github
diff --git a/‎content/admin/configuring-settings/configuring-github-connect/about-github-connect.md
Lines changed: 0 additions & 2 deletions b/‎content/admin/configuring-settings/configuring-github-connect/about-github-connect.md
Lines changed: 0 additions & 2 deletions
diff --git a/‎content/admin/configuring-settings/configuring-github-connect/enabling-dependabot-for-your-enterprise.md
Lines changed: 0 additions & 10 deletions b/‎content/admin/configuring-settings/configuring-github-connect/enabling-dependabot-for-your-enterprise.md
Lines changed: 0 additions & 10 deletions
diff --git a/‎content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-code-security-and-analysis-for-your-enterprise.md
Lines changed: 5 additions & 20 deletions b/‎content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-code-security-and-analysis-for-your-enterprise.md
Lines changed: 5 additions & 20 deletions
diff --git a/‎content/admin/managing-code-security/managing-github-advanced-security-for-your-enterprise/configuring-code-scanning-for-your-appliance.md
Lines changed: 1 addition & 1 deletion b/‎content/admin/managing-code-security/managing-github-advanced-security-for-your-enterprise/configuring-code-scanning-for-your-appliance.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎content/admin/managing-code-security/managing-github-advanced-security-for-your-enterprise/configuring-dependency-review-for-your-appliance.md
Lines changed: 1 addition & 1 deletion b/‎content/admin/managing-code-security/managing-github-advanced-security-for-your-enterprise/configuring-dependency-review-for-your-appliance.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎content/admin/managing-code-security/managing-github-advanced-security-for-your-enterprise/enabling-github-advanced-security-for-your-enterprise.md
Lines changed: 1 addition & 1 deletion b/‎content/admin/managing-code-security/managing-github-advanced-security-for-your-enterprise/enabling-github-advanced-security-for-your-enterprise.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎content/admin/managing-code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise.md
Lines changed: 3 additions & 2 deletions b/‎content/admin/managing-code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise.md
Lines changed: 3 additions & 2 deletions
diff --git a/‎content/admin/managing-github-actions-for-your-enterprise/enabling-github-actions-for-github-enterprise-server/managing-self-hosted-runners-for-dependabot-updates.md
Lines changed: 1 addition & 8 deletions b/‎content/admin/managing-github-actions-for-your-enterprise/enabling-github-actions-for-github-enterprise-server/managing-self-hosted-runners-for-dependabot-updates.md
Lines changed: 1 addition & 8 deletions
diff --git a/‎content/admin/monitoring-and-managing-your-instance/updating-the-virtual-machine-and-physical-resources/increasing-storage-capacity.md
Lines changed: 44 additions & 1 deletion b/‎content/admin/monitoring-and-managing-your-instance/updating-the-virtual-machine-and-physical-resources/increasing-storage-capacity.md
Lines changed: 44 additions & 1 deletion
diff --git a/‎content/code-security/secret-scanning/enabling-secret-scanning-features/enabling-push-protection-for-your-repository.md
Lines changed: 1 addition & 1 deletion b/‎content/code-security/secret-scanning/enabling-secret-scanning-features/enabling-push-protection-for-your-repository.md
Lines changed: 1 addition & 1 deletion
@@ -105,9 +105,7 @@ Additional data is transmitted if you enable individual features of {% data vari
 | {% ifversion ghes %} |
 | {% data variables.product.prodname_dependabot_alerts %} | Vulnerability alerts | From {% data variables.product.prodname_dotcom_the_website %} to {% data variables.product.product_name %} | {% data variables.product.product_name %} |
 | {% endif %} |
-| {% ifversion dependabot-updates-github-connect %} |
 | {% data variables.product.prodname_dependabot_updates %} | Dependencies and the metadata for each dependency's repository<br><br>If a dependency is stored in a private repository on {% data variables.product.prodname_dotcom_the_website %}, data will only be transmitted if {% data variables.product.prodname_dependabot %} is configured and authorized to access that repository. | From {% data variables.product.prodname_dotcom_the_website %} to {% data variables.product.product_name %} | {% data variables.product.product_name %} |
-| {% endif %} |
 | {% data variables.product.prodname_dotcom_the_website %} actions | Name of action, action (YAML file from {% data variables.product.prodname_marketplace %}) | From {% data variables.product.prodname_dotcom_the_website %} to {% data variables.product.product_name %}<br><br>From {% data variables.product.product_name %} to {% data variables.product.prodname_dotcom_the_website %} | {% data variables.product.product_name %} |
 | {% ifversion server-statistics %} |
 | {% data variables.product.prodname_server_statistics %} | Aggregate metrics about your usage of {% data variables.product.prodname_ghe_server %}. For the complete list of metrics, see [AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/analyzing-how-your-team-works-with-server-statistics/about-server-statistics#server-statistics-data-collected). | From {% data variables.product.product_name %} to {% data variables.product.prodname_ghe_cloud %} | {% data variables.product.prodname_ghe_cloud %} |
 
