github · docs-bot · Nov 12, 2024 · Nov 7, 2024 · Nov 7, 2024 · Nov 7, 2024
diff --git a/...osted-runners-with-actions-runner-controller/about-actions-runner-controller.md b/...osted-runners-with-actions-runner-controller/about-actions-runner-controller.md
@@ -45,8 +45,8 @@ ARC consists of a set of resources, some of which are created specifically for A
 
 Each resource that is deployed by ARC is given a name composed of:
 
-* an installation name, which is the installation name you specify when you install the Helm chart.
-* a resource identification suffix, which is a string that identifies the resource type. This value is not configurable.
+* An installation name, which is the installation name you specify when you install the Helm chart.
+* A resource identification suffix, which is a string that identifies the resource type. This value is not configurable.
 
 > [!NOTE]
 > Different versions of Kubernetes have different length limits for names of resources. The length limit for the resource name is calculated by adding the length of the installation name and the length of the resource identification suffix. If the resource name is longer than the reserved length, you will receive an error.

diff --git a/...nce/administering-your-instance-from-the-command-line/command-line-utilities.md b/...nce/administering-your-instance-from-the-command-line/command-line-utilities.md
@@ -137,9 +137,7 @@ $ ghe-config app.github.rate-limiting-exempt-users "hubot github-actions[bot]"
 
 ### ghe-config-apply
 
-This utility applies {% data variables.enterprise.management_console %} settings, reloads system services, prepares a storage device, reloads application services, and runs any pending database migrations. It is equivalent to clicking **Save settings** in the {% data variables.enterprise.management_console %}'s web UI or to sending a POST request to [the `/setup/api/configure` endpoint](/rest/enterprise-admin/management-console).
-
-You will probably never need to run this manually, but it's available if you want to automate the process of saving your settings via SSH.
+This utility applies {% data variables.enterprise.management_console %} settings, reloads system services, prepares a storage device, reloads application services, and runs any pending database migrations. It is equivalent to clicking **Save settings** in the {% data variables.enterprise.management_console %}'s web UI or to sending a POST request to {% ifversion management-console-manage-ghes-parity %}[the `/manage/v1/config/apply` endpoint](/rest/enterprise-admin/manage-ghes#trigger-a-ghe-config-apply-run){% else %}[the `/setup/api/configure` endpoint](/rest/enterprise-admin/management-console){% endif %}.
 
 ```shell
 ghe-config-apply

diff --git a/content/admin/all-releases.md b/content/admin/all-releases.md
@@ -52,6 +52,7 @@ If you run analysis in an external CI system, we recommend using the same versio
 
 | {% data variables.product.product_name %} version | Recommended {% data variables.product.prodname_codeql_cli %} version |
 | ------------------------------------------------- | ---------------------- |
+| 3.15 | 2.18.4 ([changelog](https://codeql.github.com/docs/codeql-overview/codeql-changelog/codeql-cli-2.18.4/)) |
 | 3.14 | 2.17.6 ([changelog](https://codeql.github.com/docs/codeql-overview/codeql-changelog/codeql-cli-2.17.6/)) |
 | 3.13 | 2.16.5 ([changelog](https://codeql.github.com/docs/codeql-overview/codeql-changelog/codeql-cli-2.16.5/)) |
 | 3.12 | 2.15.5 ([changelog](https://codeql.github.com/docs/codeql-overview/codeql-changelog/codeql-cli-2.15.5/)) |
@@ -68,6 +69,7 @@ For instances with {% data variables.product.prodname_actions %} enabled, self-h
 
 | {% data variables.product.product_name %} version | Minimum Runner version |
 | ------------------------------------------------- | ---------------------- |
+| 3.15 | 2.319.1 ([release notes](https://github.com/actions/runner/releases/tag/v2.319.1)) |
 | 3.14 | 2.317.0 ([release notes](https://github.com/actions/runner/releases/tag/v2.317.0)) |
 | 3.13 | 2.314.1 ([release notes](https://github.com/actions/runner/releases/tag/v2.314.1)) |
 | 3.12 | 2.311.0 ([release notes](https://github.com/actions/runner/releases/tag/v2.311.0)) |

diff --git a/...ur-enterprise/managing-github-advanced-security-features-for-your-enterprise.md b/...ur-enterprise/managing-github-advanced-security-features-for-your-enterprise.md
@@ -18,10 +18,19 @@
 
 ## About management of {% data variables.product.prodname_advanced_security %} features
 
-You can use {% data variables.product.prodname_advanced_security %} features to harden security for the organizations in your enterprise. {% ifversion security-configurations %}{% data reusables.security-configurations.enable-security-features-with-gh-config %}
+You can use {% data variables.product.prodname_advanced_security %} features to harden security for the organizations in your enterprise.
+
+{% ifversion security-configurations %}{% data reusables.security-configurations.enable-security-features-with-gh-config %}
 
 To manage individual {% data variables.product.prodname_GH_advanced_security %} features, {% else %}To streamline management of {% data variables.product.prodname_advanced_security %}, {% endif %}you can enable or disable each feature for all existing and/or new repositories within the organizations owned by your enterprise.
 
+{% ifversion security-configurations-ghes-only %}
+
+> [!WARNING]
+> You should communicate any changes you plan to make to existing feature enablement settings to organization owners before making them, so as not to impact existing security configurations that have been rolled out by organizations in your enterprise.
+
+{% endif %}
+
 {% ifversion secret-scanning-enterprise-level-api %}{% data reusables.secret-scanning.secret-scanning-enterprise-level-api %}{% endif %}
 
 {% ifversion ghes %}For information about buying a license for {% data variables.product.prodname_GH_advanced_security %}, see "[AUTOTITLE](/billing/managing-billing-for-your-products/managing-billing-for-github-advanced-security/about-billing-for-github-advanced-security)."{% elsif ghec %}For information about buying a license for {% data variables.product.prodname_GH_advanced_security %}, see "[AUTOTITLE](/billing/managing-billing-for-your-products/managing-billing-for-github-advanced-security/signing-up-for-github-advanced-security)."{% endif %}
@@ -50,4 +59,4 @@
   > [!NOTE]
   > When a custom link is configured for an organization, the organization-level value overrides the custom link set for the enterprise. See "[AUTOTITLE](/code-security/secret-scanning/protecting-pushes-with-secret-scanning)."

   ![Screenshot of the "Push protection" section of the settings for security and analysis features. The checkbox and the text field used for enabling a custom link are outlined in dark orange.](/assets/images/help/organizations/secret-scanning-custom-link.png){% endif %}
diff --git a/...nstance/troubleshooting-upgrades/known-issues-with-upgrades-to-your-instance.md b/...nstance/troubleshooting-upgrades/known-issues-with-upgrades-to-your-instance.md
@@ -207,6 +207,14 @@ If your appliance averages more than 70% CPU utilization, {% data variables.prod
 As part of upgrading GitHub Enterprise Server to version 3.13 or later, the Elasticsearch service will be upgraded. {% data variables.product.company_short %} strongly recommends following the guidance in "[AUTOTITLE](/admin/upgrading-your-instance/performing-an-upgrade/preparing-for-the-elasticsearch-upgrade)."
 {% endif %}
 
+{% ifversion ghes > 3.14 and ghes < 3.17 %}
+
+## Required root disk size increased to 400GB
+
+New installations of 3.15 or later, or upgrades to 3.15 or later require root disk size of at least 400GB. This capacity is an enforced requirement for the system to boot successfully. {% data variables.product.company_short %} strongly recommends following the guidance in "[AUTOTITLE](/admin/monitoring-and-managing-your-instance/updating-the-virtual-machine-and-physical-resources/increasing-storage-capacity)."
+
+{% endif %}
+
 {% ifversion ghes > 3.12 and ghes < 3.15 %}
 
 ## Undecryptable records

diff --git a/...e-security/adopting-github-advanced-security-at-scale/phase-3-pilot-programs.md b/...e-security/adopting-github-advanced-security-at-scale/phase-3-pilot-programs.md
@@ -80,7 +80,15 @@ To enable secret scanning for your {% data variables.product.prodname_ghe_server
 
 {% ifversion security-configurations %}
 
-You need to enable {% data variables.product.prodname_secret_scanning %} and push protection for each pilot project. You can do this with the {% data variables.product.prodname_github_security_configuration %}, or you can create a {% data variables.product.prodname_custom_security_configuration %}. For more information, see "[AUTOTITLE](/code-security/securing-your-organization/enabling-security-features-in-your-organization/applying-the-github-recommended-security-configuration-in-your-organization)" and "[AUTOTITLE](/code-security/securing-your-organization/meeting-your-specific-security-needs-with-custom-security-configurations/creating-a-custom-security-configuration)."
+{% ifversion security-configurations-cloud %}
+
+You need to enable {% data variables.product.prodname_secret_scanning %} and push protection for each pilot project. You can do this with the {% data variables.product.prodname_github_security_configuration %}, or you can create a {% data variables.product.prodname_custom_security_configuration %}. For more information, see "[AUTOTITLE](/code-security/securing-your-organization/enabling-security-features-in-your-organization/applying-the-github-recommended-security-configuration-in-your-organization)" and "[AUTOTITLE](/code-security/securing-your-organization/enabling-security-features-in-your-organization/creating-a-custom-security-configuration)."
+
+{% elsif security-configurations-ghes-only %}
+
+You need to enable {% data variables.product.prodname_secret_scanning %} and push protection for each pilot project. You can do this with a {% data variables.product.prodname_security_configuration %}. For more information, see "[AUTOTITLE](/code-security/securing-your-organization/enabling-security-features-in-your-organization/creating-a-custom-security-configuration)."
+
+{% endif %}
 
 {% else %}
 

diff --git a/.../enabling-code-scanning/configuring-default-setup-for-code-scanning-at-scale.md b/.../enabling-code-scanning/configuring-default-setup-for-code-scanning-at-scale.md
@@ -74,7 +74,7 @@ If the code in a repository changes to include {% ifversion code-scanning-defaul
 
 ## Configuring default setup for all eligible repositories in an organization
 
-{% ifversion security-configurations %} You can enable default setup for all eligible repositories in your organization. For more information, see "[AUTOTITLE](/code-security/securing-your-organization/enabling-security-features-in-your-organization/applying-the-github-recommended-security-configuration-in-your-organization)."
+{% ifversion security-configurations %} You can enable default setup for all eligible repositories in your organization. For more information, see "[AUTOTITLE](/code-security/securing-your-organization/introduction-to-securing-your-organization-at-scale/about-enabling-security-features-at-scale)."
 {% else %}
 Through the "Code security and analysis" page of your organization's settings, you can enable default setup for all eligible repositories in your organization. For more information on repository eligibility, see "[Eligible repositories for {% data variables.product.prodname_codeql %} default setup at scale](#eligible-repositories-default-setup)."
 
@@ -109,7 +109,7 @@ Through your organization's security settings page, you can extend coverage in d
 
 {% ifversion security-configurations %}
 
-You can filter for specific repositories you would like to configure default setup for. For more information, see "[AUTOTITLE](/code-security/securing-your-organization/meeting-your-specific-security-needs-with-custom-security-configurations/applying-a-custom-security-configuration)."
+You can filter for specific repositories you would like to configure default setup for. For more information, see "[AUTOTITLE](/code-security/securing-your-organization/enabling-security-features-in-your-organization/applying-a-custom-security-configuration)."
 
 {% endif %}
 

diff --git a/...ent/code-security/dependabot/dependabot-alerts/configuring-dependabot-alerts.md b/...ent/code-security/dependabot/dependabot-alerts/configuring-dependabot-alerts.md
@@ -84,7 +84,7 @@ An enterprise owner must first set up {% data variables.product.prodname_dependa
 
 ## Managing {% data variables.product.prodname_dependabot_alerts %} for your organization
 
-{% ifversion security-configurations %} You can enable {% data variables.product.prodname_dependabot_alerts %} for all eligible repositories in your organization. For more information, see "[AUTOTITLE](/code-security/securing-your-organization/enabling-security-features-in-your-organization/applying-the-github-recommended-security-configuration-in-your-organization)."
+{% ifversion security-configurations %} You can enable {% data variables.product.prodname_dependabot_alerts %} for all eligible repositories in your organization. For more information, see "[AUTOTITLE](/code-security/securing-your-organization/introduction-to-securing-your-organization-at-scale/about-enabling-security-features-at-scale)."
 
 {% else %}
 

diff --git a/...abling-secret-scanning-features/enabling-push-protection-for-your-repository.md b/...abling-secret-scanning-features/enabling-push-protection-for-your-repository.md
@@ -24,7 +24,15 @@ You can additionally enable push protection for your own personal account, which
 
 {% endif %}
 
-If you're an organization owner, you can enable push protection for multiple repositories at a time{% ifversion security-configurations %} using the {% data variables.product.prodname_github_security_configuration %}{% endif %}. For more information, see {% ifversion security-configurations %}"[AUTOTITLE](/code-security/securing-your-organization/enabling-security-features-in-your-organization/applying-the-github-recommended-security-configuration-in-your-organization){% else %}"[AUTOTITLE](/code-security/getting-started/quickstart-for-securing-your-organization#enabling-security-features-in-your-organization){% endif %}."
+{% ifversion security-configurations %}
+
+If you're an organization owner, you can enable push protection for multiple repositories at a time using {% data variables.product.prodname_security_configurations %}. For more information, see "[AUTOTITLE](/code-security/securing-your-organization/introduction-to-securing-your-organization-at-scale/about-enabling-security-features-at-scale)."
+
+{% else %}
+
+If you're an organization owner, you can enable push protection for multiple repositories at a time. For more information, see "[AUTOTITLE](/code-security/getting-started/quickstart-for-securing-your-organization#enabling-security-features-in-your-organization)."
+
+{% endif %}
 
 Organization owners, security managers, and repository administrators can also enable push protection for {% data variables.product.prodname_secret_scanning %} via the API. For more information, see "[AUTOTITLE](/rest/repos#update-a-repository)" and expand the "Properties of the `security_and_analysis` object" section.
 

diff --git a/...abling-secret-scanning-features/enabling-secret-scanning-for-your-repository.md b/...abling-secret-scanning-features/enabling-secret-scanning-for-your-repository.md
@@ -26,7 +26,15 @@ topics:
 
 {% endif %}
 
-If you're an organization owner, you can enable {% data variables.product.prodname_secret_scanning %} for multiple repositories at the same time{% ifversion security-configurations %} using the {% data variables.product.prodname_github_security_configuration %}{% endif %}. For more information, see {% ifversion security-configurations %}"[AUTOTITLE](/code-security/securing-your-organization/enabling-security-features-in-your-organization/applying-the-github-recommended-security-configuration-in-your-organization){% else %}"[AUTOTITLE](/code-security/getting-started/quickstart-for-securing-your-organization#enabling-security-features-in-your-organization)"{% endif %}."
+{% ifversion security-configurations %}
+
+If you're an organization owner, you can enable {% data variables.product.prodname_secret_scanning %} for multiple repositories at a time using {% data variables.product.prodname_security_configurations %}. For more information, see "[AUTOTITLE](/code-security/securing-your-organization/introduction-to-securing-your-organization-at-scale/about-enabling-security-features-at-scale)."
+
+{% else %}
+
+If you're an organization owner, you can enable {% data variables.product.prodname_secret_scanning %} for multiple repositories at a time. For more information, see "[AUTOTITLE](/code-security/getting-started/quickstart-for-securing-your-organization#enabling-security-features-in-your-organization)."
+
+{% endif %}
 
 {% ifversion secret-scanning-enterprise-level %}
 

diff --git a/...abling-secret-scanning-features/enabling-validity-checks-for-your-repository.md b/...abling-secret-scanning-features/enabling-validity-checks-for-your-repository.md
@@ -42,7 +42,7 @@ For more information on using validity checks, see "[AUTOTITLE](/code-security/s
 
 You can also use the REST API to enable validity checks for partner patterns for your repository. For more information, see "[AUTOTITLE](/rest/repos/repos#update-a-repository)."
 
-Alternatively, organization owners and enterprise administrators can enable the feature for all repositories in the organization or enterprise settings. For more information on enabling at the organization-level, see "[AUTOTITLE](/code-security/securing-your-organization/meeting-your-specific-security-needs-with-custom-security-configurations/creating-a-custom-security-configuration)." For more information on enabling at the enterprise-level, see "[AUTOTITLE](/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise)" and "[AUTOTITLE](/rest/enterprise-admin/code-security-and-analysis#update-code-security-and-analysis-features-for-an-enterprise)."
+Alternatively, organization owners and enterprise administrators can enable the feature for all repositories in the organization or enterprise settings. For more information on enabling at the organization-level, see "[AUTOTITLE](/code-security/securing-your-organization/enabling-security-features-in-your-organization/creating-a-custom-security-configuration)." For more information on enabling at the enterprise-level, see "[AUTOTITLE](/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise)" and "[AUTOTITLE](/rest/enterprise-admin/code-security-and-analysis#update-code-security-and-analysis-features-for-an-enterprise)."
 
 ## Further reading
 

diff --git a/...ection-features/custom-patterns/defining-custom-patterns-for-secret-scanning.md b/...ection-features/custom-patterns/defining-custom-patterns-for-secret-scanning.md
@@ -107,7 +107,7 @@ aAAAe9
 
 ## Defining a custom pattern for an organization
 
-Before defining a custom pattern, you must ensure that you enable {% data variables.product.prodname_secret_scanning %} for the repositories that you want to scan in your organization. {% ifversion security-configurations %} You can use {% data variables.product.prodname_security_configurations %} to enable {% data variables.product.prodname_secret_scanning %} on all repositories in your organization using the {% data variables.product.prodname_github_security_configuration %}, or you can create a {% data variables.product.prodname_custom_security_configuration %}. For more information, see "[AUTOTITLE](/code-security/securing-your-organization/enabling-security-features-in-your-organization/applying-the-github-recommended-security-configuration-in-your-organization)" and "[AUTOTITLE](/code-security/securing-your-organization/meeting-your-specific-security-needs-with-custom-security-configurations/creating-a-custom-security-configuration)."{% else %}
+Before defining a custom pattern, you must ensure that you enable {% data variables.product.prodname_secret_scanning %} for the repositories that you want to scan in your organization. {% ifversion security-configurations %} You can use {% data variables.product.prodname_security_configurations %} to enable {% data variables.product.prodname_secret_scanning %} on all repositories in your organization. For more information, see "[AUTOTITLE](/code-security/securing-your-organization/introduction-to-securing-your-organization-at-scale/about-enabling-security-features-at-scale)."{% else %}
 To enable {% data variables.product.prodname_secret_scanning %} on all repositories in your organization, see "[AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization)."
 {% endif %}