Repo sync

content/actions/writing-workflows/choosing-when-your-workflow-runs/events-that-trigger-workflows.md

@@ -1353,19 +1353,26 @@ jobs:
                artifact_id: matchArtifact.id,
                archive_format: 'zip',
             });
-            let fs = require('fs');
-            fs.writeFileSync(`${process.env.GITHUB_WORKSPACE}/pr_number.zip`, Buffer.from(download.data));
+            const fs = require('fs');
+            const path = require('path');
+            const temp = '{% raw %}${{ runner.temp }}{% endraw %}/artifacts';
+            if (!fs.existsSync(temp)){
+              fs.mkdirSync(temp);
+            }
+            fs.writeFileSync(path.join(temp, 'pr_number.zip'), Buffer.from(download.data));
 
       - name: 'Unzip artifact'
-        run: unzip pr_number.zip
+        run: unzip pr_number.zip -d "{% raw %}${{ runner.temp }}{% endraw %}/artifacts"
 
       - name: 'Comment on PR'
         uses: {% data reusables.actions.action-github-script %}
         with:
           github-token: {% raw %}${{ secrets.GITHUB_TOKEN }}{% endraw %}
           script: |
-            let fs = require('fs');
-            let issue_number = Number(fs.readFileSync('./pr_number'));
+            const fs = require('fs');
+            const path = require('path');
+            const temp = '{% raw %}${{ runner.temp }}{% endraw %}/artifacts';
+            const issue_number = Number(fs.readFileSync(path.join(temp, 'pr_number')));
             await github.rest.issues.createComment({
               owner: context.repo.owner,
               repo: context.repo.repo,

content/admin/managing-iam/understanding-iam-for-enterprises/abilities-and-restrictions-of-managed-user-accounts.md

@@ -25,7 +25,7 @@ With {% data variables.product.prodname_emus %}, you can control the user accoun
 ## {% data variables.product.prodname_actions %}
 
 * {% data variables.enterprise.prodname_managed_users_caps %} cannot create workflow templates for {% data variables.product.prodname_actions %}.
-* Entitlement minutes for {% data variables.product.company_short %}-hosted runners are not available for {% data variables.enterprise.prodname_managed_users %}.
+* While {% data variables.product.company_short %}-hosted runners can be used in repositories owned by organizations, they are not available for repositories owned by {% data variables.enterprise.prodname_managed_users %}.
 * {% data variables.product.prodname_emus %} can trigger workflows in organizations where they are not members by forking the organization repository, then creating a pull request targeting the organization repository.
 
 ## {% data variables.product.prodname_github_apps %}

content/code-security/securing-your-organization/enabling-security-features-in-your-organization/configuring-global-security-settings-for-your-organization.md

@@ -1,7 +1,7 @@
 ---
 title: Configuring global security settings for your organization
 shortTitle: Configure global settings
-intro: 'Customize {% data variables.product.prodname_GH_advanced_security %} features and create security managers to strengthen the security of your organization.'
+intro: 'Customize {% data variables.product.prodname_GH_advanced_security %} features to strengthen the security of your organization.'
 permissions: '{% data reusables.permissions.security-org-enable %}'
 versions:
   feature: security-configurations
@@ -13,7 +13,7 @@ topics:
 
 ## About {% data variables.product.prodname_global_settings %}
 
-Alongside {% data variables.product.prodname_security_configurations %}, which determine repository-level security settings, you should also configure {% data variables.product.prodname_global_settings %} for your organization. {% data variables.product.prodname_global_settings_caps %} apply to your entire organization, and can customize {% data variables.product.prodname_GH_advanced_security %} features based on your needs. You can also create security managers on the {% data variables.product.prodname_global_settings %} page to monitor and maintain your organization's security.
+Alongside {% data variables.product.prodname_security_configurations %}, which determine repository-level security settings, you should also configure {% data variables.product.prodname_global_settings %} for your organization. {% data variables.product.prodname_global_settings_caps %} apply to your entire organization, and can customize {% data variables.product.prodname_GH_advanced_security %} features based on your needs. {% ifversion ghes < 3.16 %}You can also create a team of security managers to monitor and maintain your organization's security.{% endif %}
 
 ## Accessing the {% data variables.product.prodname_global_settings %} page for your organization
 
@@ -131,6 +131,12 @@ You can define custom patterns for {% data variables.product.prodname_secret_sca
 
 ## Creating security managers for your organization
 
-The security manager role grants members of your organization the ability to manage security settings and alerts across your organization. To grant all members of a team the security manager role, in the "Search for teams" text box, type the name of the desired team. In the dropdown menu that appears, click the team, then click **I understand, grant security manager permissions**.
+The security manager role grants members of your organization the ability to manage security settings and alerts across your organization. Security managers can view data for all repositories in your organization through security overview.
 
-Security managers can view data for all repositories in your organization through security overview. To learn more about the security manager role, see "[AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/managing-security-managers-in-your-organization)."
+To learn more about the security manager role, see "[AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/managing-security-managers-in-your-organization)."
+
+{% ifversion ghes < 3.16 %}
+
+To grant all members of a team the security manager role, in the "Search for teams" text box, type the name of the desired team. In the dropdown menu that appears, click the team, then click **I understand, grant security manager permissions**.
+
+{% endif %}

content/code-security/securing-your-organization/introduction-to-securing-your-organization-at-scale/about-enabling-security-features-at-scale.md

@@ -48,7 +48,7 @@ You can also create and manage security configurations using the REST API. For m
 
 ## About {% data variables.product.prodname_global_settings %}
 
-While {% data variables.product.prodname_security_configurations %} determine repository-level security settings, {% data variables.product.prodname_global_settings %} determine your organization-level security settings, which are then inherited by all repositories. With {% data variables.product.prodname_global_settings %}, you can customize how security features analyze your organization, as well as create security managers with permission to manage security alerts and settings across your organization.
+While {% data variables.product.prodname_security_configurations %} determine repository-level security settings, {% data variables.product.prodname_global_settings %} determine your organization-level security settings, which are then inherited by all repositories. With {% data variables.product.prodname_global_settings %}, you can customize how security features analyze your organization{% ifversion ghes < 3.16 %}, as well as grant a team permission to manage security alerts and settings across your organization{% endif %}.
 
 ## Next steps
 

content/copilot/using-github-copilot/code-review/using-copilot-code-review.md

@@ -15,7 +15,9 @@ redirect_from:
 
 > [!NOTE]
 >
-> * {% data variables.copilot.copilot_code-review %} is in {% data variables.release-phases.public_preview %} and subject to change. Some functionality is available to all {% data variables.product.prodname_copilot_short %} subscribers, but other functionality is only available to a limited number of users. To join the waitlist, see "[Join the {% data variables.copilot.copilot_code-review_short %} waitlist](https://gh.io/copilot-code-review-waitlist)."
+> * {% data variables.copilot.copilot_code-review %} is in {% data variables.release-phases.public_preview %} and subject to change.
+> * To participate in the {% data variables.release-phases.public_preview %}, an administrator of your {% ifversion ghec %}enterprise or{% endif %} organization must opt in to the use of previews of {% data variables.product.prodname_copilot_short %} features. See {% ifversion ghec %}"[AUTOTITLE](/copilot/managing-copilot/managing-copilot-for-your-enterprise/managing-policies-and-features-for-copilot-in-your-enterprise#copilot-in-githubcom)" and{% endif %} "[AUTOTITLE](/copilot/managing-copilot/managing-github-copilot-in-your-organization/managing-policies-for-copilot-in-your-organization#enabling-copilot-features-in-your-organization)."
+> * Some functionality is available to all enabled {% data variables.product.prodname_copilot_short %} subscribers, but other functionality is only available to a limited number of users. To join the waitlist for additional functionality, see "[Join the {% data variables.copilot.copilot_code-review_short %} waitlist](https://gh.io/copilot-code-review-waitlist)."
 > * The "[AUTOTITLE](/free-pro-team@latest/site-policy/github-terms/github-pre-release-license-terms)" apply to your use of this product.
 
 ## About {% data variables.copilot.copilot_code-review_short %}
@@ -33,10 +35,10 @@ The current functionality and availability of the two types of review is summari
 
 | Feature   | Review selection  | Review changes  |
 | --------- | ----------------- | --------------- |
+| Environment | {% data variables.product.prodname_vscode %} | {% data variables.product.prodname_vscode %} and the {% data variables.product.github %} website |
 | Description | Initial review of a highlighted section of code with feedback and suggestions  | Deeper review of all changes |
 | Language support | All | C#, Go, Java, JavaScript, Markdown, Python, Ruby, TypeScript |
 | Custom coding guidelines support | No | Yes, see [Customizing {% data variables.product.prodname_copilot_short %}'s reviews with coding guidelines](#customizing-copilots-reviews-with-coding-guidelines) |
-| Environment | {% data variables.product.prodname_vscode %} | {% data variables.product.prodname_vscode %} and the {% data variables.product.github %} website |
 | Availability | {% data variables.release-phases.public_preview_caps %}, available to all {% data variables.product.prodname_copilot_short %} subscribers | {% data variables.release-phases.public_preview_caps %} with waitlist, see "[Join the {% data variables.copilot.copilot_code-review_short %} waitlist](https://gh.io/copilot-code-review-waitlist)" |
 
