github · Octomerger · Mar 21, 2023 · Mar 21, 2023 · Mar 21, 2023 · Mar 21, 2023
diff --git a/.github/workflows/sync-codeql-cli.yml b/.github/workflows/sync-codeql-cli.yml
@@ -25,7 +25,7 @@ concurrency:
   cancel-in-progress: true
 
 jobs:
-  generate-decorated-files:
+  generate-codeql-files:
     if: github.repository == 'github/docs-internal'
     runs-on: ubuntu-latest
     steps:
@@ -43,6 +43,7 @@ jobs:
         with:
           # By default, only the most recent commit of the `main` branch
           # will be checked out
+          token: ${{ secrets.DOCS_BOT_FR }}
           repository: github/semmle-code
           path: semmle-code
           ref: ${{ github.event.inputs.SOURCE_BRANCH }}
@@ -67,6 +68,7 @@ jobs:
           sudo dpkg -i pandoc-3.0.1-1-amd64.deb
           # Output the pandoc version installed
           pandoc -v
+          rm pandoc-3.0.1-1-amd64.deb
 
       - name: Sync the CodeQL CLI data
         run: |
@@ -82,8 +84,9 @@ jobs:
         run: |
           # If nothing to commit, exit now. It's fine. No orphans.
           changes=$(git diff --name-only | wc -l)
-          if [[ $changes -eq 0 ]]; then
-            echo "There are no changes to commit after running src/rest/scripts/update-files.js. Exiting..."
+          untracked=$(git status --untracked-files --short | wc -l)
+          if [[ $changes -eq 0 ]] && [[ $untracked -eq 0 ]]; then
+            echo "There are no changes to commit after running src/codeql/scripts/sync.js. Exiting..."
             exit 0
           fi
 

diff --git a/.prettierignore b/.prettierignore
@@ -1,6 +1,11 @@
-includes/
 data/release-notes/
 script/bookmarklets/
 /.next/
+
+# jest --coverage option
 /.coverage
 /coverage
+
+# Automated content source
+rest-api-description
+semmle-code
diff --git a/content/rest/repos/lfs.md b/content/rest/repos/lfs.md
@@ -24,15 +24,14 @@ People with admin access to a repository can use these endpoints.
 
 Usage of {% data variables.large_files.product_name_short %} is subject to billing. For more information, see "[AUTOTITLE](/billing/managing-billing-for-git-large-file-storage/about-billing-for-git-large-file-storage)."
 
-If you want to use these endpoints for a repository that belongs to an organization, your role must provide you with access to the organization's{% ifversion ghec %} or enterprise's{% endif %} billing.{% ifversion fpt %} For more information, see "[AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization#organization-owners)."{% endif %}
+If you want to use these endpoints for a repository that belongs to an organization, you must have admin access to the repository (which can be inherited as an organization owner), and your role must also provide you with access to the organization's billing.
 
 {% ifversion ghec %}
 
-| Repository ownership | Required repository access | Required role | More information |
-| :- | :- | :- | :- |
-| Personal account | Admin | N/A | N/A |
-| <ul><li>Organization on {% data variables.product.prodname_team %}</li><li>Organization on {% data variables.product.product_name %}, but not in an enterprise</li></ul> | Admin, which is inherited if you are an organization owner | Organization owner or billing manager | "[AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization#organization-owners)" |
-| Organization in an enterprise | Admin, which can be inherited if you are an organization owner | Enterprise owner or billing manager | "[AUTOTITLE](/admin/user-management/managing-users-in-your-enterprise/roles-in-an-enterprise#enterprise-owners)" |
+
+- If repository is owned by an organization on {% data variables.product.prodname_team %}, you must be an organization owner or billing manager. For more information, see "[AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization#organization-owners)".
+- If repository is owned by an organization that is on {% data variables.product.prodname_ghe_cloud %} and is not owned by an enterprise account, you must be an organization owner or billing manager. For more information, see "[AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization#organization-owners)."
+- If repository is owned by an organization that is owned by an enterprise account, you must be an enterprise owner or billing manager. For more information, see "[AUTOTITLE](/admin/user-management/managing-users-in-your-enterprise/roles-in-an-enterprise#enterprise-owners)."
 
 {% endif %}
 

@@ -6,7 +6,6 @@ sections:
   bugs:
     - After a site administrator adjusted the cutoff date for allowing SSH connections with RSA keys using `ghe-config app.gitauth.rsa-sha1`, the instance would still disallow connections with RSA keys if the connection attempt was signed by the SHA-1 hash function.
     - During the validation phase of a configuration run, a `No such object error` may have occurred for the Notebook and Viewscreen services.
-    - SSH keys and personal access tokens (classic) would fail to allow REST API access to organization resources when GitHub Enterprise Server was configured with SCIM.
     - After disabling Dependabot updates, the avatar for Dependabot was displayed as the **@ghost** user in the Dependabot alert timeline.
     - In some cases, users could experience a `500` error when viewing the **Code security & analysis** settings page for an instance with a very high number of active committers.
     - Some links to contact GitHub Support or view the GitHub Enterprise Server release notes were incorrect.