@@ -87,8 +87,6 @@ Before you can enable {% data variables.product.prodname_dependabot_alerts %}, y
 
 You can now enable {% data variables.product.prodname_dependabot_alerts %} for all existing or new private and internal repositories in the enterprise settings page for {% ifversion code-security-wording-only-enterprise %}"Code security."{% else %}"Code security and analysis."{% endif %} Alternatively, repository administrators and organization owners can enable {% data variables.product.prodname_dependabot_alerts %} for each repository and organization. Public repositories are always enabled by default. For more information, see [AUTOTITLE](/enterprise-server@latest/code-security/dependabot/dependabot-alerts/configuring-dependabot-alerts).
 
-{% ifversion dependabot-updates-github-connect %}
-
 ## Enabling {% data variables.product.prodname_dependabot_updates %}
 
 Before you can enable {% data variables.product.prodname_dependabot_updates %}:
@@ -98,13 +96,9 @@ Before you can enable {% data variables.product.prodname_dependabot_updates %}:
 
 {% data variables.product.prodname_dependabot_updates %} are not supported on {% data variables.product.product_name %} if your enterprise uses clustering.
 
-{% ifversion ghes %}
-
 > [!NOTE]
 > After you enable the dependency graph, you can use the [{% data variables.product.prodname_dependabot %} action](https://github.com/github/dependabot-action). The action will raise an error if any vulnerabilities or invalid licenses are being introduced. {% data reusables.actions.action-bundled-actions %}
 
-{% endif %}
-
 {% data reusables.enterprise_site_admin_settings.sign-in %}
 {% data reusables.enterprise_site_admin_settings.access-settings %}
 {% data reusables.enterprise_site_admin_settings.management-console %}
@@ -116,11 +110,7 @@ Before you can enable {% data variables.product.prodname_dependabot_updates %}:
 {% data reusables.enterprise-accounts.access-enterprise %}
 {% data reusables.enterprise-accounts.github-connect-tab %}
 1. Under "{% data variables.product.prodname_dependabot %}", to the right of "Users can easily upgrade to non-vulnerable open source code dependencies", click **Enable**.
-{% endif %}
-{% ifversion ghes %}
 
 When you enable {% data variables.product.prodname_dependabot_alerts %}, you should consider also setting up {% data variables.product.prodname_actions %} for {% data variables.product.prodname_dependabot_security_updates %}. This feature allows developers to fix vulnerabilities in their dependencies. For more information, see [AUTOTITLE](/admin/github-actions/enabling-github-actions-for-github-enterprise-server/managing-self-hosted-runners-for-dependabot-updates).
 
 If you need enhanced security, we recommend configuring {% data variables.product.prodname_dependabot %} to use private registries. For more information, see [AUTOTITLE](/code-security/dependabot/working-with-dependabot/configuring-access-to-private-registries-for-dependabot#configuring-private-registries).
-
-{% endif %}
@@ -1,7 +1,7 @@
 ---
 title: Enforcing policies for code security and analysis for your enterprise
-intro: 'You can enforce policies to manage the use of {% ifversion security-feature-enablement-policies %}code security and analysis{% else %}{% data variables.product.prodname_GH_advanced_security %}{% endif %} features within your enterprise''s organizations.'
-permissions: 'Enterprise owners can enforce {% ifversion security-feature-enablement-policies %}code security and analysis{% endif %} policies for {% data variables.product.prodname_GH_advanced_security %} in an enterprise.'
+intro: 'You can enforce policies to manage the use of code security and analysis features within your enterprise''s organizations.'
+permissions: 'Enterprise owners can enforce code security and analysis policies for {% data variables.product.prodname_GH_advanced_security %} in an enterprise.'
 product: '{% data reusables.gated-features.ghas %}'
 versions:
   ghec: '*'
@@ -28,22 +28,12 @@ redirect_from:
   - /admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-code-security-and-analysis-for-your-enterprise
 shortTitle: Code security & analysis
 ---
-{% ifversion security-feature-enablement-policies %}
 
 ## About policies for code security and analysis in your enterprise
 
 You can enforce policies to manage the use of code security and analysis features within organizations owned by your enterprise. You can allow or disallow people with admin access to a repository to enable or disable the security and analysis features.
 
 Additionally, you can enforce policies for the use of {% data variables.product.prodname_GH_advanced_security %} in your enterprise's organizations and repositories.
-{% else %}
-
-## About policies for {% data variables.product.prodname_GH_advanced_security %} in your enterprise
-
-{% data reusables.advanced-security.ghas-helps-developers %} For more information, see [AUTOTITLE](/get-started/learning-about-github/about-github-advanced-security).
-
-{% ifversion ghes %}If you purchase a license for {% data variables.product.prodname_GH_advanced_security %}, any{% else %}Any{% endif %} organization on {% data variables.product.prodname_ghe_server %} can use {% data variables.product.prodname_advanced_security %} features. You can enforce policies to control how members of your enterprise on {% data variables.product.product_name %} use {% data variables.product.prodname_advanced_security %}.
-
-{% endif %}
 
 {% ifversion ghec %}
 
@@ -84,16 +74,13 @@ Across all organizations owned by your enterprise, you can allow members with ad
 {% data reusables.enterprise.role-permission-hierarchy %}
 
 {% data reusables.enterprise-accounts.access-enterprise %}
-{% data reusables.enterprise-accounts.policies-tab %}{% ifversion security-feature-enablement-policies %}
-{% data reusables.enterprise-accounts.code-security-and-analysis-policies %}{% else %}
-{% data reusables.enterprise-accounts.advanced-security-policies %}{% endif %}{% ifversion security-feature-enablement-policies %}
+{% data reusables.enterprise-accounts.policies-tab %}
+{% data reusables.enterprise-accounts.code-security-and-analysis-policies %}
 1. In the "{% data variables.product.prodname_GH_advanced_security %} policies" section, under "{% data variables.product.prodname_GH_advanced_security %} availability", select the dropdown menu and click a policy for the organizations owned by your enterprise.
 
-{% data reusables.enterprise-accounts.advanced-security-organization-policy-drop-down %}{% endif %}
+{% data reusables.enterprise-accounts.advanced-security-organization-policy-drop-down %}
 {% data reusables.enterprise-accounts.advanced-security-individual-organization-policy-drop-down %}
 
-{% ifversion security-feature-enablement-policies %}
-
 ## Enforcing a policy to manage the use of {% data variables.product.prodname_GH_advanced_security %} features in your enterprise's repositories
 
 Across all of your enterprise's organizations, you can allow or disallow people with admin access to repositories to manage the use of {% data variables.product.prodname_GH_advanced_security %} features in the repositories. {% data reusables.advanced-security.ghas-must-be-enabled %}
@@ -114,8 +101,6 @@ Across all of your enterprise's organizations, you can allow or disallow people
 {% data reusables.enterprise-accounts.code-security-and-analysis-policies %}
 1. In the "{% data variables.product.prodname_GH_advanced_security %} policies" section, under "Enable or disable {% data variables.product.prodname_secret_scanning %} by repository admins", select the dropdown menu and click a policy.
 
-{% endif %}
-
 {% ifversion secret-scanning-ai-generic-secret-detection %}
 
 ## Enforcing a policy to manage the use of {% data variables.secret-scanning.generic-secret-detection %} for {% data variables.product.prodname_secret_scanning %} in your enterprise's repositories
 
@@ -64,7 +64,7 @@ You can configure {% data variables.product.prodname_code_scanning %} to run {%
 
 {% data variables.product.product_name %} can run {% data variables.product.prodname_code_scanning %} using a {% data variables.product.prodname_actions %} workflow. First, you need to provision one or more self-hosted {% data variables.product.prodname_actions %} runners in your environment. You can provision self-hosted runners at the repository, organization, or enterprise account level. See [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/about-self-hosted-runners) and [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/adding-self-hosted-runners).
 
-{% ifversion code-scanning-runner-label or default-setup-self-hosted-runners-GHEC %}
+{% ifversion default-setup-self-hosted-runners-GHEC %}
 If you are provisioning a self-hosted runner for {% data variables.product.prodname_codeql %} analysis, your runner must use a {% data variables.product.prodname_codeql %}-supported operating system version and CPU architecture. See the [{% data variables.product.prodname_codeql %} system requirements](https://codeql.github.com/docs/codeql-overview/system-requirements/).
 