 {% endrowheaders %}

content/copilot/using-github-copilot/using-copilot-text-completion.md

@@ -10,7 +10,7 @@ topics:
 ---
 
 >[!NOTE]
-> {% data variables.product.prodname_copilot_autocomplete_pr %} is currently in {% data variables.release-phases.public_preview %} and subject to change. To participate in the {% data variables.release-phases.public_preview %}, an administrator of your enterprise must opt in to the use of previews of {% data variables.product.prodname_copilot_short %} features.
+> {% data variables.product.prodname_copilot_autocomplete_pr %} is currently in {% data variables.release-phases.public_preview %} and subject to change. To participate in the {% data variables.release-phases.public_preview %}, an administrator of your enterprise must opt in to the use of previews of {% data variables.product.prodname_copilot_short %} features. See "[AUTOTITLE](/copilot/managing-copilot/managing-copilot-for-your-enterprise/managing-policies-and-features-for-copilot-in-your-enterprise#copilot-in-githubcom)."
 
 ## About {% data variables.product.prodname_copilot_autocomplete_pr %}
 

content/organizations/managing-peoples-access-to-your-organization-with-roles/managing-security-managers-in-your-organization.md

@@ -1,8 +1,10 @@
 ---
 title: Managing security managers in your organization
-intro: You can give your security team the least access they need to configure and monitor code security for your organization by assigning a team to the security manager role.
+intro: You can give your security experts the least access they need to configure and monitor code security for your organization using the security manager role.
 versions:
-  feature: security-managers
+  fpt: '*'
+  ghec: '*'
+  ghes: '*'
 topics:
   - Organizations
   - Teams
@@ -16,7 +18,7 @@ permissions: Organization owners can assign the security manager role.
 
 ## Permissions for the security manager role
 
-Members of a team with the security manager role have only the permissions required to effectively manage code security for the organization.
+Organization members {% ifversion org-sec-manager-update %} and members of teams {% elsif ghes < 3.16 %}in a team {% endif %}assigned the security manager role have only the permissions required to effectively manage code security for the organization.
 
 * Read access on all repositories in the organization, in addition to any existing repository access
 * Write access on all security alerts in the organization {% ifversion not fpt %}
@@ -25,11 +27,25 @@ Members of a team with the security manager role have only the permissions requi
 * The ability to configure code security settings at the repository level{% ifversion not fpt %}, including the ability to enable or disable {% data variables.product.prodname_GH_advanced_security %}{% endif %}
 
 {% ifversion fpt %}
-Additional functionality, including a security overview for the organization, is available in organizations that use {% data variables.product.prodname_ghe_cloud %} with {% data variables.product.prodname_advanced_security %}. For more information, see the [{% data variables.product.prodname_ghe_cloud %} documentation](/enterprise-cloud@latest/organizations/managing-peoples-access-to-your-organization-with-roles/managing-security-managers-in-your-organization).
+Additional functionality, including a security overview for the organization, is available in organizations that use {% data variables.product.prodname_ghe_cloud %}. For more information, see the [{% data variables.product.prodname_ghe_cloud %} documentation](/enterprise-cloud@latest/organizations/managing-peoples-access-to-your-organization-with-roles/managing-security-managers-in-your-organization).
 {% endif %}
 
 If a team has the security manager role, people with admin access to the team and a specific repository can change the team's level of access to that repository but cannot remove the access. For more information, see "[AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/managing-team-access-to-an-organization-repository)" and "[AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/managing-teams-and-people-with-access-to-your-repository)."
 
+{% ifversion org-sec-manager-update %}
+
+## Managing security managers in your organization
+
+You can assign the pre-defined security manager role to either an organization team or directly to an organization member. Larger organizations may want to create a dedicated team for security management. This approach is especially useful if you want to assign additional permissions to your security experts.
+
+For information about assigning roles to users and teams, see "[AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/using-organization-roles)."
+
+## Creating a custom security role
+
+You can create custom security roles for your organization with reduced or increased access, as needed. For example, you might create a security role limited to managing secret scanning results and bypass requests, or you might create a combined security and audit log role. For more information, see "[AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/managing-custom-organization-roles)."
+
+{% else %}
+
 ## Assigning the security manager role to a team in your organization
 
 You can assign the security manager role to a maximum of 10 teams in your organization.
@@ -53,3 +69,5 @@ You can assign the security manager role to a maximum of 10 teams in your organi
 {% data reusables.organizations.security-and-analysis %}
 {% endif %}
 1. Under **Security managers**, next to the team you want to remove as security managers, click {% octicon "x" aria-label="Remove TEAM" %}.
+
+{% endif %}