage
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet