Repo sync

Dockerfile

@@ -8,7 +8,7 @@
 # ---------------------------------------------------------------
 # To update the sha:
 # https://github.com/github/gh-base-image/pkgs/container/gh-base-image%2Fgh-base-noble
-FROM ghcr.io/github/gh-base-image/gh-base-noble:20251114-221740-gd084d271e AS base
+FROM ghcr.io/github/gh-base-image/gh-base-noble:20251119-090131-gb27dc275c AS base
 
 # Install curl for Node install and determining the early access branch
 # Install git for cloning docs-early-access & translations repos

content/admin/enforcing-policies/enforcing-policy-with-pre-receive-hooks/about-pre-receive-hooks.md

@@ -44,6 +44,26 @@ Due to risk of failure and performance impact for all users of your instance, we
 > [!NOTE]
 > To avoid rejection of a push due to a timeout, all combined pre-receive hooks should run in under five seconds.
 
+## Pre-receive hook timeouts
+
+Pre-receive hooks in {% data variables.product.prodname_ghe_server %} have a fixed timeout budget of 5 seconds (shared across all hooks). This is intentional design to prevent resource exhaustion from long-running hooks and to prevent runaway scripts from blocking repository operations indefinitely.
+
+All pre-receive hooks for a repository share a **cumulative timeout budget**:
+- If hook A takes 3 seconds, hook B gets 2 seconds remaining (from 5 second default)
+- If hook A times out at 5 seconds, hook B never executes
+
+> [!IMPORTANT]
+> Pre-receive hook timeouts are handled differently from exit codes:
+> - **Exit codes**: Enforcement configuration is honored (non-enforced hooks don't block pushes)
+> - **Timeouts**: Push may fail regardless of enforcement configuration
+
+### Timeout behavior
+
+Scenario | Enforcement = Enabled | Enforcement = Disabled/Testing
+----------|----------------------|--------------------------------
+Exit code ≠ 0 | Push rejected | Push continues (warning only)
+Timeout exceeded | Push rejected | Warning + push may still fail
+
 {% ifversion ghes > 3.16 %}
 
 {% data reusables.repositories.push-rule-and-prereceive-hooks %}

content/apps/creating-github-apps/authenticating-with-a-github-app/generating-a-json-web-token-jwt-for-a-github-app.md

@@ -20,7 +20,7 @@ Your JWT must be signed using the `RS256` algorithm and must contain the followi
 |---|---|---|
 |`iat`| Issued At | The time that the JWT was created. To protect against clock drift, we recommend that you set this 60 seconds in the past and ensure that your server's date and time is set accurately (for example, by using the Network Time Protocol). |
 |`exp`| Expires At | The expiration time of the JWT, after which it can't be used to request an installation token. The time must be no more than 10 minutes into the future. |
-|`iss`| Issuer | The client ID or application ID of your {% data variables.product.prodname_github_app %}. This value is used to find the right public key to verify the signature of the JWT. You can find your app's IDs on the settings page for your {% data variables.product.prodname_github_app %}. Use of the client ID is recommended. For more information about navigating to the settings page for your {% data variables.product.prodname_github_app %}, see [AUTOTITLE](/apps/maintaining-github-apps/modifying-a-github-app-registration#navigating-to-your-github-app-settings).|
+|`iss`| Issuer | The {% ifversion client-id-for-app %}client ID or {% endif %}application ID of your {% data variables.product.prodname_github_app %}. This value is used to find the right public key to verify the signature of the JWT. You can find your app's ID{% ifversion client-id-for-app %}s{% endif %} on the settings page for your {% data variables.product.prodname_github_app %}.{% ifversion client-id-for-app %} Use of the client ID is recommended.{% endif %} For more information about navigating to the settings page for your {% data variables.product.prodname_github_app %}, see [AUTOTITLE](/apps/maintaining-github-apps/modifying-a-github-app-registration#navigating-to-your-github-app-settings).|
 |`alg`| Message authentication code algorithm | This should be `RS256` since your JWT must be signed using the `RS256` algorithm. |
 
 To use a JWT, pass it in the `Authorization` header of an API request. For example:
@@ -47,7 +47,7 @@ Most programming languages have a package that can generate a JWT. In all cases,
 > [!NOTE]
 > You must run `gem install jwt` to install the `jwt` package in order to use this script.
 