 If you are using default setup for {% data variables.product.prodname_code_scanning %}, you can assign self-hosted runners {% ifversion code-scanning-default-setup-customize-labels %}with the default `code-scanning` label, or you can optionally give them custom labels so that individual repositories can use different runners.{% else %}with the `code-scanning` label.{% endif %} See [AUTOTITLE](/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning#assigning-labels-to-runners).
 
@@ -4,7 +4,7 @@ shortTitle: Configuring dependency review
 intro: 'To help users understand dependency changes when reviewing pull requests, you can enable, configure, and disable dependency review for {% data variables.product.prodname_ghe_server %}.'
 product: '{% data reusables.gated-features.dependency-review %}'
 versions:
-  feature: dependency-review-action-ghes
+  ghes: '*'
 type: how_to
 topics:
   - Advanced Security
 
@@ -23,7 +23,7 @@ topics:
 
 When you enable {% data variables.product.prodname_GH_advanced_security %} for your enterprise, repository administrators in all organizations can enable the features unless you set up a policy to restrict access. See [AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-code-security-and-analysis-for-your-enterprise).
 
-{% ifversion secret-scanning-enterprise-level-api %}{% data reusables.secret-scanning.secret-scanning-enterprise-level-api %}{% endif %}
+{% data reusables.secret-scanning.secret-scanning-enterprise-level-api %}
 
 For guidance on a phased deployment of GitHub Advanced Security, see [AUTOTITLE](/code-security/adopting-github-advanced-security-at-scale/introduction-to-adopting-github-advanced-security-at-scale).
 
 
@@ -3,7 +3,8 @@ title: Managing GitHub Advanced Security features for your enterprise
 intro: 'You can control {% data variables.product.prodname_GH_advanced_security %} features that secure and analyze code across all organizations owned by your enterprise.'
 permissions: 'Enterprise owners can manage {% data variables.product.prodname_advanced_security %} features for organizations in an enterprise.'
 versions:
-  feature: secret-scanning-enterprise-level
+  ghec: '*'
+  ghes: '*'
 type: how_to
 topics:
   - Alerts
@@ -31,7 +32,7 @@ To manage individual {% data variables.product.prodname_GH_advanced_security %}
 
 {% endif %}
 
-{% ifversion secret-scanning-enterprise-level-api %}{% data reusables.secret-scanning.secret-scanning-enterprise-level-api %}{% endif %}
+{% data reusables.secret-scanning.secret-scanning-enterprise-level-api %}
 
 {% ifversion ghes %}For information about buying a license for {% data variables.product.prodname_GH_advanced_security %}, see [AUTOTITLE](/billing/managing-billing-for-your-products/managing-billing-for-github-advanced-security/about-billing-for-github-advanced-security).{% elsif ghec %}For information about buying a license for {% data variables.product.prodname_GH_advanced_security %}, see [AUTOTITLE](/billing/managing-billing-for-your-products/managing-billing-for-github-advanced-security/signing-up-for-github-advanced-security).{% endif %}
 
 
@@ -23,18 +23,11 @@ To use {% data variables.product.prodname_dependabot_updates %} on {% data varia
 
 ## Prerequisites
 
-{% ifversion dependabot-updates-github-connect %}
 Configuring self-hosted runners is only one step in the middle of the process for enabling {% data variables.product.prodname_dependabot_updates %}. There are several steps you must follow before these steps, including configuring {% data variables.location.product_location %} to use {% data variables.product.prodname_actions %} with self-hosted runners. For more information, see [AUTOTITLE](/admin/configuration/configuring-github-connect/enabling-dependabot-for-your-enterprise).
-{% else %}
-Before you configure self-hosted runners for {% data variables.product.prodname_dependabot_updates %}, you must:
-
-* Configure {% data variables.location.product_location %} to use {% data variables.product.prodname_actions %} with self-hosted runners. For more information, see [AUTOTITLE](/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/getting-started-with-github-actions-for-github-enterprise-server).
-* Enable {% data variables.product.prodname_dependabot_alerts %} for your enterprise. For more information, see [AUTOTITLE](/admin/configuration/configuring-github-connect/enabling-dependabot-for-your-enterprise).
-{% endif %}
 
 ## Configuring self-hosted runners for {% data variables.product.prodname_dependabot_updates %}
 
-## # System requirements for {% data variables.product.prodname_dependabot %} runners
+### System requirements for {% data variables.product.prodname_dependabot %} runners
 
 {% data reusables.dependabot.dependabot-runners-system-requirements %}
 
 
@@ -69,15 +69,41 @@ Root storage refers to the total size of your instance's root disk. The availabl
 > Before increasing the root partition size, you must put your instance in maintenance mode. For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/enabling-and-scheduling-maintenance-mode).
 
