Merge pull request #36035 from github/repo-sync

docs-bot · web-flow · commit 52e3f637e1e8 · 2025-01-23T04:36:53.000-08:00
Repo sync
diff --git a/content/actions/security-for-github-actions/security-guides/using-secrets-in-github-actions.md b/content/actions/security-for-github-actions/security-guides/using-secrets-in-github-actions.md
@@ -40,7 +40,7 @@ The following rules apply to secret names:
 
   {% data reusables.codespaces.secret-precedence %} Similarly, if an organization, repository, and environment all have a secret with the same name, the environment-level secret takes precedence.
 
-To help ensure that {% data variables.product.prodname_dotcom %} redacts your secret in logs, avoid using structured data as the values of secrets. For example, avoid creating secrets that contain JSON or encoded Git blobs.
+To help ensure that {% data variables.product.prodname_dotcom %} redacts your secrets in logs correctly, avoid using structured data as the values of secrets. For example, avoid creating secrets that contain JSON or encoded Git blobs. Using structured data as secrets could cause non-secrets to be detected as such, making passing data between workflows harder to implement. In such cases, consider manipulating the structured data, for example encoding them to a string, before storing them as secrets, and decoding them before they are used.
 
 ### Accessing your secrets
 
diff --git a/content/packages/working-with-a-github-packages-registry/working-with-the-nuget-registry.md b/content/packages/working-with-a-github-packages-registry/working-with-the-nuget-registry.md
@@ -113,6 +113,13 @@ If your instance has subdomain isolation disabled:
 
 ## Publishing a package
 
+{% ifversion packages-nuget-v2 %}
+
+> [!NOTE]
+> The `nupkg` archive for a NuGet package version must be smaller than 2.147 GB in size.
+
+{% endif %}
+
 You can publish a package to {% data variables.product.prodname_registry %} by authenticating with a _nuget.config_ file, using the `--api-key` command line option with your {% data variables.product.prodname_dotcom %} {% data variables.product.pat_v1 %} or by using command that can be run directly from the command line using the `dotnet` command-line interface (CLI).
 
 Replace `OWNER` with your username or company name, and `YOUR_GITHUB_PAT` with your {% data variables.product.pat_generic %}.
diff --git a/content/site-policy/acceptable-use-policies/github-acceptable-use-policies.md b/content/site-policy/acceptable-use-policies/github-acceptable-use-policies.md
@@ -22,6 +22,8 @@ You are responsible for using the Service in compliance with all applicable laws
 
 We do not allow content or activity on GitHub that:
 
+<!-- markdownlint-disable GHD034 -->
+
 * is unlawful or promotes unlawful activities;
 
 * is [sexually obscene](/site-policy/acceptable-use-policies/github-sexually-obscene-content) or relates to sexual exploitation or abuse, including of minors;
@@ -74,6 +76,8 @@ We do not allow content or activity on GitHub that:
 * directly supports [unlawful active attack or malware campaigns](/site-policy/acceptable-use-policies/github-active-malware-or-exploits) that are causing technical harms — such as using our platform to deliver malicious executables or as attack infrastructure, for example by organizing denial of service attacks or managing command and control servers — with no implicit or explicit dual-use purpose prior to the abuse occurring; or
 * uses our servers to disrupt or to attempt to disrupt, or to gain or to attempt to gain unauthorized access to, any service, device, data, account or network. Please note, activities permitted under bug bounty programs, such as the [GitHub Bug Bounty program](https://bounty.github.com), are not considered “unauthorized,” but must only affect the organization whose bug bounty program authorized the activity.
 
+<!-- markdownlint-enable GHD034 -->
+
 ## 6. Services Usage Limits
 
 You will not reproduce, duplicate, copy, sell, resell or exploit any portion of the Service, use of the Service, or access to the Service without our express written permission.
diff --git a/content/site-policy/github-company-policies/github-anti-bribery-statement.md b/content/site-policy/github-company-policies/github-anti-bribery-statement.md
@@ -34,6 +34,8 @@ GitHub’s **Gifts and Entertainment Policy** explains that bribery is not permi
 
 ## Training for our employees
 
+<!-- markdownlint-disable GHD034 -->
+
 GitHub employees are required to participate in training on corruption, including bribery. We also provide additional training for particularly relevant people and teams, such as our sales team. The training explains relevant elements of the U.S. Foreign Corrupt Practices Act and the U.K. Bribery Act of 2010. For example,
 * definition and structural effects of corruption
 * who is covered, including
@@ -49,6 +51,8 @@ GitHub employees are required to participate in training on corruption, includin
 * due diligence and red flags
 * record-keeping requirements
 
+<!-- markdownlint-enable GHD034 -->
+
 In addition, the training covers GitHub’s internal policies related to anti-corruption and bribery, including our non-retaliation (whistleblower) policy.
 
 While the U.S. FCPA is focused on interactions with government officials, the U.K. Bribery Act is broader and extends to bribing anyone, regardless of whether they are a government official. Both laws can extend to GitHub’s actions elsewhere on the globe. GitHub’s policies prohibit bribing anyone, anywhere in the world.
diff --git a/content/site-policy/github-terms/github-terms-of-service.md b/content/site-policy/github-terms/github-terms-of-service.md
@@ -316,6 +316,8 @@ GitHub does not warrant that the Service will meet your requirements; that the S
 
 You understand and agree that we will not be liable to you or any third party for any loss of profits, use, goodwill, or data, or for any incidental, indirect, special, consequential or exemplary damages, however arising, that result from
 
+<!-- markdownlint-disable GHD034 -->
+
 * the use, disclosure, or display of your User-Generated Content;
 * your use or inability to use the Service;
 * any modification, price change, suspension or discontinuance of the Service;
@@ -325,6 +327,8 @@ You understand and agree that we will not be liable to you or any third party fo
 * any other user interactions that you input or receive through your use of the Service; or
 * any other matter relating to the Service.
 
+<!-- markdownlint-enable GHD034 -->
+
 Our liability is limited whether or not we have been informed of the possibility of such damages, and even if a remedy set forth in this Agreement is found to have failed of its essential purpose. We will have no liability for any failure or delay due to matters beyond our reasonable control.
 
 ## P. Release and Indemnification
diff --git a/content/site-policy/other-site-policies/github-government-takedown-policy.md b/content/site-policy/other-site-policies/github-government-takedown-policy.md
@@ -16,6 +16,8 @@ From time to time, GitHub receives requests from governments to remove content t
 
 ## What is a complete government takedown request?
 
+<!-- markdownlint-disable GHD034 -->
+
 To count as a complete request, a request or notice must
 * come from a relevant, official government agency
 * identify illegal content
@@ -29,6 +31,8 @@ When we receive a notice from a relevant, official government agency that identi
 * limit the geographic scope of the takedown when possible and include that as part of the notification
 * post the official request that led to the takedown in our public [gov-takedowns repository](https://github.com/github/gov-takedowns).
 
+<!-- markdownlint-enable GHD034 -->
+
 ## Why do we publicly post takedown notices?
 
 We are concerned about Internet censorship, and believe that transparency on a specific and ongoing level is essential to good governance. By publicly posting the notices, we can better inform the public about what content is being withheld from GitHub, and why. We post takedown notices to document their potential to chill speech.
diff --git a/content/site-policy/privacy-policies/github-general-privacy-statement.md b/content/site-policy/privacy-policies/github-general-privacy-statement.md
@@ -108,12 +108,16 @@ We may share Personal Data with the following recipients:
 
 If your GitHub account has private repositories, you control the access to that information. GitHub personnel does not access private repository information without your consent except as provided in this Privacy Statement and for:
 
+<!-- markdownlint-disable GHD034 -->
+
 * security purposes
 * automated scanning or manual review for known vulnerabilities, active malware, or other content known to violate our Terms of Service
 * to assist the repository owner with a support matter
 * to maintain the integrity of the Services, or
 * to comply with our legal obligations if we have reason to believe the contents are in violation of the law.
 
+<!-- markdownlint-enable GHD034 -->
+
 GitHub will provide you with notice regarding private repository access unless doing so is prohibited by law or if GitHub acted in response to a security threat or other risk to security.
 
 ## Lawful Bases for Processing Personal Data (Applicable to EEA and UK End Users)
diff --git a/content/site-policy/security-policies/github-sirt-description-rfc-2350.md b/content/site-policy/security-policies/github-sirt-description-rfc-2350.md
@@ -134,7 +134,7 @@ Some examples of GitHub products and services are:
 * GitHub Desktop
 * GitHub CLI
 * GitHub API
-* npm
+* npm <!-- markdownlint-disable-line GHD034 -->
 
 ### 3.3 Sponsorship and/or Affiliation
 
