Repo sync

content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/streaming-the-audit-log-for-your-enterprise.md

@@ -129,6 +129,9 @@ From {% data variables.product.prodname_dotcom %}:
 
 #### Setting up streaming to S3 with OpenID Connect
 
+> [!NOTE]
+> Audit log streaming to S3 with OpenID Connect for {% data variables.enterprise.data_residency %} is currently unavailable. See [AUTOTITLE](/admin/data-residency/feature-overview-for-github-enterprise-cloud-with-data-residency#currently-unavailable-features).
+
 From AWS:
 
 1. Add the {% data variables.product.prodname_dotcom %} OIDC provider to IAM. See [Creating OpenID Connect (OIDC) identity providers](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_create_oidc.html) in the AWS documentation.

content/authentication/connecting-to-github-with-ssh/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent.md

@@ -165,6 +165,19 @@ Before adding a new SSH key to the ssh-agent to manage your keys, you should hav
 
 {% data reusables.ssh.add-public-key-to-github %}
 
+> ### Troubleshooting SSH agent conflicts in Windows
+>
+> In Windows environments, the native Windows OpenSSH implementation and the one included with Git for Windows (based on MSYS2/Bash) can coexist.
+>
+> If you configure and save your passphrases in the Windows agent using PowerShell, Git may still prompt you for your passphrase during operations like `git push`. This can happen when Git for Windows uses its bundled `ssh.exe` (from MSYS2) instead of the Windows system OpenSSH client, and therefore can't talk to the Windows `ssh-agent` service.
+>
+> To ensure Git uses the agent where you've stored your credentials, force Git to use the system's SSH binary by running:
+>
+> ```powershell
+> git config --global core.sshCommand "C:/Windows/System32/OpenSSH/ssh.exe"
+> ```
+
+
 {% endwindows %}
 
 {% linux %}
@@ -256,3 +269,5 @@ If you are using macOS or Linux, you may need to update your SSH client or insta
    ```
 
 {% data reusables.ssh.add-public-key-to-github %}
+
+

content/billing/reference/cost-center-allocation.md

@@ -113,16 +113,11 @@ There are two cost centers in the enterprise, each with different users or organ
 
 ### How usage is allocated
 
-The following table illustrates how spending for each user is allocated to a cost center based on their membership of an organization or cost center. Any usage not assigned to a cost center is categorized as "Enterprise Only" spending.
-
-![Diagram illustrating the assignment of users and organizations to cost centers, with the allocation of costs for the four users.](/assets/images/help/billing/cost-center-example-2.png)
-
 {% rowheaders %}
 
 |             | Copilot charges | GHSP charges | GHE charges | Explanation |
 | ----------- | --------------- | ------------ | ----------- | ----------- |
 | Cost Center A | `user-1`, `user-3` | `user-1`, `user-3` | `user-1`, `user-3` | These users are assigned directly to the cost center. |
-| Cost Center B | `user-2`, `user-4` | {% octicon "dash" aria-label="Not applicable" %} | `user-2`, `user-4` | These users aren't directly assigned to a cost center, so Copilot and GHE charges are assigned based on organization membership, whereas GHSP defaults to enterprise spending. |
-| Enterprise Only (default) | {% octicon "dash" aria-label="Not applicable" %} | `user-2`, `user-4` | {% octicon "dash" aria-label="Not applicable" %} | These users aren't directly assigned to a cost center, so GHSP defaults to enterprise spending. |
+| Cost Center B | `user-2`, `user-4` | `user-2`, `user-4` | `user-2`, `user-4` | These users aren't directly assigned to a cost center, so {% data variables.product.prodname_copilot %}, {% data variables.enterprise.data_residency %}, and {% data variables.product.prodname_GH_secret_protection %} charges are assigned based on organization membership. |
 
 {% endrowheaders %}

content/code-security/how-tos/secure-your-supply-chain/secure-your-dependencies/configuring-dependabot-security-updates.md

