github · mikesurowiec · Oct 26, 2021 · Sep 24, 2021 · Sep 24, 2021 · Sep 24, 2021
diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md
@@ -14,7 +14,7 @@ Thanks again!
 
 Closes [issue link]
 
-<!-- 
+<!--
 - If there's an existing issue for your change, please link to it.
 - If there's _not_ an existing issue, please open one first to make it more likely that this update will be accepted: https://github.com/github/docs/issues/new/choose. -->
 
@@ -24,8 +24,8 @@ Closes [issue link]
 
 ### Check off the following:
 
-- [ ] I have reviewed my changes in staging (look for the latest deployment event in your pull request's timeline, then click **View deployment**).
-- [ ] For content changes, I have completed the [self-review checklist](https://github.com/github/docs/blob/main/contributing/self-review.md#self-review).
+- [ ] I have reviewed my changes in staging (look for "Automatically generated comment" and click **Modified** to view your latest changes).
+- [ ] For content changes, I have completed the [self-review checklist](https://github.com/github/docs/blob/main/CONTRIBUTING.md#self-review).
 
 ### Writer impact (This section is for GitHub staff members only):
 

diff --git a/.github/actions-scripts/enterprise-server-issue-templates/deprecation-issue.md b/.github/actions-scripts/enterprise-server-issue-templates/deprecation-issue.md
@@ -35,6 +35,7 @@ The day after a GHES version's [deprecation date](https://github.com/github/docs
 
 ## Step 3: Commit and push changes to help-docs-archived-enterprise-versions repo
 
+- [ ] Search for `site-search-input` in the compressed Javascript files. When you find it, use something like https://beautifier.io/ to reformat it to be readable. Find `site-search-input` in the file, there will be something like... `1125: function () { return [SearchReactComponent] },` Delete the innards of this function, but leave the `function() {}` part.
 - [ ] In your archival checkout, `git add <version>`, commit, and push.
 - [ ] Open a PR and merge it in. Note that the version will _not_ be deprecated on the docs site until you do the next step.
 
@@ -47,12 +48,15 @@ In your `docs-internal` checkout:
     - [ ] Tests are passing.
     - [ ] The deprecated version renders on staging as expected. You should be able to navigate to docs.github.com/enterprise/<DEPRECATED VERSION> to access the docs. You should also be able to navigate to a page that is available in the deprecated version and change the version in the URL to the deprecated version, to test redirects.
     - [ ] The new oldest supported version renders on staging as expected. You should see a banner on the top of every page for the oldest supported version that notes when the version will be deprecated.
+
+You may need to include the changes in step 6 to get tests to pass.
 
 ## Step 5: Remove static files for the version
 
 - [ ] In your `docs-internal` checkout, from your `remove-<version>-static-files` branch: `git checkout -b remove-<version>-static-files`
 - [ ] Run `script/enterprise-server-deprecations/remove-static-files.js` and commit results.
 - [ ] Run `script/enterprise-server-deprecations/remove-redirects.js` and commit results.
+- [ ] `lib/rest/static` directory has deferenced and decorated directory underneath, remove the numbered version and all below from the list
 - [ ] Open a new PR.
 - [ ] Get a review from docs-engineering and merge. This step can be merged independently from step 6. The purpose of splitting up steps 5 and 6 is to focus the review on specific files.
 
@@ -66,3 +70,8 @@ In your `docs-internal` checkout:
     - [ ] Debug any test failures or unexpected results. 
 - [ ] When the PR is approved, merge it in to complete the deprecation. This can be merged independently from step 5. 
 
+## Step 7: Deprecate the OpenAPI description in `github/github`
+
+- [ ] In `github/github`, edit the release's config file in `app/api/description/config/releases/`, and change `deprecated: false` to `deprecated: true`.
+- [ ] Open a new PR, and get the required code owner approvals. A docs-content team member can approve it for the docs team.
+- [ ] When the PR is approved, merge the `github/github` PR.
diff --git a/.github/allowed-actions.js b/.github/allowed-actions.js
@@ -4,7 +4,7 @@
 // can be added it this list.
 
 export default [
-  'actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f', // v2.3.4
+  'actions/checkout@1e204e9a9253d643386038d443f96446fa156a97', // v2.3.5
   'actions/github-script@2b34a689ec86a68d8ab9478298f91d5401337b7d', // v4.0.2
   'actions/labeler@5f867a63be70efff62b767459b009290364495eb', // v2.2.0
   'actions/setup-node@270253e841af726300e85d718a5f606959b2903c', // v2.4.1
@@ -33,7 +33,7 @@ export default [
   'rachmari/actions-add-new-issue-to-column@1a459ef92308ba7c9c9dc2fcdd72f232495574a9',
   'repo-sync/github-sync@3832fe8e2be32372e1b3970bbae8e7079edeec88',
   'repo-sync/pull-request@65194d8015be7624d231796ddee1cd52a5023cb3', // v2.6
-  'someimportantcompany/github-actions-slack-message@0b470c14b39da4260ed9e3f9a4f1298a74ccdefd',
+  'someimportantcompany/github-actions-slack-message@f8d28715e7b8a4717047d23f48c39827cacad340', // v1.2.2
   'tjenkinson/gh-action-auto-merge-dependency-updates@c47f6255e06f36e84201ee940466e731ffa6e885', // v1.1.1
   'Bhacaz/checkout-files@c8f01756bfd894ba746d5bf48205e19000b0742b', // v1.0.0
   'EndBug/add-and-commit@2bdc0a61a03738a1d1bda24d566ad0dbe3083d87',

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -3,7 +3,7 @@ updates:
   - package-ecosystem: npm
     directory: '/'
     schedule:
-      interval: weekly
+      interval: monthly
     open-pull-requests-limit: 20 # default is 5
 
   - package-ecosystem: 'github-actions'

diff --git a/.github/workflows/browser-test.yml b/.github/workflows/browser-test.yml
@@ -18,7 +18,7 @@ jobs:
       # Each of these ifs needs to be repeated at each step to make sure the required check still runs
       # Even if if doesn't do anything
       - name: Checkout
-        uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
+        uses: actions/checkout@1e204e9a9253d643386038d443f96446fa156a97
         with:
           lfs: true
       - name: Checkout LFS objects

diff --git a/.github/workflows/build-docker-image.yml b/.github/workflows/build-docker-image.yml
@@ -21,6 +21,6 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Check out repo
-        uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
+        uses: actions/checkout@1e204e9a9253d643386038d443f96446fa156a97
       - name: Build the container
         run: docker build --target production .
diff --git a/.github/workflows/check-all-english-links.yml b/.github/workflows/check-all-english-links.yml
@@ -22,7 +22,7 @@ jobs:
       REPORT_REPOSITORY: github/docs-content
     steps:
       - name: Check out repo's default branch
-        uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
+        uses: actions/checkout@1e204e9a9253d643386038d443f96446fa156a97
       - name: Setup Node
         uses: actions/setup-node@270253e841af726300e85d718a5f606959b2903c
         with:

diff --git a/.github/workflows/check-broken-links-github-github.yml b/.github/workflows/check-broken-links-github-github.yml
@@ -36,7 +36,7 @@ jobs:
           exit 1 # prevents further steps from running
 
       - name: Checkout
-        uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
+        uses: actions/checkout@1e204e9a9253d643386038d443f96446fa156a97
 
       - name: Setup Node
         uses: actions/setup-node@270253e841af726300e85d718a5f606959b2903c

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -20,7 +20,7 @@ jobs:
     if: github.repository == 'github/docs-internal' || github.repository == 'github/docs'
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
+      - uses: actions/checkout@1e204e9a9253d643386038d443f96446fa156a97
       - uses: github/codeql-action/init@v1
         with:
           languages: javascript # comma separated list of values from {go, python, javascript, java, cpp, csharp} (not YET ruby, sorry!)

diff --git a/.github/workflows/confirm-internal-staff-work-in-docs.yml b/.github/workflows/confirm-internal-staff-work-in-docs.yml
@@ -71,7 +71,7 @@ jobs:
 
       - name: Send Slack notification if a GitHub employee who isn't on the docs team opens an issue in public
         if: ${{ steps.membership_check.outputs.did_warn && github.repository == 'github/docs' }}
-        uses: someimportantcompany/github-actions-slack-message@0b470c14b39da4260ed9e3f9a4f1298a74ccdefd
+        uses: someimportantcompany/github-actions-slack-message@f8d28715e7b8a4717047d23f48c39827cacad340
         with:
           channel: ${{ secrets.DOCS_OPEN_SOURCE_SLACK_CHANNEL_ID }}
           bot-token: ${{ secrets.SLACK_DOCS_BOT_TOKEN }}

diff --git a/.github/workflows/content-changes-table-comment.yml b/.github/workflows/content-changes-table-comment.yml
@@ -38,7 +38,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: check out repo content
-        uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
+        uses: actions/checkout@1e204e9a9253d643386038d443f96446fa156a97
 
       - name: Setup Node
         uses: actions/setup-node@270253e841af726300e85d718a5f606959b2903c

diff --git a/.github/workflows/crowdin-cleanup.yml b/.github/workflows/crowdin-cleanup.yml
@@ -18,7 +18,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
+        uses: actions/checkout@1e204e9a9253d643386038d443f96446fa156a97
 
       - name: Setup Node
         uses: actions/setup-node@270253e841af726300e85d718a5f606959b2903c

diff --git a/.github/workflows/crowdin.yml b/.github/workflows/crowdin.yml
@@ -16,7 +16,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
+        uses: actions/checkout@1e204e9a9253d643386038d443f96446fa156a97
         with:
           fetch-depth: 0
           lfs: true

diff --git a/.github/workflows/docs-review-collect.yml b/.github/workflows/docs-review-collect.yml
@@ -20,7 +20,7 @@ jobs:
 
     steps:
       - name: Check out repo content
-        uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
+        uses: actions/checkout@1e204e9a9253d643386038d443f96446fa156a97
 
       - name: Setup Node
         uses: actions/setup-node@270253e841af726300e85d718a5f606959b2903c

diff --git a/.github/workflows/enterprise-dates.yml b/.github/workflows/enterprise-dates.yml
@@ -32,7 +32,7 @@ jobs:
           exit 1 # prevents further steps from running
 
       - name: Checkout repository code
-        uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
+        uses: actions/checkout@1e204e9a9253d643386038d443f96446fa156a97
 
       - name: Setup Node
         uses: actions/setup-node@270253e841af726300e85d718a5f606959b2903c
@@ -83,7 +83,7 @@ jobs:
           number: ${{ steps.create-pull-request.outputs.pull-request-number }}
 
       - name: Send Slack notification if workflow fails
-        uses: someimportantcompany/github-actions-slack-message@0b470c14b39da4260ed9e3f9a4f1298a74ccdefd
+        uses: someimportantcompany/github-actions-slack-message@f8d28715e7b8a4717047d23f48c39827cacad340
         if: failure()
         with:
           channel: ${{ secrets.DOCS_ALERTS_SLACK_CHANNEL_ID }}

diff --git a/.github/workflows/enterprise-release-sync-search-index.yml b/.github/workflows/enterprise-release-sync-search-index.yml
@@ -36,7 +36,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: checkout
-        uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
+        uses: actions/checkout@1e204e9a9253d643386038d443f96446fa156a97
         with:
           ref: ${{ github.head_ref }}
           token: ${{ secrets.DOCUBOT_REPO_PAT }}

diff --git a/.github/workflows/js-lint.yml b/.github/workflows/js-lint.yml
@@ -16,7 +16,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Check out repo
-        uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
+        uses: actions/checkout@1e204e9a9253d643386038d443f96446fa156a97
 
       - name: Setup node
         uses: actions/setup-node@270253e841af726300e85d718a5f606959b2903c

diff --git a/.github/workflows/link-check-dotcom.yml b/.github/workflows/link-check-dotcom.yml
@@ -18,7 +18,7 @@ jobs:
       # Each of these ifs needs to be repeated at each step to make sure the required check still runs
       # Even if if doesn't do anything
       - name: Checkout
-        uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
+        uses: actions/checkout@1e204e9a9253d643386038d443f96446fa156a97
 
       - name: Setup node
         uses: actions/setup-node@270253e841af726300e85d718a5f606959b2903c

diff --git a/.github/workflows/link-check-ghae.yml b/.github/workflows/link-check-ghae.yml
@@ -18,7 +18,7 @@ jobs:
       # Each of these ifs needs to be repeated at each step to make sure the required check still runs
       # Even if if doesn't do anything
       - name: Checkout
-        uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
+        uses: actions/checkout@1e204e9a9253d643386038d443f96446fa156a97
 
       - name: Setup node
         uses: actions/setup-node@270253e841af726300e85d718a5f606959b2903c

diff --git a/.github/workflows/link-check-ghes.yml b/.github/workflows/link-check-ghes.yml
@@ -18,7 +18,7 @@ jobs:
       # Each of these ifs needs to be repeated at each step to make sure the required check still runs
       # Even if if doesn't do anything
       - name: Checkout
-        uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
+        uses: actions/checkout@1e204e9a9253d643386038d443f96446fa156a97
 
       - name: Setup node
         uses: actions/setup-node@270253e841af726300e85d718a5f606959b2903c

diff --git a/.github/workflows/open-enterprise-issue.yml b/.github/workflows/open-enterprise-issue.yml
@@ -16,7 +16,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repository code
-        uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
+        uses: actions/checkout@1e204e9a9253d643386038d443f96446fa156a97
 
       - name: Setup Node
         uses: actions/setup-node@270253e841af726300e85d718a5f606959b2903c

diff --git a/.github/workflows/openapi-decorate.yml b/.github/workflows/openapi-decorate.yml
@@ -26,7 +26,7 @@ jobs:
           add-labels: 'github-openapi-bot'
 
       - name: Checkout repository code
-        uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
+        uses: actions/checkout@1e204e9a9253d643386038d443f96446fa156a97
 
       - name: Setup node
         uses: actions/setup-node@270253e841af726300e85d718a5f606959b2903c

diff --git a/.github/workflows/openapi-schema-check.yml b/.github/workflows/openapi-schema-check.yml
@@ -29,7 +29,7 @@ jobs:
     runs-on: ${{ fromJSON('["ubuntu-latest", "self-hosted"]')[github.repository == 'github/docs-internal'] }}
     steps:
       - name: Checkout repository code
-        uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
+        uses: actions/checkout@1e204e9a9253d643386038d443f96446fa156a97
 
       - name: Setup node
         uses: actions/setup-node@270253e841af726300e85d718a5f606959b2903c

diff --git a/.github/workflows/os-ready-for-review.yml b/.github/workflows/os-ready-for-review.yml
@@ -44,7 +44,7 @@ jobs:
           exit 1
 
       - name: Check out repo content
-        uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
+        uses: actions/checkout@1e204e9a9253d643386038d443f96446fa156a97
 
       - name: Setup Node
         uses: actions/setup-node@270253e841af726300e85d718a5f606959b2903c

diff --git a/.github/workflows/pa11y.yml b/.github/workflows/pa11y.yml
@@ -14,7 +14,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Check out repo
-        uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
+        uses: actions/checkout@1e204e9a9253d643386038d443f96446fa156a97
 
       - name: Setup Node
         uses: actions/setup-node@270253e841af726300e85d718a5f606959b2903c

