Repo sync

content/admin/managing-iam/configuring-authentication-for-enterprise-managed-users/configuring-oidc-for-enterprise-managed-users.md

@@ -36,6 +36,8 @@ To change the lifetime policy property, you will need the object ID associated w
 
 Support for OIDC is available for customers using Entra ID.
 
+{% data reusables.enterprise-accounts.gov-cloud-idp-not-supported %}
+
 Each Entra ID tenant can support only one OIDC integration with {% data variables.product.prodname_emus %}. If you want to connect Entra ID to more than one enterprise on {% data variables.product.prodname_dotcom %}, use SAML instead. See [AUTOTITLE](/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/configuring-saml-single-sign-on-for-enterprise-managed-users).
 
 OIDC does not support IdP-initiated authentication.

content/admin/managing-iam/configuring-authentication-for-enterprise-managed-users/configuring-saml-single-sign-on-for-enterprise-managed-users.md

@@ -27,6 +27,8 @@ With {% data variables.product.prodname_emus %}, access to your enterprise's res
 
 After you configure SAML SSO, we recommend storing your recovery codes so you can recover access to your enterprise in the event that your IdP is unavailable.
 
+{% data reusables.enterprise-accounts.gov-cloud-idp-not-supported %}
+
 {% data reusables.enterprise_user_management.SAML-to-OIDC-migration-for-EMU %}
 
 ## Prerequisites

content/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-scim-provisioning-for-users.md

@@ -26,6 +26,8 @@ category:
 
 If you use a partner IdP, you can simplify the configuration of SCIM provisioning by using the partner IdP's application. If you don't use a partner IdP for provisioning, you can implement SCIM using calls to {% data variables.product.company_short %}'s REST API for SCIM. For more information, see {% ifversion ghec %}[AUTOTITLE](/admin/managing-iam/understanding-iam-for-enterprises/about-enterprise-managed-users#identity-management-systems).{% else %}[AUTOTITLE](/admin/managing-iam/provisioning-user-accounts-with-scim/user-provisioning-with-scim-on-ghes#supported-identity-providers).{% endif %}
 
+{% data reusables.enterprise-accounts.gov-cloud-idp-not-supported %}
+
 {% ifversion ghes %}
 
 ## Who needs to follow these instructions?

content/admin/managing-iam/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise.md

@@ -65,11 +65,13 @@ If an unauthenticated user attempts to sign in to {% data variables.location.pro
 
 For more information about connecting Microsoft Entra ID (previously known as Azure AD) to your enterprise, see [Tutorial: Microsoft Entra SSO integration with GitHub Enterprise Cloud - Enterprise Account](https://learn.microsoft.com/en-us/entra/identity/saas-apps/github-enterprise-cloud-enterprise-account-tutorial) in Microsoft Docs.
 
+{% data reusables.enterprise-accounts.gov-cloud-idp-not-supported %}
+
 {% elsif ghes %}
 
 For more information about connecting Entra ID to your enterprise, see [Tutorial: Microsoft Entra SSO integration with GitHub Enterprise Server](https://learn.microsoft.com/en-us/entra/identity/saas-apps/github-ae-tutorial) in Microsoft Docs.
 
-We do not have a supported partner application when using Entra ID for Azure Government. 
+{% data reusables.enterprise-accounts.gov-cloud-idp-not-supported %}
 
 ## Username considerations with SAML
 

content/apps/creating-github-apps/authenticating-with-a-github-app/generating-an-installation-access-token-for-a-github-app.md

@@ -19,6 +19,8 @@ In order to authenticate as an app installation, you must generate an installati
 
 You should keep your installation access token secure. For more information, see [AUTOTITLE](/apps/creating-github-apps/setting-up-a-github-app/best-practices-for-creating-a-github-app).
 
+{% data reusables.apps.ghs-stateless-token-format %}
+
 ## Generating an installation access token
 
 {% data reusables.apps.generate-installation-access-token %}

content/authentication/keeping-your-account-and-data-secure/about-authentication-to-github.md

@@ -145,6 +145,8 @@ To use a {% data variables.product.pat_generic %} or SSH key to access resources
 
 {% data variables.product.company_short %} issues tokens that begin with a prefix to indicate the token's type.
 
+{% data reusables.apps.ghs-stateless-token-format %}
+
 | Token type | Prefix | More information |
 | :- | :- | :- |
 | {% data variables.product.pat_v1_caps %} | `ghp_` | [AUTOTITLE](/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token#creating-a-personal-access-token-classic)  |
@@ -154,4 +156,4 @@ To use a {% data variables.product.pat_generic %} or SSH key to access resources
 | Installation access token for a {% data variables.product.prodname_github_app %} | `ghs_` | [AUTOTITLE](/apps/creating-github-apps/authenticating-with-a-github-app/authenticating-as-a-github-app-installation) |
 | Refresh token for a {% data variables.product.prodname_github_app %} | `ghr_` | [AUTOTITLE](/apps/creating-github-apps/authenticating-with-a-github-app/refreshing-user-access-tokens) |
 
-For more information {% data variables.product.github %}'s token types and their management, see [AUTOTITLE](/organizations/managing-programmatic-access-to-your-organization/github-credential-types).
+For more information {% data variables.product.github %}'s token types and their management, see [AUTOTITLE](/organizations/managing-programmatic-access-to-your-organization/github-credential-types).

content/copilot/how-tos/manage-and-track-spending/prepare-for-usage-based-billing.md

@@ -3,7 +3,7 @@
 shortTitle: Prepare your organization for usage-based billing
 allowTitleToDifferFromFilename: true
 intro: 'Review your estimated costs under usage-based billing and take steps to prepare your organization before the transition.'
-permissions: Enterprise owners, organization owners, and billing managers
+permissions: Enterprise owners and billing managers can download the usage report for enterprises. Organization owners can download the usage report for standalone organizations.
 versions:
   feature: copilot
 product: '{% data variables.copilot.copilot_enterprise_short %} or {% data variables.copilot.copilot_business_short %}'
@@ -12,7 +12,7 @@
   - Manage Copilot for a team
 ---
 
 <!-- expires 2026-06-01 -->
 
 On June 1, 2026, {% data variables.product.prodname_copilot_short %} is moving to usage-based billing with {% data variables.product.prodname_ai_credits %}. Use the tool below to understand how this change affects your organization and prepare before the transition takes effect.
 

content/issues/planning-and-tracking-with-projects/automating-your-project/automating-projects-using-actions.md

@@ -81,7 +81,7 @@ jobs:
           GH_TOKEN: {% raw %}${{ steps.generate-token.outputs.token }}{% endraw %}
           ORGANIZATION: YOUR_ORGANIZATION
           PROJECT_NUMBER: YOUR_PROJECT_NUMBER
-        # Uses [{% data variables.product.prodname_cli %}](https://cli.github.com/manual/) to query the API for the ID of the project and return the name and ID of the first 20 fields in the project. `fields` returns a union and the query uses inline fragments (`... on`) to return information about any `ProjectV2Field` and `ProjectV2SingleSelectField` fields. The response is stored in a file called `project_data.json`.
+        # Uses [{% data variables.product.prodname_cli %} manual](https://cli.github.com/manual/) to query the API for the ID of the project and return the name and ID of the first 20 fields in the project. `fields` returns a union and the query uses inline fragments (`... on`) to return information about any `ProjectV2Field` and `ProjectV2SingleSelectField` fields. The response is stored in a file called `project_data.json`.
         run: |
           gh api graphql -f query='
             query($org: String!, $number: Int!) {
@@ -125,7 +125,7 @@ jobs:
         env:
           GH_TOKEN: {% raw %}${{ steps.generate-token.outputs.token }}{% endraw %}
           PR_ID: {% raw %}${{ github.event.pull_request.node_id }}{% endraw %}
-        # Uses [{% data variables.product.prodname_cli %}](https://cli.github.com/manual/) and the API to add the pull request that triggered this workflow to the project. The `jq` flag parses the response to get the ID of the created item.
+        # Uses [{% data variables.product.prodname_cli %} manual](https://cli.github.com/manual/) and the API to add the pull request that triggered this workflow to the project. The `jq` flag parses the response to get the ID of the created item.
         run: |
           item_id="$( gh api graphql -f query='
             mutation($project:ID!, $pr:ID!) {
@@ -214,7 +214,7 @@ jobs:
           GH_TOKEN: {% raw %}${{ secrets.YOUR_TOKEN }}{% endraw %}
           ORGANIZATION: YOUR_ORGANIZATION
           PROJECT_NUMBER: YOUR_PROJECT_NUMBER
-        # Uses [{% data variables.product.prodname_cli %}](https://cli.github.com/manual/) to query the API for the ID of the project and return the name and ID of the first 20 fields in the project. `fields` returns a union and the query uses inline fragments (`... on`) to return information about any `ProjectV2Field` and `ProjectV2SingleSelectField` fields. The response is stored in a file called `project_data.json`.
+        # Uses [{% data variables.product.prodname_cli %} manual](https://cli.github.com/manual/) to query the API for the ID of the project and return the name and ID of the first 20 fields in the project. `fields` returns a union and the query uses inline fragments (`... on`) to return information about any `ProjectV2Field` and `ProjectV2SingleSelectField` fields. The response is stored in a file called `project_data.json`.
         run: |
           gh api graphql -f query='
             query($org: String!, $number: Int!) {
@@ -258,7 +258,7 @@ jobs:
         env:
           GH_TOKEN: {% raw %}${{ secrets.YOUR_TOKEN }}{% endraw %}
           PR_ID: {% raw %}${{ github.event.pull_request.node_id }}{% endraw %}
-        # Uses [{% data variables.product.prodname_cli %}](https://cli.github.com/manual/) and the API to add the pull request that triggered this workflow to the project. The `jq` flag parses the response to get the ID of the created item.
+        # Uses [{% data variables.product.prodname_cli %} manual](https://cli.github.com/manual/) and the API to add the pull request that triggered this workflow to the project. The `jq` flag parses the response to get the ID of the created item.
         run: |
           item_id="$( gh api graphql -f query='
             mutation($project:ID!, $pr:ID!) {

data/reusables/apps/ghs-stateless-token-format.md

@@ -0,0 +1,2 @@
+> [!NOTE]
+> Starting April 27, 2026, {% data variables.product.github %} began a staged rollout of a stateless format (`ghs_APPID_JWT`) to all newly minted {% data variables.product.prodname_github_app %} installation tokens, making them more performant and improving the reliability of our API surface. If your application expects or relies on installation tokens being exactly 40 characters long, it may not handle this new token format correctly. You can now validate your apps and workflows using a temporary request header that lets you enable the token format on demand. For more information about the temporary header, see [the {% data variables.product.company_short %} blog](https://github.blog/changelog/2026-05-15-github-app-installation-tokens-per-request-override-header).

data/reusables/copilot/copilot-cloud-agent-non-auto-models.md

@@ -1,2 +1,4 @@
 * {% data variables.copilot.copilot_claude_opus_47 %}
+* {% data variables.copilot.copilot_claude_haiku_45 %}
 * {% data variables.copilot.copilot_gpt_52_codex %}
+* {% data variables.copilot.copilot_gpt_54_mini %}

data/reusables/enterprise-accounts/gov-cloud-idp-not-supported.md

@@ -0,0 +1 @@
+> [!NOTE] {% data variables.product.company_short %} does not test or validate identity provider (IdP) gallery applications for use in Government Cloud environments, including Microsoft Entra ID Government Cloud and Okta Government Cloud. Authentication and SCIM provisioning issues that involve gallery applications in these environments fall outside {% data variables.product.company_short %}'s [scope of support](/support/learning-about-github-support/about-github-support#scope-of-support).

src/graphql/data/fpt/changelog.json

@@ -1,4 +1,25 @@
 [
+  {
+    "schemaChanges": [
+      {
+        "title": "The GraphQL schema includes these changes:",
+        "changes": [
+          "<p>Type <code>ContentWarning</code> was added</p>",
+          "<p>Field <code>category</code> was added to object type <code>ContentWarning</code></p>",
+          "<p>Field <code>customSubCategory</code> was added to object type <code>ContentWarning</code></p>",
+          "<p>Field <code>subCategory</code> was added to object type <code>ContentWarning</code></p>",
+          "<p>Field <code>subTitle</code> was added to object type <code>ContentWarning</code></p>",
+          "<p>Field <code>title</code> was added to object type <code>ContentWarning</code></p>",
+          "<p>Field <code>type</code> was added to object type <code>ContentWarning</code></p>",
+          "<p>Enum value 'MULTI_SELECT<code>was added to enum</code>IssueFieldDataType'</p>",
+          "<p>Field <code>viewerContentWarning</code> was added to object type <code>Repository</code></p>"
+        ]
+      }
+    ],
+    "previewChanges": [],
+    "upcomingChanges": [],
+    "date": "2026-05-18"
+  },
   {
     "schemaChanges": [
       {