@@ -29,24 +29,6 @@ contentType: how-tos
 
 {% data reusables.dependabot.enterprise-enable-dependabot %}
 
-## About configuring {% data variables.product.prodname_dependabot_security_updates %}
-
-You can enable {% data variables.product.prodname_dependabot_security_updates %} for any repository that uses {% data variables.product.prodname_dependabot_alerts %} and the dependency graph. For more information, see [AUTOTITLE](/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates).
-
-You can enable or disable {% data variables.product.prodname_dependabot_security_updates %} for an individual repository, for a selection of repositories in an organization, or for all repositories owned by your personal account or organization. For more information about enabling security features in an organization, see {% ifversion security-configurations %}[AUTOTITLE](/code-security/securing-your-organization/enabling-security-features-in-your-organization).{% else %}[AUTOTITLE](/code-security/getting-started/quickstart-for-securing-your-organization).{% endif %}
-
-{% data reusables.dependabot.dependabot-security-updates-disable-for-alert-rules %}
-
-{% ifversion fpt or ghec %}{% data reusables.dependabot.dependabot-tos %}{% endif %}
-
-## Supported repositories
-
-{% data variables.product.prodname_dotcom %} automatically enables {% data variables.product.prodname_dependabot_security_updates %} for newly created repositories if your personal account or organization has enabled **Automatically enable for new repositories** for {% data variables.product.prodname_dependabot_security_updates %}. For more information, see [Managing {% data variables.product.prodname_dependabot_security_updates %} for your repositories](#managing-dependabot-security-updates-for-your-repositories).
-
-If you create a fork of a repository that has security updates enabled, {% data variables.product.prodname_dotcom %} will automatically disable {% data variables.product.prodname_dependabot_security_updates %} for the fork. You can then decide whether to enable {% data variables.product.prodname_dependabot_security_updates %} on the specific fork.
-
-If security updates are not enabled for your repository and you don't know why, first try enabling them using the instructions given in the procedural sections below. If security updates are still not working, you can contact {% data variables.contact.contact_support %}.
-
 ## Managing {% data variables.product.prodname_dependabot_security_updates %} for your repositories
 
 You can enable or disable {% data variables.product.prodname_dependabot_security_updates %} for all qualifying repositories owned by your personal account or organization. For more information, see [AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-personal-account-settings/managing-security-and-analysis-settings-for-your-personal-account) or [AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization).
@@ -62,7 +44,7 @@ You can also enable or disable {% data variables.product.prodname_dependabot_sec
 
 ## Grouping {% data variables.product.prodname_dependabot_security_updates %} into a single pull request
 
-To reduce the number of pull requests you may be seeing, you can enable grouped security updates for your repository or organization. When this is enabled, {% data variables.product.prodname_dependabot %} will group security updates into one pull request for each package ecosystem. In order to use grouped security updates, you must first enable the following features:
+In order to use grouped security updates, you must first enable the following features:
 
 * **Dependency graph**. For more information, see [AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/configuring-the-dependency-graph).
 * **{% data variables.product.prodname_dependabot_alerts %}**. For more information, see [AUTOTITLE](/code-security/dependabot/dependabot-alerts/configuring-dependabot-alerts).
@@ -76,8 +58,6 @@ To reduce the number of pull requests you may be seeing, you can enable grouped
 
 ### Enabling or disabling grouped {% data variables.product.prodname_dependabot_security_updates %} for an individual repository
 
-Repository administrators can enable or disable grouped security updates for their repository. Changing the repository setting will override any default organization settings. {% data reusables.dependabot.dependabot-grouped-security-updates-yaml-override %}
-
 {% data reusables.repositories.navigate-to-repo %}
 {% data reusables.repositories.sidebar-settings %}
 {% data reusables.repositories.navigate-to-code-security-and-analysis %}
@@ -89,8 +69,6 @@ Repository administrators can enable or disable grouped security updates for the
 
 {% else %}
 
-Organization owners can enable or disable grouped security updates for all repositories in their organization. However, repository administrators within the organization can update the settings for their repositories to override the default organization settings. {% data reusables.dependabot.dependabot-grouped-security-updates-yaml-override %}
-
 {% data reusables.profile.access_org %}
 {% data reusables.profile.org_settings %}
 {% data reusables.organizations.security-and-analysis %}

content/code-security/reference/supply-chain-security/dependabot-security-updates.md

@@ -0,0 +1,27 @@
+---
+title: Dependabot security updates reference
+shortTitle: Dependabot security updates
+intro: Find usage information for {% data variables.product.prodname_dependabot_security_updates %}.
+topics:
+  - Dependency graph
+  - Dependencies
+  - Vulnerabilities
+  - Repositories
+versions:
+  fpt: '*'
+  ghec: '*'
+  ghes: '*'
+contentType: reference
+---
+
+## Priority of grouped security update settings
+
+Settings for grouped {% data variables.product.prodname_dependabot_security_updates %} are applied in the following order, from highest to lowest priority:
+
+1. Settings defined in a `dependabot.yml` file. See [About the `dependabot.yml` file](/code-security/reference/supply-chain-security/dependabot-options-reference#about-the-dependabotyml-file).
+1. Repository-level settings defined in the UI
+1. Organization-level settings defined in the UI
+
+## Enablement for forked repositories
+
+If you create a fork of a repository that has security updates enabled, {% data variables.product.prodname_dotcom %} will automatically disable {% data variables.product.prodname_dependabot_security_updates %} for the fork. You can then decide whether to enable {% data variables.product.prodname_dependabot_security_updates %} on the specific fork.