diff --git a/.github/workflows/package-lock-lint.yml b/.github/workflows/package-lock-lint.yml
@@ -0,0 +1,46 @@
+name: Package lock lint
+
+# **What it does**: Makes sure package.json and package-lock.json is in sync
+# **Why we have it**: Accidental manual edits of the dependencies directly in package.json
+# **Who does it impact**: Docs engineering/writers/contributors.
+
+on:
+  pull_request:
+    paths:
+      - package.json
+      - package-lock.json
+      - .github/workflows/package-lock-lint.yml
+
+permissions:
+  contents: read
+
+jobs:
+  lint:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check out repo
+        uses: actions/checkout@1e204e9a9253d643386038d443f96446fa156a97
+
+      - name: Setup Node
+        uses: actions/setup-node@270253e841af726300e85d718a5f606959b2903c
+        with:
+          node-version: 16.x
+
+      - name: Run check
+        run: |
+          npm --version
+
+          # From https://docs.npmjs.com/cli/v7/commands/npm-install
+          #
+          #   The --package-lock-only argument will only update the
+          #   package-lock.json, instead of checking node_modules and
+          #   downloading dependencies.
+          #
+          npm install --package-lock-only --ignore-scripts
+
+          # If the package.json (dependencies and devDependencies) is
+          # in correct sync with package-lock.json running the above command
+          # should *not* make an edit to the package-lock.json. I.e.
+          # running `git status` should
+          # say "nothing to commit, working tree clean".
+          git diff --exit-code
diff --git a/.github/workflows/ping-staging-apps.yml b/.github/workflows/ping-staging-apps.yml
@@ -16,7 +16,7 @@ jobs:
     env:
       HEROKU_API_TOKEN: ${{ secrets.HEROKU_API_TOKEN }}
     steps:
-      - uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
+      - uses: actions/checkout@1e204e9a9253d643386038d443f96446fa156a97
       - name: Setup node
         uses: actions/setup-node@270253e841af726300e85d718a5f606959b2903c
         with:

diff --git a/.github/workflows/prod-build-deploy.yml b/.github/workflows/prod-build-deploy.yml
@@ -25,7 +25,7 @@ jobs:
     timeout-minutes: 15
     steps:
       - name: Check out repo
-        uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
+        uses: actions/checkout@1e204e9a9253d643386038d443f96446fa156a97
         with:
           persist-credentials: 'false'
           lfs: 'true'
@@ -249,7 +249,7 @@ jobs:
             }
 
       - name: Send Slack notification if workflow failed
-        uses: someimportantcompany/github-actions-slack-message@0b470c14b39da4260ed9e3f9a4f1298a74ccdefd
+        uses: someimportantcompany/github-actions-slack-message@f8d28715e7b8a4717047d23f48c39827cacad340
         if: ${{ failure() }}
         with:
           channel: ${{ secrets.DOCS_ALERTS_SLACK_CHANNEL_ID }}

diff --git a/.github/workflows/ready-for-doc-review.yml b/.github/workflows/ready-for-doc-review.yml
@@ -15,7 +15,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Check out repo content
-        uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
+        uses: actions/checkout@1e204e9a9253d643386038d443f96446fa156a97
 
       - name: Setup Node
         uses: actions/setup-node@270253e841af726300e85d718a5f606959b2903c

diff --git a/.github/workflows/remove-stale-staging-resources.yml b/.github/workflows/remove-stale-staging-resources.yml
@@ -24,7 +24,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Check out repo's default branch
-        uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
+        uses: actions/checkout@1e204e9a9253d643386038d443f96446fa156a97
 
       - name: Setup Node
         uses: actions/setup-node@270253e841af726300e85d718a5f606959b2903c
@@ -46,7 +46,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Check out repo's default branch
-        uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
+        uses: actions/checkout@1e204e9a9253d643386038d443f96446fa156a97
 
       - name: Setup Node
         uses: actions/setup-node@270253e841af726300e85d718a5f606959b2903c

diff --git a/.github/workflows/remove-unused-assets.yml b/.github/workflows/remove-unused-assets.yml
@@ -22,7 +22,7 @@ jobs:
           echo 'The repo is currently frozen! Exiting this workflow.'
           exit 1 # prevents further steps from running
       - name: Checkout
-        uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
+        uses: actions/checkout@1e204e9a9253d643386038d443f96446fa156a97
       - name: Setup Node
         uses: actions/setup-node@270253e841af726300e85d718a5f606959b2903c
         with:

diff --git a/.github/workflows/repo-sync-stalls.yml b/.github/workflows/repo-sync-stalls.yml
@@ -50,7 +50,7 @@ jobs:
               }
             })
       - name: Send Slack notification if workflow fails
-        uses: someimportantcompany/github-actions-slack-message@0b470c14b39da4260ed9e3f9a4f1298a74ccdefd
+        uses: someimportantcompany/github-actions-slack-message@f8d28715e7b8a4717047d23f48c39827cacad340
         if: ${{ failure() }}
         with:
           channel: ${{ secrets.DOCS_ALERTS_SLACK_CHANNEL_ID }}