-In the following example, replace `YOUR_PATH_TO_PEM` with the file path where your private key is stored. Replace `YOUR_CLIENT_ID` with the ID of your app. Make sure to enclose the values for `YOUR_PATH_TO_PEM` and `YOUR_CLIENT_ID` in double quotes.
+In the following example, replace `YOUR_PATH_TO_PEM` with the file path where your private key is stored. Replace {% ifversion client-id-for-app %}`YOUR_CLIENT_ID`{% else %}`YOUR_APP_ID`{% endif %} with the ID of your app. Make sure to enclose the values for `YOUR_PATH_TO_PEM` and {% ifversion client-id-for-app %}`YOUR_CLIENT_ID`{% else %}`YOUR_APP_ID`{% endif %} in double quotes.
 
 ```ruby
 require 'openssl'
@@ -63,10 +63,11 @@ payload = {
   iat: Time.now.to_i - 60,
   # JWT expiration time (10 minute maximum)
   exp: Time.now.to_i + (10 * 60),
-
+  {% ifversion client-id-for-app %}
 # {% data variables.product.prodname_github_app %}'s client ID
-  iss: "YOUR_CLIENT_ID"
-
+  iss: "YOUR_CLIENT_ID"{% else %}
+# {% data variables.product.prodname_github_app %}'s app ID
+  iss: "YOUR_APP_ID"{% endif %}
 }
 
 jwt = JWT.encode(payload, private_key, "RS256")
@@ -92,12 +93,19 @@ if len(sys.argv) > 1:
 else:
     pem = input("Enter path of private PEM file: ")
 
+{% ifversion client-id-for-app %}
 # Get the Client ID
 if len(sys.argv) > 2:
     client_id = sys.argv[2]
 else:
     client_id = input("Enter your Client ID: ")
-
+{% else %}
+# Get the App ID
+if len(sys.argv) > 2:
+    app_id = sys.argv[2]
+else:
+    app_id = input("Enter your APP ID: ")
+{% endif %}
 
 # Open PEM
 with open(pem, 'rb') as pem_file:
@@ -108,9 +116,11 @@ payload = {
     'iat': int(time.time()),
     # JWT expiration time (10 minutes maximum)
     'exp': int(time.time()) + 600,
-
+    {% ifversion client-id-for-app %}
     # {% data variables.product.prodname_github_app %}'s client ID
-    'iss': client_id
+    'iss': client_id{% else %}
+    # {% data variables.product.prodname_github_app %}'s app ID
+    'iss': app_id{% endif %}
 
 }
 
@@ -125,14 +135,16 @@ This script will prompt you for the file path where your private key is stored a
 ### Example: Using Bash to generate a JWT
 
 > [!NOTE]
-> You must pass your Client ID and the file path where your private key is stored as arguments when running this script.
+> You must pass your {% ifversion client-id-for-app %}Client ID{% else %}App ID{% endif %} and the file path where your private key is stored as arguments when running this script.
 
 ```bash copy
 #!/usr/bin/env bash
 
-set -o pipefail
+{% ifversion client-id-for-app %}
 client_id=$1 # Client ID as first argument
-
+{% else %}
+app_id=$1 # App ID as first argument
+{% endif %}
 pem=$( cat $2 ) # file path of the private key as second argument
 
 now=$(date +%s)
@@ -151,7 +163,7 @@ header=$( echo -n "${header_json}" | b64enc )
 payload_json="{
     \"iat\":${iat},
     \"exp\":${exp},
-    \"iss\":\"${client_id}\"
+    {% ifversion client-id-for-app %}\"iss\":\"${client_id}\"{% else %}\"iss\":\"${app_id}\"{% endif %}
 }"
 # Payload encode
 payload=$( echo -n "${payload_json}" | b64enc )
@@ -170,13 +182,16 @@ printf '%s\n' "JWT: $JWT"
 
 ### Example: Using PowerShell to generate a JWT
 
-In the following example, replace `YOUR_PATH_TO_PEM` with the file path where your private key is stored. Replace `YOUR_CLIENT_ID` with the ID of your app. Make sure to enclose the values for `YOUR_PATH_TO_PEM` in double quotes.
+In the following example, replace `YOUR_PATH_TO_PEM` with the file path where your private key is stored. Replace {% ifversion client-id-for-app %}`YOUR_CLIENT_ID`{% else %}`YOUR_APP_ID`{% endif %} with the ID of your app. Make sure to enclose the values for `YOUR_PATH_TO_PEM` in double quotes.
 
 ```powershell copy
 #!/usr/bin/env pwsh
 
+{% ifversion client-id-for-app %}
 $client_id = YOUR_CLIENT_ID
-
+{% else %}
+$app_id = YOUR_APP_ID
+{% endif %}
 $private_key_path = "YOUR_PATH_TO_PEM"
 
 $header = [Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes((ConvertTo-Json -InputObject @{
@@ -187,7 +202,7 @@ $header = [Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes((Conve
 $payload = [Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes((ConvertTo-Json -InputObject @{
   iat = [System.DateTimeOffset]::UtcNow.AddSeconds(-10).ToUnixTimeSeconds()
   exp = [System.DateTimeOffset]::UtcNow.AddMinutes(10).ToUnixTimeSeconds()
-   iss = $client_id 
+  {% ifversion client-id-for-app %}iss = $client_id{% else %}iss = $app_id{% endif %}
 }))).TrimEnd('=').Replace('+', '-').Replace('/', '_');
 
 $rsa = [System.Security.Cryptography.RSA]::Create()

content/billing/concepts/cost-centers.md

@@ -35,3 +35,4 @@ For more details, see [AUTOTITLE](/billing/reference/cost-center-allocation).
 * The maximum number of resources per cost center is 10,000.
 * A maximum of 50 resources can be added to or removed from a cost center at a time.
 * Azure subscriptions can only be added to or removed from cost centers through the UI.
+* Outside collaborators can only be added to cost centers via the cost center API. For more information, see [AUTOTITLE](/billing/tutorials/control-costs-at-scale#add-resources-to-the-cost-center).

content/copilot/concepts/agents/code-review.md

@@ -26,7 +26,28 @@ category:
 
 This article provides an overview of {% data variables.copilot.copilot_code-review_short %}. For instructions on how to request a code review from {% data variables.product.prodname_copilot_short %}, see [AUTOTITLE](/copilot/how-tos/agents/copilot-code-review/using-copilot-code-review).
 
-### {% data variables.copilot.copilot_code-review-tools-preview_cap %}
+## Availability
+
+{% data variables.copilot.copilot_code-review_short %} is supported in:
+
+* {% data variables.product.prodname_dotcom_the_website %}
+* {% data variables.product.prodname_mobile %}
+* {% data variables.product.prodname_vscode_shortname %}
+* {% data variables.product.prodname_vs %}
+* Xcode
+* JetBrains IDEs
+
+{% data variables.copilot.copilot_code-review_short %} is a premium feature, available with the {% data variables.copilot.copilot_pro_short %}, {% data variables.copilot.copilot_pro_plus_short %}, {% data variables.copilot.copilot_business_short %}, and {% data variables.copilot.copilot_enterprise_short %} plans. See [Copilot plans](https://github.com/features/copilot/plans?ref_product=copilot&ref_type=purchase&ref_style=text).
+
+If you receive {% data variables.product.prodname_copilot_short %} from an organization then, to be able to request a pull request review from {% data variables.product.prodname_copilot_short %} on {% data variables.product.prodname_dotcom_the_website %} or in {% data variables.product.prodname_mobile %}, the **{% data variables.copilot.copilot_code-review_short %}** option must be enabled in the {% data variables.product.prodname_copilot_short %} policy settings for the organization. See [AUTOTITLE](/copilot/how-tos/administer/organizations/managing-policies-for-copilot-in-your-organization).
+
+## Excluded files
+
+Dependency management files (such as package.json and Gemfile.lock) and certain other types of files (such as log files and SVGs) are excluded from {% data variables.copilot.copilot_code-review_short %}. If you include any of these files in a pull request, {% data variables.copilot.copilot_code-review_short %} will not consider the file when carrying out the review. Similarly, using {% data variables.copilot.copilot_code-review_short %} on one of these files in your IDE, will not generate review comments.
+
+For more information, see [AUTOTITLE](/copilot/reference/review-excluded-files).
+
+## {% data variables.copilot.copilot_code-review-tools-preview_cap %}
 
 > [!NOTE]
 >
@@ -50,21 +71,6 @@ In the event that {% data variables.product.prodname_actions %} is unavailable o
 >
 > Usage charges will apply when the feature becomes generally available.
 
-## Availability
-
-{% data variables.copilot.copilot_code-review_short %} is supported in:
-
-* {% data variables.product.prodname_dotcom_the_website %}
-* {% data variables.product.prodname_mobile %}
-* {% data variables.product.prodname_vscode_shortname %}
-* {% data variables.product.prodname_vs %}
-* Xcode
-* JetBrains IDEs
-
-{% data variables.copilot.copilot_code-review_short %} is a premium feature, available with the {% data variables.copilot.copilot_pro_short %}, {% data variables.copilot.copilot_pro_plus_short %}, {% data variables.copilot.copilot_business_short %}, and {% data variables.copilot.copilot_enterprise_short %} plans. See [Copilot plans](https://github.com/features/copilot/plans?ref_product=copilot&ref_type=purchase&ref_style=text).
-
-If you receive {% data variables.product.prodname_copilot_short %} from an organization then, to be able to request a pull request review from {% data variables.product.prodname_copilot_short %} on {% data variables.product.prodname_dotcom_the_website %} or in {% data variables.product.prodname_mobile %}, the **{% data variables.copilot.copilot_code-review_short %}** option must be enabled in the {% data variables.product.prodname_copilot_short %} policy settings for the organization. See [AUTOTITLE](/copilot/how-tos/administer/organizations/managing-policies-for-copilot-in-your-organization).
-
 ## Code review monthly quota
 
 Each time {% data variables.product.prodname_copilot_short %} reviews a pull request, or reviews code in your IDE, your monthly quota of Copilot premium requests is reduced by one.

content/copilot/reference/ai-models/model-hosting.md

@@ -46,11 +46,20 @@
 
 ## Anthropic models
 
+<!-- expires 2025-12-05 -->
+
+<!-- When this expires, check with the stakeholder for release #20458 on whether or not this note can be removed -->
+
+{% data reusables.copilot.claude-promo-period %} See [Model multipliers](/copilot/reference/ai-models/supported-models#model-multipliers).
+
+<!-- end expires 2025-12-05 -->
+
 Used for:
 
 * {% data variables.copilot.copilot_claude_haiku_45 %}
 * {% data variables.copilot.copilot_claude_sonnet_45 %}
 * {% data variables.copilot.copilot_claude_opus_41 %}
+* {% data variables.copilot.copilot_claude_opus_45 %}
 * {% data variables.copilot.copilot_claude_sonnet_40 %}
 
 These models are hosted by Amazon Web Services, Anthropic PBC, and Google Cloud Platform. {% data variables.product.github %} has provider agreements in place to ensure data is not used for training. Additional details for each provider are included below:
@@ -80,8 +89,6 @@
 
 {% data reusables.copilot.grok-promo-period %}
 
-Complimentary access to Grok Code Fast 1 is continuing past the previously announced end time. A new end date has not been set. We may update or conclude this promotion at any time. Regular pricing applies after the extension ends. See [AUTOTITLE](/copilot/reference/ai-models/supported-models#model-multipliers).
-
 These models are hosted on xAI. xAI operates {% data variables.copilot.copilot_grok_code %} in {% data variables.product.prodname_copilot %} under a zero data retention API policy. This means xAI commits that user content (both inputs sent to the model and outputs generated by the model):
 
 Will **not** be:

content/copilot/reference/ai-models/supported-models.md

@@ -98,6 +98,14 @@
 
 For more information about premium requests, see [AUTOTITLE](/copilot/managing-copilot/monitoring-usage-and-entitlements/about-premium-requests).
 
+<!-- expires 2025-12-05 -->
+
+<!-- When this expires, check with the stakeholder for release #20458 on whether or not this note can be removed and table updated -->
+
+{% data reusables.copilot.claude-promo-period %}
+
+<!-- end expires 2025-12-05 -->
+
 {% data reusables.copilot.model-multipliers %}
 
 ## Next steps

content/copilot/reference/index.md

@@ -17,6 +17,7 @@ children:
   - /metrics-data
   - /copilot-billing
   - /agentic-audit-log-events
+  - /review-excluded-files
   - /copilot-usage-metrics
 contentType: reference
 ---

content/copilot/reference/review-excluded-files.md

@@ -0,0 +1,86 @@
+---
+title: Files excluded from {% data variables.copilot.copilot_code-review %}
+shortTitle: Review excluded files
+intro: 'Understand the types of files that are excluded from a review by {% data variables.product.prodname_copilot_short %}.'
+versions:
+  feature: copilot
+topics:
+  - Copilot
+category:
+  - Author and optimize with Copilot
+contentType: reference
+---
+
+Certain types of files are excluded from {% data variables.copilot.copilot_code-review_short %}. These include dependency management files, log files, SVG files, and files in locations typically reserved for vendor files or automatically generated files.
+
+If you include any of these files in a pull request, {% data variables.copilot.copilot_code-review_short %} will not consider the file when carrying out the review. Similarly, using {% data variables.copilot.copilot_code-review_short %} on one of these files in your IDE, will not generate review comments.
+
+This is an example of some of the files that are excluded from {% data variables.copilot.copilot_code-review_short %}:
+
+* `.gitignore`
+* `package-lock.json`
+* `yarn.lock`
+* `jest.config.js`
+* `next.config.js`
+* `tailwind.config.js`
+* `tsconfig.json`
+* `requirements.txt`
+* `Pipfile.lock`
+* `Gemfile.lock`
+* `composer.lock`
+* `Cargo.lock`
+* `go.sum`
+* `paket.lock`
+* `pubspec.lock`
+* `stack.yaml`
+* `elm.json`
+* `Project.toml`
+* `Manifest.toml`
+* `renv.lock`
+* `build.sbt`
+* `Package.resolved`
+* `deps.edn`
+* `build.gradle`
+* `mix.lock`
+* `build.gradle.kts`
+* `cpanfile`
+* `Podfile.lock`
+* `conanfile.txt`
+* `info.rkt`
+* `rockspec`
+* `opam`
+* `rebar.config`
+* `nimble`
+* `shard.yml`
+* `dub.json`
+* `dub.sdl`
+* `GPR`
+* `Mason.toml`
+* `fpm.toml`
+* `pack.pl`
+* `baseline.st`
+* `PacletInfo.m`
+* `info.ss`
+* `Jpkg`
+* `box.json`
+* `GNAVI.xml`
+
+Files matching these patterns are also excluded:
+
+* `**/*.svg`
+* `**/*.log`
+* `**/*.lock`
+* `**/go.sum`
+* `**/*.ipynb.raw.html`
+* `**/dist/**/*`
+* `**/node_modules/**/*`
+* `**/*.min.js`
+* `**/*.d.ts`
+* `**/coverage/**/*`
+* `**/*.bundle.js`
+* `**/*.map`
+* `**/out/**/*`
+* `**/vendor/**/*`
+* `**/bin/**/*`
+* `**/generated/**/*`
+* `**/generated-sources/**/*`

content/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization.md

@@ -52,7 +52,7 @@ You{% ifversion custom-org-roles %}, and any users with the "Edit custom propert
 
     ![Screenshot the page to set values for repositories. A button, labeled with a pencil icon and "Edit properties", is highlighted with an orange outline.](/assets/images/help/repository/edit-properties.png)
 
-1. In the modal dialog that appears, select a value for each property you'd like to set for the selected repositories.
+1. In the modal dialog that appears, select a value for each property you'd like to set for the selected repositories. This value cannot exceed 75 characters in length.
 1. Click **Save changes**.
 
 ## Viewing values for repositories in your organization

content/sponsors/receiving-sponsorships-through-github-sponsors/using-a-fiscal-host-to-receive-github-sponsors-payouts.md

@@ -24,6 +24,7 @@ When you sign up for a {% data variables.product.prodname_sponsors %} profile so
 * [Open Collective Europe](https://opencollective.com/europe)
 * [Open Source Collective](https://opencollective.com/opensource)
 * [Python Software Foundation](https://www.python.org/psf-landing/)
+* [Radiant Earth](https://radiant.earth/)
 * [Software in the Public Interest](https://www.spi-inc.org/)
 * [Software Underground](https://softwareunderground.org/)
 

data/features/client-id-for-app.yml

@@ -0,0 +1,6 @@
+# Reference: #14091
+
+versions:
+  fpt: '*'
+  ghec: '*'
+  ghes: '>=3.18'

data/reusables/copilot/claude-promo-period.md

@@ -0,0 +1 @@
+> [!Important] {% data variables.copilot.copilot_claude_opus_45 %} has a promotional multiplier of **1** through Friday, December 5, 2025. After that date, the multiplier will change to **3**.