Merge pull request #44083 from github/repo-sync

Repo sync

Author: docs-bot

content/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries.md

@@ -94,6 +94,8 @@ When you select **OIDC** as the authentication method for a private registry, ch
 
 * **Azure**: Enter the **Tenant ID** (Azure AD tenant ID) and **Client ID** (Azure AD application client ID). You must configure a federated credential in Azure AD that trusts {% data variables.product.github %}'s OIDC provider.
 * **AWS CodeArtifact**: Enter the **AWS Region**, **Account ID** (AWS account ID), **Role Name** (IAM role name), **Domain** (CodeArtifact domain), and **Domain Owner** (CodeArtifact domain owner / AWS account ID). You can optionally provide an **Audience**. You must configure an IAM OIDC identity provider in AWS that trusts {% data variables.product.github %}'s OIDC provider.
+* **Cloudsmith**: Enter the **Namespace** (Cloudsmith Organization namespace), **Service Account Slug** (Cloudsmith service account slug), and **Audience** (required). You can optionally provide an **API Host** (defaults to `api.cloudsmith.io`). You must configure an OpenID Connect provider in Cloudsmith that trusts {% data variables.product.github %}'s OIDC provider.
+* **Google Cloud Artifact Registry**: Enter the **Workload Identity Provider** (the full resource name of the Workload Identity Provider, for example `projects/PROJECT-NUMBER/locations/global/workloadIdentityPools/POOL/providers/PROVIDER`) and **Service Account** (the email of the GCP service account to impersonate). You can optionally provide an **Audience**. You must configure a Workload Identity Pool and Provider in GCP that trusts {% data variables.product.github %}'s OIDC provider.
 * **JFrog Artifactory**: Enter the **OIDC Provider Name**. You can optionally provide an **Audience** and **Identity Mapping Name**.
 
 The authentication type of a private registry cannot be changed after creation. To switch from OIDC to another authentication method, or vice versa, delete the existing registry and create a new one.

content/code-security/how-tos/secure-your-supply-chain/manage-your-dependency-security/configuring-access-to-private-registries-for-dependabot.md

@@ -139,10 +139,12 @@ With OIDC-based authentication, {% data variables.product.prodname_dependabot %}
 
 {% endif %}
 
-{% data variables.product.prodname_dependabot %} supports OIDC authentication for any registry type that uses `username` and `password` authentication, when the registry is hosted on one of the following cloud providers:
+{% data variables.product.prodname_dependabot %} supports OIDC authentication for any registry type that uses `username` and `password` authentication, when the registry is hosted on one of the following providers:
 
 * AWS CodeArtifact
 * Azure DevOps Artifacts
+* Cloudsmith
+* Google Cloud Artifact Registry
 * JFrog Artifactory
 
 To configure OIDC authentication, you need to specify different values instead of `username` and `password` in your registry configuration.
@@ -177,6 +179,37 @@ registries:
     client-id: {% raw %}${{ secrets.AZURE_CLIENT_ID }}{% endraw %}
 ```
 
+### Cloudsmith
+
+Cloudsmith requires the values `namespace`, `service-slug`, and `audience`. The `api-host` field is optional and defaults to `api.cloudsmith.io`:
+
+```yaml
+registries:
+  my-cloudsmith-feed:
+    type: npm-registry
+    url: https://dl.cloudsmith.io/MY-NAMESPACE/MY-REPOSITORY/npm/
+    namespace: MY-NAMESPACE
+    service-slug: MY-SERVICE-SLUG
+    audience: https://github.com/GITHUB-ORG
+    api-host: api.cloudsmith.io  # if required by your feed
+```
+
+### Google Cloud Artifact Registry
+
+Google Cloud Artifact Registry requires the values `url` and
+`workload-identity-provider`. The values `service-account` and `audience` are
+optional:
+
+```yaml
+registries:
+  my-gcp-artifact-registry:
+    type: docker-registry
+    url: https://REGION-docker.pkg.dev
+    workload-identity-provider: projects/PROJECT-NUMBER/locations/global/workloadIdentityPools/POOL/providers/PROVIDER
+    service-account: SA-NAME@PROJECT-ID.iam.gserviceaccount.com  # if required by your provider
+    audience: MY-AUDIENCE  # if required by your provider
+```
+
 ### JFrog Artifactory
 
 JFrog Artifactory requires the values `url` and `jfrog-oidc-provider-name`.  The values `audience` and `identity-mapping-name` are optional:

content/copilot/reference/copilot-billing/model-multipliers-for-annual-plans.md

@@ -47,6 +47,8 @@ These new multipliers will **only apply** if you remain on an annual {% data var
 
 Model multipliers and costs are subject to change.
 
+{% data reusables.copilot.gpt-55-promo-period %}
+
 | Model | Current multiplier | New multiplier |
 | --- | ---: | ---: |
 | {% for entry in tables.copilot.annual-subscriber-model-multipliers %} |

content/site-policy/other-site-policies/github-username-policy.md

@@ -17,11 +17,13 @@ GitHub account names are available on a first-come, first-served basis, and are
 
 Keep in mind that not all activity on GitHub is publicly visible; accounts with no visible activity may be in active use.
 
+We do not accept requests to release, transfer, or reclaim usernames on the basis that they appear inactive or unused. If the username you want has already been claimed, you will need to select a different available name unless you are submitting a trademark complaint as described below.
+
 If the username you want has already been claimed, consider other names or unique variations. Using a number, hyphen, or an alternative spelling might help you identify a desirable username that's still available.
 
 ## Trademark Policy
 
-If you believe someone's account is violating your trademark rights, you can find more information about making a trademark complaint on our [Trademark Policy](/site-policy/content-removal-policies/github-trademark-policy) page.
+If you believe someone's account is violating your trademark rights, you can find more information about making a trademark complaint on our [AUTOTITLE](/site-policy/content-removal-policies/github-trademark-policy) page. Valid trademark-related complaints are the only requests we review for possible release of a username that is already claimed.
 
 ## Name Squatting Policy
 

data/release-notes/enterprise-server/3-18/8.yml

@@ -71,6 +71,8 @@ sections:
     - |
       To improve page load performance, user profile pages display a maximum of 24 organizations. When viewing your own profile, a "View all" link provides access to the full list in organization settings. When viewing another user's profile, a count displays any additional organizations beyond the first 24.
   known_issues:
+    - |
+      After upgrading to 3.18.8 via hotpatch, the instance reboots and briefly enters maintenance mode. In some cases, the post-reboot configuration run fails, and the instance does not fully resume service. Site administrators who experience this should SSH into the instance and manually run `ghe-config-apply`. [Updated: 2026-04-30]
     - |
       On instances configured for high availability, you will not be able to change GitHub Actions settings through the Management Console. Other settings are not affected. [Updated: 2026-04-22]
     - |

data/release-notes/enterprise-server/3-20/0.yml

@@ -73,7 +73,7 @@ sections:
 
         # https://github.com/github/releases/issues/6437
         - |
-          Secret scanning supports validity checks that indicate whether detected secrets remain active, helping teams prioritize remediation. Once enabled for a given repository, GitHub will now automatically verify secrets for alerts with supported secret types. GHES admins can make the feature available for enablement across enterprise repositories from their Management Console settings.
+          Secret scanning supports validity checks that indicate whether detected secrets remain active, helping teams prioritize remediation. Once enabled for a given repository, GitHub will now automatically verify secrets for alerts with supported secret types. GHES admins can make the feature available for enablement across enterprise repositories from their Management Console settings. See [AUTOTITLE](/code-security/concepts/secret-security/about-validity-checks).
 
         # https://github.com/github/releases/issues/6253
         - |

data/tables/copilot/annual-subscriber-model-multipliers.yml

@@ -98,6 +98,10 @@
   current_multiplier: '0.33'
   new_multiplier: '6'
 
+- model: 'GPT-5.5'
+  current_multiplier: '7.5'
+  new_multiplier: 'TBD'
+
 - model: 'GPT-5 mini'
   current_multiplier: '0'
   new_multiplier: '0.33'