content/code-security/reference/supply-chain-security/index.md

@@ -22,6 +22,7 @@ children:
   - /supported-ecosystems-and-manifests-for-dependency-scope
   - /dependabot-pull-request-comment-commands
   - /supported-ecosystems-and-repositories
+  - /dependabot-security-updates
   - /dependency-graph-supported-package-ecosystems
   - /dependabot-on-actions
   - /dependabot-errors

content/migrations/ado/granting-the-migrator-role.md

@@ -0,0 +1,25 @@
+---
+title: "Granting the migrator role"
+shortTitle: Migrator role
+intro: "The migrator role gives a user or team the ability to run migrations on behalf of an organization."
+versions:
+  fpt: '*'
+  ghec: '*'
+contentType: other
+---
+
+To allow someone other than an organization owner to run a migration or download migration logs, you can grant the migrator role to a user or team.
+
+To grant the migrator role using the CLI, you can use the {% data variables.product.prodname_ado2gh_cli %}.
+
+{% data reusables.enterprise-migration-tool.gei-install-and-update %}
+
+1. On {% data variables.product.prodname_dotcom %}, create and record a {% data variables.product.pat_generic %} that has the `admin:org` scope.
+{% data reusables.enterprise-migration-tool.grant-migrator-role-pat %}
+1. Use the `gh ado2gh grant-migrator-role` command, replacing ORGANIZATION with the organization you want to grant the migrator role for, ACTOR with the user or team name, and TYPE with `USER` or `TEAM`.
+
+   ```shell copy
+   gh ado2gh grant-migrator-role --github-org ORGANIZATION --actor ACTOR --actor-type TYPE
+   ```
+
+   {% data reusables.enterprise-migration-tool.grant-migrator-role-ghecom %}

content/migrations/ado/index.md

@@ -1,18 +1,34 @@
 ---
-title: Migrating from Azure DevOps to GitHub Enterprise Cloud
+title: Migrating from Azure DevOps to GitHub
 shortTitle: Migrate from Azure DevOps
-intro: You can migrate repositories to {% data variables.product.prodname_dotcom %} with {% data variables.product.prodname_importer_proper_name %}.
+intro: "Plan and execute a migration from Azure DevOps to {% data variables.product.prodname_ghe_cloud %}. This six-phase guide explains how to configure access, migrate, and the follow-up tasks needed to get your repositories ready for work."
 versions:
   fpt: '*'
-  ghes: '*'
   ghec: '*'
 children:
-  - /about-migrations-from-azure-devops-to-github-enterprise-cloud
-  - /overview-of-a-migration-from-azure-devops-to-github-enterprise-cloud
-  - /managing-access-for-a-migration-from-azure-devops
-  - /migrating-repositories-from-azure-devops-to-github-enterprise-cloud
+  - /phase-1-understand-migrations-from-azure-devops-to-github
+  - /phase-2-manage-access
+  - /phase-3-install-and-configure-github-enterprise-importer
+  - /phase-4-prepare-for-your-migration-from-azure-devops-to-github
+  - /phase-5-migrate-your-repositories-from-azure-devops-to-github
+  - /phase-6-follow-up-tasks
+  - /key-differences-between-azure-devops-and-github
+  - /use-graphql-to-migrate-repositories-from-azure-devops-to-github-enterprise-cloud
+  - /granting-the-migrator-role
 redirect_from:
   - /migrations/using-github-enterprise-importer/migrating-from-azure-devops-to-github-enterprise-cloud
-contentType: other
+contentType: tutorials
+heroImage: /assets/images/banner-images/hero-3
+layout: bespoke-landing
+sidebarLink:
+  text: Get started
+  href: /migrations/ado
+carousels:
+  recommended:
+    - /phase-1-understand-migrations-from-azure-devops-to-github
+    - /phase-2-manage-access
+    - /phase-3-install-and-configure-github-enterprise-importer
+    - /phase-4-prepare-for-your-migration-from-azure-devops-to-github
+    - /phase-5-migrate-your-repositories-from-azure-devops-to-github
+    - /phase-6-follow-up-tasks
 ---
-