 1. Attach a new disk to your {% data variables.product.prodname_ghe_server %} appliance.
-1. Run the `lsblk` command to identify the new disk's device name.
+1. Run the `lsblk` command to identify the new disk's device name.{% ifversion ghes > 3.13 %}
+1. Back up your existing EFI boot partition:
+
+   ```shell
+   sudo dd if=/dev/disk/by-label/EFIBOOT of=EFIBOOT.bak bs=1M
+   ```
+
+{% endif %}
+
 1. Run the `parted` command to format the disk, substituting your device name for `/dev/xvdg`:
 
+{% ifversion ghes < 3.14 %}
+
    ```shell
    sudo parted /dev/xvdg mklabel msdos
    sudo parted /dev/xvdg mkpart primary ext4 0% 50%
    sudo parted /dev/xvdg mkpart primary ext4 50% 100%
    ```
 
+{% else %}
+
+   ```shell
+   sudo parted /dev/xvdg mklabel gpt
+   sudo parted -a optimal /dev/xvdg mkpart bios fat32 1MiB 2MiB
+   sudo parted /dev/xvdg set 1 bios_grub on
+   sudo parted -a optimal /dev/xvdg mkpart efi fat32 2MiB 512MiB
+   sudo parted /dev/xvdg set 2 esp on
+   sudo parted -a optimal /dev/xvdg mkpart primary 512MiB 50%
+   sudo parted /dev/xvdg set 3 boot off
+   sudo parted /dev/xvdg set 3 esp off
+   sudo parted -a optimal /dev/xvdg mkpart primary 50% 100%
+   ```
+
+{% endif %}
+
 1. If your appliance is configured for high-availability or geo-replication, to stop replication run the `ghe-repl-stop` command on each replica node:
 
    ```shell
@@ -86,6 +112,8 @@ Root storage refers to the total size of your instance's root disk. The availabl
 
 1. To install the {% data variables.product.prodname_ghe_server %} software on the newly partitioned disk, run the `ghe-upgrade` command. You must replace **PACKAGE-NAME.pkg** with the path to a platform-specific upgrade package that matches the version of {% data variables.product.prodname_ghe_server %} already running on the appliance. You cannot use a universal hotpatch upgrade package, such as `github-enterprise-2.11.9.hpkg`. After the `ghe-upgrade` command completes, application services will automatically terminate.
 
+{% ifversion ghes < 3.14 %}
+
    ```shell
    ghe-upgrade PACKAGE-NAME.pkg -s -t /dev/xvdg1
    ```
@@ -96,6 +124,21 @@ Root storage refers to the total size of your instance's root disk. The availabl
    sudo mkfs.ext4 -L fallback /dev/xvdg2
    ```
 
+{% else %}
+
+   ```shell
+   ghe-upgrade PACKAGE-NAME.pkg -s -t /dev/xvdg3
+   ```
+
+1. Run these commands on the secondary partitions of the newly added disk:
+
+   ```shell
+   sudo dd if=/dev/disk/by-label/EFIBOOT of=/dev/xvdg2 bs=1M
+   sudo mkfs.ext4 -L fallback /dev/xvdg4
+   ```
+
+{% endif %}
+
 1. Shut down the appliance:
 
    ```shell
 
@@ -36,7 +36,7 @@ If you're an organization owner, you can enable push protection for multiple rep
 
 Organization owners, security managers, and repository administrators can also enable push protection for {% data variables.product.prodname_secret_scanning %} via the API. For more information, see [AUTOTITLE](/rest/repos#update-a-repository) and expand the "Properties of the `security_and_analysis` object" section.
 
-{% ifversion secret-scanning-enterprise-level %}
+{% ifversion ghec or ghes %}
 
 If your organization is owned by an enterprise account, an enterprise owner can also enable push protection at the enterprise level. For more information, see [AUTOTITLE](/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise).