diff --git a/Dockerfile b/Dockerfile
index 98bfbad847ee..f1a2d9d1977b 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -10,7 +10,7 @@
# ---------------------------------------------------------------
# To update the sha:
# https://github.com/github/gh-base-image/pkgs/container/gh-base-image%2Fgh-base-noble
-FROM ghcr.io/github/gh-base-image/gh-base-noble:20260616-174421-gbe30bd25c@sha256:ff51e3a814bf958736588a809c5adc5cc15fe6c74bdb701296a08f86691bc67b AS base
+FROM ghcr.io/github/gh-base-image/gh-base-noble:20260622-194245-g8d7fb0aeb@sha256:ec6e933b7e49fcafd02cab5d31a179a96fa9badd127b39eb153bbe2affee9e48 AS base
# Install curl for Node install and determining the early access branch
# Install git for cloning docs-early-access & translations repos
diff --git a/assets/images/help/copilot/code-review/request-review@2x.png b/assets/images/help/copilot/code-review/request-review@2x.png
index 91991bd9851e..101353be5b4b 100644
Binary files a/assets/images/help/copilot/code-review/request-review@2x.png and b/assets/images/help/copilot/code-review/request-review@2x.png differ
diff --git a/assets/images/help/copilot/code-review/review-comment@2x.png b/assets/images/help/copilot/code-review/review-comment@2x.png
index 04037159cab4..a596fbbba4fd 100644
Binary files a/assets/images/help/copilot/code-review/review-comment@2x.png and b/assets/images/help/copilot/code-review/review-comment@2x.png differ
diff --git a/content/account-and-profile/concepts/account-management.md b/content/account-and-profile/concepts/account-management.md
index a5e899f0ea2b..acb6cc37833d 100644
--- a/content/account-and-profile/concepts/account-management.md
+++ b/content/account-and-profile/concepts/account-management.md
@@ -48,7 +48,7 @@ For more information, see the following articles.
* [AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-membership-in-organizations/removing-yourself-from-an-organization)
* [AUTOTITLE](/account-and-profile/reference/personal-account-reference#account-deletion)
-To delete your personal account, see [AUTOTITLE](/account-and-profile/how-tos/setting-up-and-managing-your-personal-account-on-github/managing-your-personal-account/deleting-your-personal-account).
+To delete your personal account, see [AUTOTITLE](/account-and-profile/how-tos/account-management/deleting-your-personal-account).
## About unlinking your email address
diff --git a/content/account-and-profile/concepts/email-addresses.md b/content/account-and-profile/concepts/email-addresses.md
index cb06a1b50b14..3764ea47d9b0 100644
--- a/content/account-and-profile/concepts/email-addresses.md
+++ b/content/account-and-profile/concepts/email-addresses.md
@@ -55,7 +55,7 @@ You can also choose to block commits you push from the command line that expose
To ensure that commits are attributed to you and appear in your contributions graph, use an email address that is connected to your account on {% data variables.product.github %}{% ifversion fpt or ghec %}, or the `noreply` email address provided to you in your email settings{% endif %}.
-For more information, see [AUTOTITLE](/account-and-profile/how-tos/setting-up-and-managing-your-personal-account-on-github/managing-email-preferences/setting-your-commit-email-address).
+For more information, see [AUTOTITLE](/account-and-profile/how-tos/email-preferences/setting-your-commit-email-address).
## Next steps
diff --git a/content/account-and-profile/concepts/username-changes.md b/content/account-and-profile/concepts/username-changes.md
index 8823ae76668e..35da6901b551 100644
--- a/content/account-and-profile/concepts/username-changes.md
+++ b/content/account-and-profile/concepts/username-changes.md
@@ -63,4 +63,4 @@ After changing your username, CODEOWNERS files that include your old username wi
## Next steps
-To change your username, see [AUTOTITLE](/account-and-profile/how-tos/setting-up-and-managing-your-personal-account-on-github/managing-your-personal-account/changing-your-username).
+To change your username, see [AUTOTITLE](/account-and-profile/how-tos/account-management/changing-your-username).
diff --git a/content/account-and-profile/how-tos/email-preferences/adding-an-email-address-to-your-github-account.md b/content/account-and-profile/how-tos/email-preferences/adding-an-email-address-to-your-github-account.md
index a28562ef6688..ab81a0bdd0c9 100644
--- a/content/account-and-profile/how-tos/email-preferences/adding-an-email-address-to-your-github-account.md
+++ b/content/account-and-profile/how-tos/email-preferences/adding-an-email-address-to-your-github-account.md
@@ -34,6 +34,6 @@ category:
## Next steps
-If you are having trouble adding an email address, see [AUTOTITLE](/account-and-profile/how-tos/setting-up-and-managing-your-personal-account-on-github/managing-email-preferences/troubleshooting-adding-an-email).
+If you are having trouble adding an email address, see [AUTOTITLE](/account-and-profile/how-tos/email-preferences/troubleshooting-adding-an-email).
For reference information, see [AUTOTITLE](/account-and-profile/reference/email-addresses-reference).
diff --git a/content/account-and-profile/tutorials/personalize-your-profile.md b/content/account-and-profile/tutorials/personalize-your-profile.md
index f7e4a9e7b2e0..109573878563 100644
--- a/content/account-and-profile/tutorials/personalize-your-profile.md
+++ b/content/account-and-profile/tutorials/personalize-your-profile.md
@@ -128,4 +128,4 @@ You can set a status to display information about your current availability.
* For reference information, see [AUTOTITLE](/account-and-profile/reference/profile-reference).
-* For more detailed profile customizations, see [AUTOTITLE](/account-and-profile/how-tos/setting-up-and-managing-your-github-profile).
+* For more detailed profile customizations, see [AUTOTITLE](/account-and-profile/how-tos).
diff --git a/content/code-security/concepts/supply-chain-security/automatic-dependabot-access-to-github-registries.md b/content/code-security/concepts/supply-chain-security/automatic-dependabot-access-to-github-registries.md
new file mode 100644
index 000000000000..92e33d314092
--- /dev/null
+++ b/content/code-security/concepts/supply-chain-security/automatic-dependabot-access-to-github-registries.md
@@ -0,0 +1,45 @@
+---
+title: Automatic Dependabot access to {% data variables.product.github %}-hosted registries
+intro: 'Keep your private dependencies up to date reliably by granting {% data variables.product.prodname_dependabot %} automatic access to {% data variables.product.prodname_registry %} and {% data variables.product.prodname_container_registry %}, so you never need to create or rotate credentials for these registries.'
+versions:
+ feature: org-automatic-registry-access
+shortTitle: Automatic registry access
+allowTitleToDifferFromFilename: true
+contentType: concepts
+category:
+ - Secure your dependencies
+---
+
+## About automatic access to {% data variables.product.github %}-hosted registries
+
+{% data variables.product.prodname_dependabot %} can authenticate to private {% data variables.product.prodname_registry %} and {% data variables.product.prodname_container_registry %} packages using the same access grants that {% data variables.product.prodname_actions %} workflows use. If a package has granted your repository **Read** access in the package settings on {% data variables.product.github %}, {% data variables.product.prodname_dependabot %} can access that package automatically.
+
+This eliminates the need to:
+
+* Create and manage {% data variables.product.pat_generic_plural %} for registry access
+* Manually configure access to {% data variables.product.github %}-hosted registries in your `dependabot.yml` file
+* Rotate credentials when tokens expire
+
+## How automatic access works
+
+{% data variables.product.prodname_dependabot %} uses its `GITHUB_TOKEN` to request `packages: read` permission when pulling from `*.pkg.github.com` and {% data variables.product.prodname_container_registry_namespace %}. Any package that has granted your repository access through "Manage Actions access" accepts this token, the same way it would for a regular {% data variables.product.prodname_actions %} workflow. See [AUTOTITLE](/packages/learn-github-packages/configuring-a-packages-access-control-and-visibility#ensuring-workflow-access-to-your-package).git s
+
+This works for every {% data variables.product.prodname_registry %} ecosystem that {% data variables.product.prodname_dependabot %} supports.
+
+## When to use automatic access
+
+Use automatic access to {% data variables.product.github %}-hosted registries when:
+
+* Your repositories depend on private packages stored in {% data variables.product.prodname_registry %} or {% data variables.product.prodname_container_registry %}.
+* You want to reduce credential management overhead.
+* You want to avoid silent update failures caused by expired {% data variables.product.pat_generic_plural %}.
+
+For third-party registries (such as Artifactory, Azure Artifacts, or Nexus), you can only use the `dependabot.yml` registry configuration or organization-level private registry settings. See [AUTOTITLE](/code-security/how-tos/secure-your-supply-chain/manage-your-dependency-security/configuring-access-to-private-registries-for-dependabot).
+
+## How to enable automatic access
+
+For each package that {% data variables.product.prodname_dependabot %} needs to read, you need to go to the package's settings page and add the repository that runs {% data variables.product.prodname_dependabot %} with **Read** access. See [AUTOTITLE](/code-security/how-tos/secure-your-supply-chain/manage-your-dependency-security/configuring-access-to-private-registries-for-dependabot#configuring-private-github-hosted-registries).
+
+Once the repository has been granted access, {% data variables.product.prodname_dependabot %} can pull from that package automatically. You do not need to configure the `dependabot.yml` file, and you can remove any existing {% data variables.product.pat_generic %}-based registry entries you previously added for these packages.
+
+For more information about configuring package access, see [AUTOTITLE](/packages/learn-github-packages/configuring-a-packages-access-control-and-visibility#ensuring-workflow-access-to-your-package).
diff --git a/content/code-security/concepts/supply-chain-security/index.md b/content/code-security/concepts/supply-chain-security/index.md
index 2454753502f9..35dcfb9b210d 100644
--- a/content/code-security/concepts/supply-chain-security/index.md
+++ b/content/code-security/concepts/supply-chain-security/index.md
@@ -22,10 +22,10 @@ children:
- dependabot-pull-requests
- multi-ecosystem-updates
- about-the-dependabot-yml-file
+ - automatic-dependabot-access-to-github-registries
- dependabot-auto-triage-rules
- dependabot-on-actions
- dependabot-job-logs
- immutable-releases
- linked-artifacts
---
-
diff --git a/content/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries.md b/content/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries.md
index 57091e9d5ffb..a67f3f5dde82 100644
--- a/content/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries.md
+++ b/content/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries.md
@@ -81,6 +81,19 @@ Any private registries used by the build must also be accessible to the workflow
When you configure access to one or more private registries, {% data variables.product.prodname_dependabot %} can propose pull requests to upgrade a vulnerable dependency or to maintain a dependency, see [AUTOTITLE](/code-security/dependabot/working-with-dependabot/configuring-access-to-private-registries-for-dependabot) and [AUTOTITLE](/code-security/dependabot/working-with-dependabot/guidance-for-the-configuration-of-private-registries-for-dependabot).
+{% ifversion org-automatic-registry-access %}
+
+### Automatic access to {% data variables.product.github %}-hosted registries
+
+For packages stored in {% data variables.product.prodname_registry %} and {% data variables.product.prodname_container_registry %}, {% data variables.product.prodname_dependabot %} can authenticate automatically without {% data variables.product.pat_generic_plural %} or `dependabot.yml` registry configuration.
+
+{% data variables.product.prodname_dependabot %} uses its `GITHUB_TOKEN` to request read access, reusing the same package access grants that {% data variables.product.prodname_actions %} workflows use.
+
+To enable this, grant the repository **Read** access to each package in the package settings. Once access is granted, {% data variables.product.prodname_dependabot %} can pull from those packages automatically, and you can remove any {% data variables.product.pat_generic %}-based registry entries you previously configured for them.
+
+See [AUTOTITLE](/code-security/how-tos/secure-your-supply-chain/manage-your-dependency-security/configuring-access-to-private-registries-for-dependabot#configuring-private-github-hosted-registries).
+{% endif %}
+
{% ifversion org-private-registry-oidc %}
### Configuring OIDC authentication for a private registry
diff --git a/content/code-security/how-tos/secure-your-supply-chain/manage-your-dependency-security/configure-access-to-private-registries.md b/content/code-security/how-tos/secure-your-supply-chain/manage-your-dependency-security/configure-access-to-private-registries.md
index 4954d0404885..f5ba4d7dbf6e 100644
--- a/content/code-security/how-tos/secure-your-supply-chain/manage-your-dependency-security/configure-access-to-private-registries.md
+++ b/content/code-security/how-tos/secure-your-supply-chain/manage-your-dependency-security/configure-access-to-private-registries.md
@@ -29,8 +29,41 @@ For specific ecosystems, you can configure {% data variables.product.prodname_de
{% ifversion dependabot-on-actions-self-hosted %}To allow {% data variables.product.prodname_dependabot %} access to registries hosted privately or restricted to internal networks, configure {% data variables.product.prodname_dependabot %} to run on {% data variables.product.prodname_actions %} self-hosted runners. For more information, see [AUTOTITLE](/code-security/dependabot/maintain-dependencies/managing-dependabot-on-self-hosted-runners).{% endif %}
+{% ifversion org-automatic-registry-access %}
+
+## Configuring private {% data variables.product.github %}-hosted registries
+
+For packages stored in {% data variables.product.prodname_registry %} or {% data variables.product.prodname_container_registry %}, {% data variables.product.prodname_dependabot %} can authenticate automatically using its `GITHUB_TOKEN`. This uses the same "Manage Actions access" grants that {% data variables.product.prodname_actions %} workflows use. No {% data variables.product.pat_generic_plural %} or `dependabot.yml` registry entries are required.git push
+
+The `dependabot.yml` registry configuration using {% data variables.product.pat_generic_title_case %}-based registry entries and described in [Configuring private third-party registries](#configuring-private-third-party-registries) is still required for third-party private registries (such as Artifactory, Azure Artifacts, or Nexus).
+
+To grant {% data variables.product.prodname_dependabot %} access to a private package:
+
+ {% data reusables.package_registry.package-settings-from-org-level %}
+ {% data reusables.package_registry.package-settings-option %}
+ {% data reusables.package_registry.package-settings-actions-access %}
+ 1. {% data reusables.package_registry.package-settings-add-repo %}.
+ Search for the repository where {% data variables.product.prodname_dependabot %} runs, and select it.
+ {% data reusables.package_registry.package-settings-actions-access-role-repo %}
+ Select **Read** as the access level. {% data variables.product.prodname_dependabot %} only needs read access to pull packages.
+
+You need to repeat these steps for each private package that you want {% data variables.product.prodname_dependabot %} to access.
+
+Once access is granted, {% data variables.product.prodname_dependabot %} can pull from those packages automatically. You can remove any {% data variables.product.pat_generic %}-based registry entries in `dependabot.yml` that you previously configured for these packages.
+
+> [!NOTE]
+> This method works for every {% data variables.product.prodname_registry %} ecosystem that {% data variables.product.prodname_dependabot %} supports, including container images in {% data variables.product.prodname_container_registry %}.
+
+For more information about how automatic access works, see [AUTOTITLE](/code-security/concepts/supply-chain-security/automatic-dependabot-access-to-github-registries). For more information about package access settings, see [AUTOTITLE](/packages/learn-github-packages/configuring-a-packages-access-control-and-visibility#ensuring-workflow-access-to-your-package).
+
+## Configuring private third-party registries
+
+{% else %}
+
## Configuring private registries
+{% endif %}
+
{% ifversion org-private-registry %}
You can configure {% data variables.product.prodname_dependabot %}'s access to private registries at the org-level.
diff --git a/content/code-security/how-tos/secure-your-supply-chain/manage-your-dependency-security/configure-private-registries.md b/content/code-security/how-tos/secure-your-supply-chain/manage-your-dependency-security/configure-private-registries.md
index 118616c92d48..1b4f083e8feb 100644
--- a/content/code-security/how-tos/secure-your-supply-chain/manage-your-dependency-security/configure-private-registries.md
+++ b/content/code-security/how-tos/secure-your-supply-chain/manage-your-dependency-security/configure-private-registries.md
@@ -109,6 +109,12 @@ The snippet below shows a `dependabot.yml` file configuration that uses a token.
Docker supports using a username and password for registries. For more information, see `docker-registry` in [AUTOTITLE](/code-security/how-tos/secure-your-supply-chain/manage-your-dependency-security/configuring-access-to-private-registries-for-dependabot#docker-registry).
+{% ifversion org-automatic-registry-access %}
+
+For images stored in {% data variables.product.prodname_container_registry %}, you can grant your repository **Read** access in the package settings instead of configuring credentials in your `dependabot.yml` file. See [AUTOTITLE](/code-security/how-tos/secure-your-supply-chain/manage-your-dependency-security/configuring-access-to-private-registries-for-dependabot#configuring-private-github-hosted-registries).
+
+{% endif %}
+
Snippet of `dependabot.yml` file using a username and password.
{% raw %}
diff --git a/content/copilot/concepts/mcp-management.md b/content/copilot/concepts/mcp-management.md
index 4797908a88fb..319a384ffec0 100644
--- a/content/copilot/concepts/mcp-management.md
+++ b/content/copilot/concepts/mcp-management.md
@@ -41,14 +41,13 @@ MCP management features are supported as follows:
| Surface | Registry display | Allowlist enforcement |
|---|:---:|:---:|
-| {% data variables.copilot.copilot_cli_short %} | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %} |
+| {% data variables.copilot.copilot_cli_short %} | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %} v1.0.11+ |
| {% data variables.copilot.copilot_cloud_agent %} | {% octicon "x" aria-label="Not supported" %} | {% octicon "x" aria-label="Not supported" %} |
-| Eclipse | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %} |
-| JetBrains | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %} |
-| {% data variables.product.prodname_vs %} | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %} |
-| {% data variables.product.prodname_vscode_shortname %} | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %} |
-| {% data variables.product.prodname_vscode_shortname %} Insiders | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %} |
-| Xcode | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %} |
+| Eclipse | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %} v4.38+ |
+| JetBrains | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %} v1.5.64+ |
+| {% data variables.product.prodname_vs %} | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %} v18.4.0+ |
+| {% data variables.product.prodname_vscode_shortname %} | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %} v1.109.3+ |
+| Xcode | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %} v0.47.0+ |
> [!NOTE]
> For Eclipse, JetBrains, and Xcode, MCP management features are supported in the pre-release versions of {% data variables.product.prodname_copilot_short %}.
diff --git a/content/copilot/how-tos/administer-copilot/manage-for-enterprise/manage-agents/create-github-private-repo.md b/content/copilot/how-tos/administer-copilot/manage-for-enterprise/manage-agents/create-github-private-repo.md
new file mode 100644
index 000000000000..138f5d82910e
--- /dev/null
+++ b/content/copilot/how-tos/administer-copilot/manage-for-enterprise/manage-agents/create-github-private-repo.md
@@ -0,0 +1,44 @@
+---
+title: Creating a `.github-private` repository
+shortTitle: Create github-private repository
+allowTitleToDifferFromFilename: true
+intro: 'A `.github-private` repository can serve as a designated source of governance settings for agents and plugins across your enterprise.'
+permissions: Enterprise owners
+versions:
+ feature: copilot
+contentType: how-tos
+category:
+ - Configure Copilot
+ - Manage Copilot for a team
+---
+
+A `.github-private` repository can house governance settings for your enterprise's custom agent profiles, client permissions, and plugins.
+
+A repository-based governance approach allows users to open pull request with suggestions to improve the settings, and it allows settings changes to be restricted by codeowners and rulesets.
+
+You can create a `.github-private` repository using a template or from scratch.
+
+## Creating a repository for your enterprise governance
+
+1. Choose an organization in your enterprise to own the repository containing your enterprise-level {% data variables.copilot.custom_agents_short %} and governance settings.
+1. Navigate to the [governance template repository](https://github.com/docs/custom-agents-template?ref_product=copilot&ref_type=engagement&ref_style=text&ref_plan=enterprise).
+1. In the top-right corner, click "Use this template" and create a new repository in your chosen organization named `.github-private`. Settings will apply to members regardless of whether they can access the repository, so choose the visibility based on who should be able to suggest changes:
+ * To grant **read access to all members** of your enterprise, choose {% octicon "organization" aria-hidden="true" aria-label="organization" %} **Internal**.
+ * To **manually grant access after creation**, choose {% octicon "lock" aria-hidden="true" aria-label="lock" %} **Private**.
+1. Update the template README as needed. Consider including creation guidelines for {% data variables.copilot.custom_agents_short %} or compliance considerations specific to your enterprise.
+
+> [!NOTE]
+> Settings in this repository apply to all users on your enterprise's {% data variables.product.prodname_copilot_short %} plan who use a supported client.
+
+## Selecting your repository as your source of governance
+
+{% data reusables.enterprise-accounts.access-enterprise %}
+{% data reusables.enterprise-accounts.ai-controls-tab %}
+1. On the "Agents" tab, in the "Configuration source" section, select the **Select organization** {% octicon "triangle-down" aria-hidden="true" aria-label="triangle-down" %} dropdown menu, then click the organization that contains your `.github-private` repository.
+
+The "Configuration summary" on the settings page will display the settings taken from this repository.
+
+## Next steps
+* [AUTOTITLE](/copilot/how-tos/administer-copilot/manage-for-enterprise/manage-agents/prepare-for-custom-agents)
+* [AUTOTITLE](/copilot/how-tos/administer-copilot/manage-for-enterprise/manage-agents/disable-automatic-commands)
+* [AUTOTITLE](/copilot/how-tos/administer-copilot/manage-for-enterprise/manage-agents/configure-enterprise-plugin-standards)
\ No newline at end of file
diff --git a/content/copilot/how-tos/administer-copilot/manage-for-enterprise/manage-agents/index.md b/content/copilot/how-tos/administer-copilot/manage-for-enterprise/manage-agents/index.md
index 8547dcfedab7..ae62f06eae26 100644
--- a/content/copilot/how-tos/administer-copilot/manage-for-enterprise/manage-agents/index.md
+++ b/content/copilot/how-tos/administer-copilot/manage-for-enterprise/manage-agents/index.md
@@ -6,6 +6,7 @@ versions:
feature: copilot
children:
- /prepare-for-custom-agents
+ - /create-github-private-repo
- /configure-enterprise-plugin-standards
- /disable-automatic-commands
- /monitor-agentic-activity
diff --git a/content/copilot/how-tos/administer-copilot/manage-for-enterprise/manage-agents/prepare-for-custom-agents.md b/content/copilot/how-tos/administer-copilot/manage-for-enterprise/manage-agents/prepare-for-custom-agents.md
index 3f14ff5eb911..9e02573b0181 100644
--- a/content/copilot/how-tos/administer-copilot/manage-for-enterprise/manage-agents/prepare-for-custom-agents.md
+++ b/content/copilot/how-tos/administer-copilot/manage-for-enterprise/manage-agents/prepare-for-custom-agents.md
@@ -11,23 +11,14 @@ category:
- Manage Copilot for a team
---
-Enterprise-level {% data variables.copilot.custom_agents_short %} are defined in a specific repository within an organization in your enterprise. Before you can create and use {% data variables.copilot.custom_agents_short %}, you need to create this repository and configure the relevant enterprise settings.
+Enterprise-level {% data variables.copilot.custom_agents_short %} are defined in a specific repository within an organization in your enterprise.
-The same `.github-private` repository can also be used to configure enterprise plugin standards. See [AUTOTITLE](/copilot/how-tos/administer-copilot/manage-for-enterprise/manage-agents/configure-enterprise-plugin-standards).
+Before you can create and use {% data variables.copilot.custom_agents_short %}, you need to create this repository and configure the relevant enterprise settings.
-## Creating a repository for your {% data variables.copilot.custom_agents_short %}
+## Creating a repository for your enterprise governance
-1. Choose an organization in your enterprise to own the repository containing your enterprise-level {% data variables.copilot.custom_agents_short %}.
-1. Using the [{% data variables.copilot.custom_agents_short %} template repository](https://github.com/docs/custom-agents-template?ref_product=copilot&ref_type=engagement&ref_style=text&ref_plan=enterprise), create a new repository in your chosen organization named `.github-private`. Set the visibility of the repository as follows:
- * To grant **read access to all members** of your enterprise, choose {% octicon "organization" aria-hidden="true" aria-label="organization" %} **Internal**.
- * To **manually grant access after creation**, choose {% octicon "lock" aria-hidden="true" aria-label="lock" %} **Private**.
-1. Update the template README as needed. Consider including creation guidelines for {% data variables.copilot.custom_agents_short %} or compliance considerations specific to your enterprise.
+1. Create a `.github-private` repository for your enterprise governance. If you don't already have a `.github-private` repo, see [AUTOTITLE](/copilot/how-tos/administer-copilot/manage-for-enterprise/manage-agents/create-github-private-repo).
-## Enabling and protecting {% data variables.copilot.custom_agents_short %} in your enterprise
-
-{% data reusables.enterprise-accounts.access-enterprise %}
-{% data reusables.enterprise-accounts.ai-controls-tab %}
-1. In the "{% data variables.copilot.custom_agents_caps_short %}" section, select the **Select organization** {% octicon "triangle-down" aria-hidden="true" aria-label="triangle-down" %} dropdown menu, then click the organization that contains your {% data variables.copilot.copilot_custom_agent_short %} repository.
1. To automatically configure a ruleset that allows only enterprise owners to edit {% data variables.copilot.agent_profiles %}, in the "Protect agent files using rulesets" section, click **Create ruleset**.
> [!NOTE]
diff --git a/content/copilot/how-tos/copilot-cli/use-copilot-cli/browse-issues-prs-gists.md b/content/copilot/how-tos/copilot-cli/use-copilot-cli/browse-issues-prs-gists.md
index 954fe7ec867e..3393158323d8 100644
--- a/content/copilot/how-tos/copilot-cli/use-copilot-cli/browse-issues-prs-gists.md
+++ b/content/copilot/how-tos/copilot-cli/use-copilot-cli/browse-issues-prs-gists.md
@@ -150,3 +150,8 @@ The footer hint bar in the **Issues**, **Pull requests**, and **Gists** tabs sum
| Enter | Search box | Run the search query. |
| Esc | Search box / applied search | Cancel the search box, or dismiss the search results. |
| Esc | Details view | Return to the list view. |
+
+## Further reading
+
+* [AUTOTITLE](/copilot/how-tos/copilot-cli/use-copilot-cli/manage-pull-requests)
+* [AUTOTITLE](/copilot/reference/copilot-cli-reference/cli-command-reference#slash-commands-in-the-interactive-interface)
diff --git a/content/copilot/how-tos/copilot-cli/use-copilot-cli/manage-pull-requests.md b/content/copilot/how-tos/copilot-cli/use-copilot-cli/manage-pull-requests.md
index 2444213183ec..72a1b63d894a 100644
--- a/content/copilot/how-tos/copilot-cli/use-copilot-cli/manage-pull-requests.md
+++ b/content/copilot/how-tos/copilot-cli/use-copilot-cli/manage-pull-requests.md
@@ -212,4 +212,5 @@ You can append instructions to guide the pull request creation. For example:
## Further reading
* [AUTOTITLE](/copilot/how-tos/copilot-cli/allowing-tools)
+* [AUTOTITLE](/copilot/how-tos/copilot-cli/use-copilot-cli/browse-issues-prs-gists)
* [AUTOTITLE](/copilot/reference/copilot-cli-reference/cli-command-reference)
diff --git a/content/copilot/how-tos/copilot-on-github/use-copilot-agents/copilot-code-review.md b/content/copilot/how-tos/copilot-on-github/use-copilot-agents/copilot-code-review.md
index e49c574a8056..de25059273e5 100644
--- a/content/copilot/how-tos/copilot-on-github/use-copilot-agents/copilot-code-review.md
+++ b/content/copilot/how-tos/copilot-on-github/use-copilot-agents/copilot-code-review.md
@@ -15,9 +15,9 @@ category:
## Request a review from {% data variables.product.prodname_copilot_short %}
1. On {% data variables.product.prodname_dotcom_the_website %}, create or open a pull request.
-1. Open the **Reviewers** menu, then select **{% data variables.product.prodname_copilot_short %}**.
+1. Under "Reviewers" in the right sidebar, next to **{% data variables.product.prodname_copilot_short %}**, click **Request**.
- 
+ 
1. Wait for {% data variables.product.prodname_copilot_short %} to finish reviewing. This usually takes less than 30 seconds.
@@ -29,14 +29,16 @@ category:
{% data variables.product.prodname_copilot_short %}'s review comments work like comments from human reviewers. Add reactions, reply, resolve, or hide them. Any replies you add are visible to other people but not to {% data variables.product.prodname_copilot_short %}.
+You can also request a review from {% data variables.product.prodname_copilot_short %} through the {% data variables.product.github %} REST API by requesting `copilot-pull-request-reviewer[bot]` as a reviewer. For more information, see [AUTOTITLE](/rest/pulls/review-requests#request-reviewers-for-a-pull-request).
+
## Work with suggested changes
{% data variables.product.prodname_copilot_short %}'s feedback often includes suggested changes you can apply in a few clicks. Accept a single suggestion or group multiple suggestions into one commit. For more information, see [AUTOTITLE](/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/incorporating-feedback-in-your-pull-request).
To have {% data variables.copilot.copilot_cloud_agent %} implement suggested changes directly:
-1. Opt into the {% data variables.release-phases.public_preview %} for {% data variables.copilot.copilot_code-review-tools_short %} and enable {% data variables.copilot.copilot_cloud_agent %}.
-1. On a review comment from {% data variables.copilot.copilot_code-review %}, click **Implement suggestion**. This creates a draft comment where you instruct {% data variables.product.prodname_copilot_short %} to address specific feedback. {% data variables.product.prodname_copilot_short %} then creates a new pull request against your branch with the suggestions applied.
+1. Enable {% data variables.copilot.copilot_code-review %} and {% data variables.copilot.copilot_cloud_agent %}.
+1. On a review comment from {% data variables.copilot.copilot_code-review %}, click **Fix with Copilot**. This creates a draft comment where you instruct {% data variables.product.prodname_copilot_short %} to address specific feedback. You can choose whether {% data variables.product.prodname_copilot_short %} creates a new pull request against your branch or commits directly to the same pull request.
## Provide feedback on reviews
@@ -52,7 +54,11 @@ Rate {% data variables.product.prodname_copilot_short %}'s comments to help impr
## Request a re-review
-{% data variables.product.prodname_copilot_short %} does not automatically re-review when you push new changes. To request a re-review, click the {% octicon "sync" aria-label="Re-request review" %} button next to {% data variables.product.prodname_copilot_short %}'s name in the **Reviewers** menu.
+When you push new changes to a pull request that {% data variables.product.prodname_copilot_short %} has reviewed, it does not automatically re-review unless you've configured automatic reviews to include new pushes.
+
+To manually request a re-review, click the {% octicon "sync" aria-label="Re-request review" %} button next to {% data variables.product.prodname_copilot_short %}'s name in the **Reviewers** menu. For more information, see [AUTOTITLE](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/requesting-a-pull-request-review).
+
+To automatically request re-reviews on every push, enable automatic code review and select **Review new pushes** in the ruleset settings. For more information, see [AUTOTITLE](/copilot/how-tos/copilot-on-github/set-up-copilot/configure-automatic-review#configuring-automatic-code-review-for-repositories-in-an-organization).
When re-reviewing, {% data variables.product.prodname_copilot_short %} may repeat previous comments, even if you resolved or downvoted them.
diff --git a/content/copilot/how-tos/use-copilot-agents/cloud-agent/use-cloud-agent-from-raycast.md b/content/copilot/how-tos/use-copilot-agents/cloud-agent/use-cloud-agent-from-raycast.md
index 67644e877235..443b9eeb20a3 100644
--- a/content/copilot/how-tos/use-copilot-agents/cloud-agent/use-cloud-agent-from-raycast.md
+++ b/content/copilot/how-tos/use-copilot-agents/cloud-agent/use-cloud-agent-from-raycast.md
@@ -59,7 +59,7 @@ category:
* To open the linked pull request, press Command+P (macOS) or Ctrl+P (Windows).
> [!NOTE]
-> If you are unable to see some tasks in Raycast, the organization that owns the repository may have enabled {% data variables.product.prodname_oauth_app %} access restrictions. To learn how to request approval for the "{% data variables.product.prodname_copilot %} for Raycast" {% data variables.product.prodname_oauth_app %}, see [AUTOTITLE](/account-and-profile/how-tos/setting-up-and-managing-your-personal-account-on-github/managing-your-membership-in-organizations/requesting-organization-approval-for-oauth-apps).
+> If you are unable to see some tasks in Raycast, the organization that owns the repository may have enabled {% data variables.product.prodname_oauth_app %} access restrictions. To learn how to request approval for the "{% data variables.product.prodname_copilot %} for Raycast" {% data variables.product.prodname_oauth_app %}, see [AUTOTITLE](/account-and-profile/how-tos/organization-membership/requesting-organization-approval-for-oauth-apps).
## Further reading
diff --git a/content/copilot/how-tos/use-copilot-agents/request-a-code-review/use-code-review.md b/content/copilot/how-tos/use-copilot-agents/request-a-code-review/use-code-review.md
index ed095779ce1b..8aee0aef0c74 100644
--- a/content/copilot/how-tos/use-copilot-agents/request-a-code-review/use-code-review.md
+++ b/content/copilot/how-tos/use-copilot-agents/request-a-code-review/use-code-review.md
@@ -33,9 +33,9 @@ For a full introduction to {% data variables.copilot.copilot_code-review %}, see
These instructions explain how to use {% data variables.copilot.copilot_code-review_short %} in the {% data variables.product.github %} website. To see instructions for other popular coding environments, click the appropriate tab at the top of the page.
1. On {% data variables.product.prodname_dotcom_the_website %}, create a pull request or navigate to an existing pull request.
-1. Open the **Reviewers** menu, then select **{% data variables.product.prodname_copilot_short %}**.
+1. Under "Reviewers" in the right sidebar, next to **{% data variables.product.prodname_copilot_short %}**, click **Request**.
- 
+ 
1. Wait for {% data variables.product.prodname_copilot_short %} to review your pull request. This usually takes less than 30 seconds.
@@ -49,6 +49,12 @@ These instructions explain how to use {% data variables.copilot.copilot_code-rev
Any comments you add to {% data variables.product.prodname_copilot_short %}'s review comments will be visible to humans, but they won't be visible to {% data variables.product.prodname_copilot_short %}, and {% data variables.product.prodname_copilot_short %} won't reply.
+You can also request a review from {% data variables.product.prodname_copilot_short %} through the {% data variables.product.github %} REST API by requesting `copilot-pull-request-reviewer[bot]` as a reviewer. For more information, see [AUTOTITLE](/rest/pulls/review-requests#request-reviewers-for-a-pull-request).
+
+## Enabling automatic reviews
+
+By default, you manually request a review from {% data variables.product.prodname_copilot_short %} on each pull request, in the same way you would request a review from a human. However, you can set up {% data variables.product.prodname_copilot_short %} to automatically review all pull requests. See [AUTOTITLE](/copilot/how-tos/agents/copilot-code-review/automatic-code-review).
+
## Working with suggested changes provided by {% data variables.product.prodname_copilot_short %}
Where possible, {% data variables.product.prodname_copilot_short %}'s feedback includes suggested changes which you can apply with a couple of clicks.
@@ -57,32 +63,18 @@ If you're happy with the changes, you can accept a single suggestion from {% dat
You can also invoke {% data variables.copilot.copilot_cloud_agent %} to implement suggested changes. To do this, you must:
-* Enable {% data variables.copilot.copilot_code-review-tools_short %} and {% data variables.copilot.copilot_cloud_agent %}.
-* On review comments from {% data variables.copilot.copilot_code-review %}, click **Implement suggestion**. This creates a draft comment on the pull request, where you can instruct {% data variables.product.prodname_copilot_short %} to address specific feedback. {% data variables.product.prodname_copilot_short %} will create a new pull request against your branch with the suggestions applied.
-
-## Providing feedback on {% data variables.product.prodname_copilot_short %}'s reviews
-
-You can provide feedback on {% data variables.product.prodname_copilot_short %}'s comments directly within each comment. We use this information to improve the product and the quality of {% data variables.product.prodname_copilot_short %}'s suggestions.
-
-1. On a pull request review comment from {% data variables.product.prodname_copilot_short %}, click the thumbs up (:+1:) or thumbs down (:-1:) button.
-
- 
-
-1. If you click the thumbs down button, you're asked to provide additional information. You can, optionally, pick the reason for your negative feedback and leave a comment before clicking **Submit feedback**.
-
- 
+* Enable {% data variables.copilot.copilot_code-review %} and {% data variables.copilot.copilot_cloud_agent %}.
+* On review comments from {% data variables.copilot.copilot_code-review %}, click **Fix with Copilot**. This creates a draft comment on the pull request, where you can instruct {% data variables.product.prodname_copilot_short %} to address specific feedback. You can then select whether {% data variables.product.prodname_copilot_short %} will create a new pull request against your branch or a commit to the same pull request with the suggestions applied.
## Requesting a re-review from {% data variables.product.prodname_copilot_short %}
-When you push changes to a pull request that {% data variables.product.prodname_copilot_short %} has reviewed, it won't automatically re-review your changes.
-
-To request a re-review from {% data variables.product.prodname_copilot_short %}, click the {% octicon "sync" aria-label="Re-request review" %} button next to {% data variables.product.prodname_copilot_short %}'s name in the **Reviewers** menu. For more information, see [AUTOTITLE](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/requesting-a-pull-request-review).
+When you push changes to a pull request that {% data variables.product.prodname_copilot_short %} has reviewed, it won't automatically re-review your changes unless you've configured it to review new pushes after enabling automatic reviews.
-> [!NOTE] When re-reviewing a pull request, {% data variables.product.prodname_copilot_short %} may repeat the same comments again, even if they have been dismissed with the "Resolve conversation" button or downvoted with the thumbs down (:-1:) button.
+To manually request a re-review from {% data variables.product.prodname_copilot_short %}, click the {% octicon "sync" aria-label="Re-request review" %} button next to {% data variables.product.prodname_copilot_short %}'s name in the **Reviewers** menu. For more information, see [AUTOTITLE](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/requesting-a-pull-request-review).
-## Enabling automatic reviews
+To automatically request re-reviews from {% data variables.product.prodname_copilot_short %} on every push, enable automatic code review for the repository and select **Review new pushes** in the ruleset settings. For more information, see [AUTOTITLE](/copilot/how-tos/copilot-on-github/set-up-copilot/configure-automatic-review#configuring-automatic-code-review-for-repositories-in-an-organization).
-By default, you manually request a review from {% data variables.product.prodname_copilot_short %} on each pull request, in the same way you would request a review from a human. However, you can set up {% data variables.product.prodname_copilot_short %} to automatically review all pull requests. See [AUTOTITLE](/copilot/how-tos/agents/copilot-code-review/automatic-code-review).
+> [!NOTE] When re-reviewing a pull request, {% data variables.product.prodname_copilot_short %} may repeat the same comments again, even if they have been dismissed with the "Resolve conversation" button or downvoted with the thumbs down (:-1:) button.
## Customizing {% data variables.product.prodname_copilot_short %}'s reviews with custom instructions
@@ -103,6 +95,14 @@ To make these available for {% data variables.copilot.copilot_code-review_short
{% data reusables.copilot.code-review.mcp-tools-setting %}
+## Providing feedback on {% data variables.product.prodname_copilot_short %}'s reviews
+
+You can provide feedback on {% data variables.product.prodname_copilot_short %}'s comments directly within each comment. We use this information to improve the product and the quality of {% data variables.product.prodname_copilot_short %}'s suggestions.
+
+To provide feedback on a review comment from {% data variables.product.prodname_copilot_short %}, click the thumbs up (:+1:) or thumbs down (:-1:) button.
+
+
+
{% endwebui %}
{% vscode %}
diff --git a/content/desktop/configuring-and-customizing-github-desktop/configuring-copilot-in-github-desktop.md b/content/desktop/configuring-and-customizing-github-desktop/configuring-copilot-in-github-desktop.md
new file mode 100644
index 000000000000..388c9d0e242a
--- /dev/null
+++ b/content/desktop/configuring-and-customizing-github-desktop/configuring-copilot-in-github-desktop.md
@@ -0,0 +1,81 @@
+---
+title: Configuring Copilot in GitHub Desktop
+intro: 'Choose which AI model {% data variables.copilot.copilot_desktop_short %} uses for each feature, or connect your own LLM provider.'
+versions:
+ feature: copilot
+shortTitle: Configure Copilot
+category:
+ - Configure and customize GitHub Desktop
+---
+
+You can choose which model {% data variables.product.prodname_copilot_short %} uses for each {% data variables.product.prodname_desktop %} feature, such as commit message generation and conflict resolution.
+
+You can also configure {% data variables.copilot.copilot_desktop_short %} to use your own LLM provider (BYOK) instead of {% data variables.product.github %}-hosted models. This lets you connect to OpenAI-compatible endpoints, Azure OpenAI, or Anthropic, including locally running models such as Ollama.
+
+## Prerequisites
+
+* You must be signed in to a {% data variables.product.github %} account with access to {% data variables.copilot.copilot_desktop_short %}.
+* If your access is managed by an organization or enterprise, {% data variables.copilot.copilot_desktop_short %} must be enabled for your account.
+* You have an API key or bearer token from a supported LLM provider, or you have a local model running, such as Ollama.
+* You have the base URL and at least one model identifier for the provider you want to use.
+
+> [!NOTE]
+> Custom LLM providers in {% data variables.product.prodname_desktop %} require access to {% data variables.copilot.copilot_desktop_short %}. To use your own LLM models with {% data variables.copilot.copilot_cli_short %}, see [AUTOTITLE](/copilot/how-tos/copilot-cli/customize-copilot/use-byok-models).
+
+## Supported provider types
+
+{% data variables.product.prodname_desktop %} supports three custom provider types:
+
+| Provider type | Compatible services |
+| --- | --- |
+| **OpenAI / OpenAI-compatible** | OpenAI, Ollama, vLLM, Foundry Local, and any other endpoint that is compatible with the selected API format. |
+| **Azure** | Azure OpenAI Service. |
+| **Anthropic** | Anthropic Claude models. |
+
+## Configuring your provider
+
+You configure your model provider by adding a custom provider in {% data variables.product.prodname_desktop %} settings.
+
+{% mac %}
+
+{% data reusables.desktop.mac-select-desktop-menu %}
+
+1. In the left sidebar, click **{% octicon "copilot" aria-hidden="true" aria-label="copilot" %} {% data variables.product.prodname_copilot_short %}**.
+
+{% data reusables.desktop.configure-llm-provider %}
+
+{% endmac %}
+
+{% windows %}
+
+{% data reusables.desktop.windows-choose-options %}
+
+1. In the left sidebar, click **{% octicon "copilot" aria-hidden="true" aria-label="copilot" %} {% data variables.product.prodname_copilot_short %}**.
+
+{% data reusables.desktop.configure-llm-provider %}
+
+{% endwindows %}
+
+## Adding models to your provider
+
+Add the models you want to use from your provider. Each model you add appears in the model picker alongside {% data variables.product.github %}-hosted models.
+
+1. In the **Add Custom Provider** or **Edit Custom Provider** dialog, under **Models**, click **Add Model**.
+1. Under **Display Name**, type the friendly name shown in the {% data variables.product.prodname_copilot_short %} model picker.
+1. Under **Model Identifier**, type the exact model name your provider expects.
+1. Under **Reasoning Effort**, select the reasoning level for the model.
+
+ For non-reasoning models, or to let the provider choose, leave **Default (provider's choice)** selected.
+1. Click **Add**.
+
+## Reviewing provider responsibilities
+
+When you use your own LLM provider, {% data variables.product.prodname_desktop %} sends prompts and repository context to that provider instead of {% data variables.product.github %}. Check your provider's data handling and retention policies before adding credentials.
+
+Always review generated commit messages and conflict-resolution suggestions before committing. For more information, see [AUTOTITLE](/copilot/responsible-use).
+
+## Further reading
+
+* [AUTOTITLE](/desktop/making-changes-in-a-branch/committing-and-reviewing-changes-to-your-project-in-github-desktop)
+* [AUTOTITLE](/copilot/reference/ai-models/supported-models)
+* [AUTOTITLE](/copilot/how-tos/copilot-cli/customize-copilot/use-byok-models)
diff --git a/content/desktop/configuring-and-customizing-github-desktop/index.md b/content/desktop/configuring-and-customizing-github-desktop/index.md
index b99a4a373895..7f99336b2528 100644
--- a/content/desktop/configuring-and-customizing-github-desktop/index.md
+++ b/content/desktop/configuring-and-customizing-github-desktop/index.md
@@ -9,6 +9,7 @@ versions:
children:
- /configuring-git-for-github-desktop
- /configuring-basic-settings-in-github-desktop
+ - /configuring-copilot-in-github-desktop
- /configuring-a-default-editor-in-github-desktop
- /setting-a-theme-for-github-desktop
- /about-git-large-file-storage-and-github-desktop
diff --git a/content/desktop/making-changes-in-a-branch/committing-and-reviewing-changes-to-your-project-in-github-desktop.md b/content/desktop/making-changes-in-a-branch/committing-and-reviewing-changes-to-your-project-in-github-desktop.md
index 64697dd9960c..7a7bacfa14da 100644
--- a/content/desktop/making-changes-in-a-branch/committing-and-reviewing-changes-to-your-project-in-github-desktop.md
+++ b/content/desktop/making-changes-in-a-branch/committing-and-reviewing-changes-to-your-project-in-github-desktop.md
@@ -109,6 +109,9 @@ Once you're satisfied with the changes you've chosen to include in your commit,
1. At the bottom of the list of changes, next to your profile picture, describe your commit:
* If you have access to {% data variables.product.prodname_copilot %}, you can automatically create a commit message and details based on the changes you made. Click {% octicon "copilot" aria-label="Generate commit message with Copilot" %}.
* If you want to regenerate a different commit message, click {% octicon "copilot" aria-label="Regenerate commit message with Copilot" %} again to generate a new suggestion.
+ * To choose the model used to generate commit messages, configure {% data variables.product.prodname_copilot_short %} settings. For more information, see [AUTOTITLE](/desktop/configuring-and-customizing-github-desktop/configuring-copilot-in-github-desktop).
+ * {% data variables.product.prodname_copilot_short %} uses any repository custom instructions to shape the generated commit message and details. For more information, see [AUTOTITLE](/enterprise-cloud@latest/copilot/how-tos/copilot-on-github/customize-copilot/add-custom-instructions/add-repository-instructions).
+ * {% data variables.product.prodname_copilot_short %} also uses any repository rulesets that restrict commit metadata to shape the generated commit message and details. For more information, see [AUTOTITLE](/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/creating-rulesets-for-a-repository#adding-metadata-restrictions).
* Alternatively, type your own short, meaningful commit message in the Summary field. You can also add more information about the change in the Description field.
diff --git a/content/issues/tracking-your-work-with-issues/using-issues/viewing-all-of-your-issues-and-pull-requests.md b/content/issues/tracking-your-work-with-issues/using-issues/viewing-all-of-your-issues-and-pull-requests.md
index 05603edbfb1a..8a42b0408938 100644
--- a/content/issues/tracking-your-work-with-issues/using-issues/viewing-all-of-your-issues-and-pull-requests.md
+++ b/content/issues/tracking-your-work-with-issues/using-issues/viewing-all-of-your-issues-and-pull-requests.md
@@ -56,4 +56,4 @@ You can create up to 25 saved views.
## Further reading
-* [AUTOTITLE](/account-and-profile/managing-subscriptions-and-notifications-on-github/managing-subscriptions-for-activity-on-github/viewing-your-subscriptions#reviewing-repositories-that-youre-watching)
+* [AUTOTITLE](/subscriptions-and-notifications/how-tos/managing-subscriptions-for-activity-on-github/viewing-your-subscriptions#reviewing-repositories-that-youre-watching)
diff --git a/content/packages/learn-github-packages/configuring-a-packages-access-control-and-visibility.md b/content/packages/learn-github-packages/configuring-a-packages-access-control-and-visibility.md
index 1bbd9237c3c7..2a43fb938dba 100644
--- a/content/packages/learn-github-packages/configuring-a-packages-access-control-and-visibility.md
+++ b/content/packages/learn-github-packages/configuring-a-packages-access-control-and-visibility.md
@@ -116,6 +116,12 @@ The specified repository does not need to be the repository where the source cod
If you publish a package that is linked to a repository, {% data variables.product.prodname_actions %} workflows in the linked repository automatically get access to the package, unless your organization has disabled the automatic inheritance of access permissions. For more information, see [About inheritance of access permissions](#about-inheritance-of-access-permissions) above.
{% endif %}
+{% ifversion org-automatic-registry-access %}
+
+Granting a repository access here also allows {% data variables.product.prodname_dependabot %} to pull from this package automatically, without requiring {% data variables.product.pat_generic_plural %} or `dependabot.yml` registry configuration. See [AUTOTITLE](/code-security/concepts/supply-chain-security/automatic-dependabot-access-to-github-registries).
+
+{% endif %}
+
> [!NOTE]
> * Syncing your package with a repository {% data variables.package_registry.package-settings-actions-access-menu %} is different than connecting your package to a repository. For more information about linking a repository to your package, see [AUTOTITLE](/packages/learn-github-packages/connecting-a-repository-to-a-package).
> * You can choose to limit permissions to workflow jobs usings the `permissions` key and `packages` scope. For more information, see [AUTOTITLE](/actions/using-jobs/assigning-permissions-to-jobs).
diff --git a/content/subscriptions-and-notifications/concepts/about-notifications.md b/content/subscriptions-and-notifications/concepts/about-notifications.md
index 04d635b9179a..d5fb797f39b0 100644
--- a/content/subscriptions-and-notifications/concepts/about-notifications.md
+++ b/content/subscriptions-and-notifications/concepts/about-notifications.md
@@ -32,7 +32,7 @@ You can choose to subscribe to notifications for:
You can also choose to automatically watch all repositories that you have push access to, except forks. You can watch any other repository you have access to manually by clicking **Watch**.
-If you're no longer interested in a conversation, you can unsubscribe, unwatch, or customize the types of notifications you'll receive in the future. For example, if you no longer want to receive notifications from a particular repository, you can click **Unsubscribe**. For more information, see [AUTOTITLE](/account-and-profile/managing-subscriptions-and-notifications-on-github/managing-subscriptions-for-activity-on-github/managing-your-subscriptions).
+If you're no longer interested in a conversation, you can unsubscribe, unwatch, or customize the types of notifications you'll receive in the future. For example, if you no longer want to receive notifications from a particular repository, you can click **Unsubscribe**. For more information, see [AUTOTITLE](/subscriptions-and-notifications/how-tos/managing-subscriptions-for-activity-on-github/managing-your-subscriptions).
### Default subscriptions
@@ -48,7 +48,7 @@ In general, you are automatically subscribed to conversations by default when yo
By default, you also automatically watch all repositories that you create and are owned by your personal account.
-To unsubscribe from conversations you're automatically subscribed to, you can change your notification settings or directly unsubscribe or unwatch activity on {% data variables.product.prodname_dotcom %}. For more information, see [AUTOTITLE](/account-and-profile/managing-subscriptions-and-notifications-on-github/managing-subscriptions-for-activity-on-github/managing-your-subscriptions).
+To unsubscribe from conversations you're automatically subscribed to, you can change your notification settings or directly unsubscribe or unwatch activity on {% data variables.product.prodname_dotcom %}. For more information, see [AUTOTITLE](/subscriptions-and-notifications/how-tos/managing-subscriptions-for-activity-on-github/managing-your-subscriptions).
## Customizing notifications and subscriptions
@@ -56,7 +56,7 @@ You can choose to view your notifications through the notifications inbox at [ht
To customize the types of updates you'd like to receive and where to send those updates, configure your notification settings. For more information, see [AUTOTITLE](/account-and-profile/managing-subscriptions-and-notifications-on-github/setting-up-notifications/configuring-notifications).
-To keep your subscriptions manageable, review your subscriptions and watched repositories and unsubscribe as needed. For more information, see [AUTOTITLE](/account-and-profile/managing-subscriptions-and-notifications-on-github/managing-subscriptions-for-activity-on-github).
+To keep your subscriptions manageable, review your subscriptions and watched repositories and unsubscribe as needed. For more information, see [AUTOTITLE](/subscriptions-and-notifications/how-tos/managing-subscriptions-for-activity-on-github).
To customize how you'd like to receive updates for specific pull requests or issues, you can configure your preferences within the issue or pull request. For more information, see [AUTOTITLE](/account-and-profile/managing-subscriptions-and-notifications-on-github/viewing-and-triaging-notifications/triaging-a-single-notification#customizing-when-to-receive-future-updates-for-an-issue-or-pull-request).
diff --git a/content/subscriptions-and-notifications/concepts/scheduled-reminders.md b/content/subscriptions-and-notifications/concepts/scheduled-reminders.md
index 6b392a175907..cf15accb4d66 100644
--- a/content/subscriptions-and-notifications/concepts/scheduled-reminders.md
+++ b/content/subscriptions-and-notifications/concepts/scheduled-reminders.md
@@ -21,4 +21,4 @@ You can set scheduled reminders for personal or team-level review requests for p
## Next steps
-To learn how to set up and control scheduled reminders, see [AUTOTITLE](/account-and-profile/how-tos/setting-up-and-managing-your-personal-account-on-github/managing-your-membership-in-organizations/managing-your-scheduled-reminders).
+To learn how to set up and control scheduled reminders, see [AUTOTITLE](/subscriptions-and-notifications/how-tos/managing-your-scheduled-reminders).
diff --git a/data/features/org-automatic-registry-access.yml b/data/features/org-automatic-registry-access.yml
new file mode 100644
index 000000000000..d87ae8623c54
--- /dev/null
+++ b/data/features/org-automatic-registry-access.yml
@@ -0,0 +1,6 @@
+# Reference: #22447
+# Automatic Dependabot access to GitHub-hosted registries [GA]
+versions:
+ fpt: '*'
+ ghec: '*'
+ ghes: '>=3.22'
diff --git a/data/release-notes/enterprise-server/3-21/0.yml b/data/release-notes/enterprise-server/3-21/0.yml
index b71e029a8e69..e306a0862bf4 100644
--- a/data/release-notes/enterprise-server/3-21/0.yml
+++ b/data/release-notes/enterprise-server/3-21/0.yml
@@ -217,9 +217,6 @@ sections:
# https://github.com/github/releases/issues/7252
- |
Test merge commits for open pull requests are now generated less frequently, improving performance and reducing repository bloat from loose Git objects. The test merge commit associated with a pull request is updated when the pull request itself changes, when the merge base between the two branches changes, or when the current test merge is older than 12 hours. All mergeability checks and rules continue to be honored.
- # https://github.com/github/releases/issues/6670
- - |
- Pull request reviewers can comment on any line of a changed file, not just lines within the diff. Previously, comments could only be placed on the three lines before or after a changed line. This allows reviewers to leave feedback on unchanged lines that need attention and to place comments directly on the relevant line, making review feedback clearer and easier for authors to act on. This feature is in public preview and subject to change.
# https://github.com/github/releases/issues/7688
- |
Users can view PR-level discussion comments in the side panel of the new Files Changed tab, allowing them to follow conversations while reviewing code without switching between the Files Changed and Conversation tabs. The side panel also supports filtering review and discussion comments. This feature is in public preview and subject to change.
@@ -298,3 +295,7 @@ sections:
# https://github.com/github/releases/issues/6651
- |
Closing down: Networking-related syscalls will be disabled by default in the pre-receive hook environment starting in {% data variables.product.prodname_ghe_server %} version 3.22. For enhanced security, hook environments will be placed in dedicated network namespaces. You will be able to override the default setting by setting `pre-receive-hook-networking` to `enabled`. In many cases, [push rulesets](/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/about-rulesets#push-rulesets) are an alternative for many pre-receive hooks.
+
+ errata:
+ - |
+ These release notes previously included a note about pull requeset reviewers being able to comment on any line of a changed file, not just lines within the diff. The note was added prematurely and has been removed. We will republish it when the feature is ready. [Updated: 2026-06-23]
\ No newline at end of file
diff --git a/data/reusables/copilot/create-managed-settings.md b/data/reusables/copilot/create-managed-settings.md
index a8039e9a7916..902fef0ed869 100644
--- a/data/reusables/copilot/create-managed-settings.md
+++ b/data/reusables/copilot/create-managed-settings.md
@@ -1,3 +1,3 @@
-1. In your enterprise's `.github-private` repository, create the managed settings file at `copilot/{% data variables.copilot.managed_setting_file %}`. If you haven't set a `.github-private` repository as your enterprise's source of agent configuration, see [AUTOTITLE](/copilot/how-tos/administer-copilot/manage-for-enterprise/manage-agents/prepare-for-custom-agents).
+1. In your enterprise's `.github-private` repository, create the managed settings file at `copilot/{% data variables.copilot.managed_setting_file %}`. If you haven't set a `.github-private` repository as your enterprise's source of agent configuration, see [AUTOTITLE](/copilot/how-tos/administer-copilot/manage-for-enterprise/manage-agents/create-github-private-repo).
The legacy path (`.github/copilot/settings.json`) is also supported.
diff --git a/data/reusables/dependabot/dependabot-updates-supported-versioning-tags.md b/data/reusables/dependabot/dependabot-updates-supported-versioning-tags.md
index b915243adc08..b5a68e39a620 100644
--- a/data/reusables/dependabot/dependabot-updates-supported-versioning-tags.md
+++ b/data/reusables/dependabot/dependabot-updates-supported-versioning-tags.md
@@ -28,10 +28,19 @@ The `dependabot.yml` file doesn't control the versioning tags that you can use,
| Bazel | `bazel` | Any SemVer prerelease identifier (commonly `alpha`, `beta`, `rc`) | `rules_go@0.46.0-rc1`, `rules_rust@0.40.0-beta`, `bazel_skylib@1.5.0-alpha` |
| {% endif %} |
| Bun | `bun` | `alpha`, `beta`, `rc`, `canary` (SemVer prerelease after `-`) | `bun@1.0.0-beta.1`, `elysia@1.0.0-rc.3`, `hono@4.0.0-canary.1` |
+| Composer | `composer` | `dev`, `alpha`, `a`, `beta`, `b`, `RC` (case-insensitive) | `laravel/framework@11.0.0-alpha1`, `symfony/console@7.0.0-beta2`, `monolog/monolog@3.0.0-RC1` |
+| {% ifversion dependabot-conda-support %} |
+| Conda | `conda` | `dev`, `alpha`, `a`, `beta`, `b`, `rc`, `c`, `post` | `numpy@2.0.0a1`, `pandas@2.1.0b2`, `scipy@1.12.0rc1`, `scikit-learn@1.4.0.dev0` |
+| {% endif %} |
| {% ifversion dependabot-deno-support %} |
| Deno | `deno` | Any SemVer prerelease identifier (commonly `alpha`, `beta`, `rc`) | `oak@13.0.0-alpha`, `fresh@2.0.0-rc.1`, `std@0.220.0-beta.2` |
| {% endif %} |
+| Dev containers | `devcontainers` | SemVer 2.0.0 (prerelease not used in practice) | `ghcr.io/devcontainers/features/node@1.6.1`, `ghcr.io/devcontainers/features/python@1.6` |
+| .NET SDK | `dotnet-sdk` | `preview.N`, `rc.N`, `alpha.N` | `dotnet-sdk@9.0.100-preview.7.24407.12`, `dotnet-sdk@9.0.100-rc.2.24474.11` |
| {% data variables.product.prodname_actions %} | `github-actions` | Any SemVer prerelease identifier (commonly `alpha`, `beta`, `rc`) | `my-org/my-action@v1.0.0-beta.1`, `my-org/deploy@v2.0.0-rc1`, `my-org/lint@v3.0.0-alpha` |
+| {% ifversion dependabot-helm-support %} |
+| Helm Charts | `helm` | Any SemVer prerelease identifier (commonly `alpha`, `beta`, `rc`) | `ingress-nginx@4.11.0-beta.0`, `cert-manager@1.15.0-alpha.1`, `prometheus@25.0.0-rc1` |
+| {% endif %} |
| Hex | `mix` | Any SemVer prerelease identifier (commonly `alpha`, `beta`, `rc`, `dev`) | `phoenix/phoenix@1.7.0-rc.0`, `elixir-ecto/ecto@3.11.0-beta.1`, `elixir-plug/plug@1.15.0-alpha.1` |
| {% ifversion dependabot-julia-support %} |
| Julia | `julia` | Any SemVer prerelease identifier (commonly `rc`, `DEV`, `beta`) | `HTTP@1.10.0-rc1`, `Plots@2.0.0-DEV`, `DataFrames@1.6.0-beta.1` |
@@ -43,10 +52,19 @@ The `dependabot.yml` file doesn't control the versioning tags that you can use,
| {% ifversion dependabot-opentofu-support %} |
| OpenTofu | `opentofu` | Any SemVer prerelease identifier (commonly `alpha`, `beta`, `rc`) | `opentofu/aws@5.0.0-alpha`, `opentofu/google@5.0.0-rc1`, `opentofu/azurerm@4.0.0-beta1` |
| {% endif %} |
+| {% ifversion dependabot-pre-commit-support %} |
+| pre-commit | `pre-commit` | Any SemVer prerelease identifier (commonly `alpha`, `beta`, `rc`) | `pre-commit/mirrors-mypy@1.10.0a1`, `psf/black@24.1.0rc1`, `astral-sh/ruff-pre-commit@0.4.0-beta.1` |
+| {% endif %} |
+| Pub | `pub` | Any SemVer prerelease identifier (commonly `dev`, `beta`, `rc`) | `flutter/dio@5.0.0-dev.1`, `dart-lang/http@1.2.0-beta.1`, `invertase/melos@4.0.0-rc.1` |
| {% ifversion dependabot-rust-toolchain-support %} |
| Rust toolchain | `rust-toolchain` | Channel-based: `stable`, `beta`, `nightly` (not SemVer prerelease) | `rust@1.78.0`, `rust@beta`, `rust@nightly`, `rust@nightly-2024-01-15` |
| {% endif %} |
+| Swift | `swift` | Any SemVer prerelease identifier (commonly `alpha`, `beta`, `rc`) | `vapor/vapor@5.0.0-beta.1`, `apple/swift-nio@3.0.0-rc1`, `pointfreeco/swift-composable-architecture@2.0.0-alpha.1` |
| Terraform | `terraform` | Any SemVer prerelease identifier (commonly `alpha`, `beta`, `rc`) | `hashicorp/aws@5.0.0-rc1`, `hashicorp/google@4.0.0-alpha`, `hashicorp/azurerm@3.0.0-beta1` |
+| uv | `uv` | `a`, `b`, `rc`, `dev`, `post` (PEP 440) | `requests@1.0.0a1`, `numpy@2.0.0b3`, `django@4.0rc1`, `black@1.0.0.dev5`, `pandas@2.0.5.post1` |
+| {% ifversion dependabot-vcpkg-support %} |
+| vcpkg | `vcpkg` | Any SemVer prerelease identifier (commonly `beta`, `rc`) | `zlib@1.3.1-beta1`, `openssl@3.2.0-rc.1`, `fmt@10.2.0-beta` |
+| {% endif %} |
#### Ecosystem-specific versioning details
@@ -62,17 +80,17 @@ The following details describe how {% data variables.product.prodname_dependabot
{% ifversion dependabot-bazel-support %}
* **Bazel:** Follows SemVer prerelease conventions. The Bazel Central Registry (BCR) `.bcr.N` suffix is stripped before comparison and does not affect prerelease detection.
{% endif %}
-* **Bun:** Follows npm-style SemVer prerelease conventions. Build metadata (`+...`) is supported but ignored for version precedence.
{% ifversion dependabot-deno-support %}
* **Deno:** Follows SemVer prerelease conventions. Build metadata (`+...`) is supported but ignored for version precedence.
{% endif %}
+* **Bun:** Follows npm-style SemVer prerelease conventions. Build metadata (`+...`) is supported but ignored for version precedence.
* **{% data variables.product.prodname_actions %}:** {% data variables.product.prodname_dependabot %} resolves action versions from git tags. Any tag with a SemVer prerelease identifier (anything after `-`) is treated as prerelease. Additionally, releases marked as prerelease via the GitHub Release API are recognized regardless of tag format.
-* **Hex:** Follows SemVer prerelease conventions. Any identifier after `-` is treated as prerelease.
{% ifversion dependabot-julia-support %}
* **Julia:** Follows SemVer prerelease conventions. Prerelease identifiers are case-sensitive (for example, `DEV` and `dev` are distinct).
{% endif %}
+* **Hex:** Follows SemVer prerelease conventions. Any identifier after `-` is treated as prerelease.
{% ifversion dependabot-nix-support %}
-* **Nix:** {% data variables.product.prodname_dependabot %} tracks flake input commits, similar to git submodules. The table shows user-facing commit SHAs; internally, versions are represented as pseudo-versions (`0.0.0-0.N`). There is no traditional version comparison—updates move forward to the latest upstream commit.
+* **Nix:** {% data variables.product.prodname_dependabot %} tracks flake input commits, similar to git submodules. Internally, versions are represented as pseudo-versions (`0.0.0-0.N`). There is no traditional version comparison—updates move forward to the latest upstream commit.
{% endif %}
* **NuGet:** Follows SemVer 2.0.0 prerelease conventions. Build metadata (`+...`) is supported but ignored for version precedence.
{% ifversion dependabot-opentofu-support %}
@@ -82,3 +100,19 @@ The following details describe how {% data variables.product.prodname_dependabot
* **Rust toolchain:** Uses channel-based versioning (`stable`, `beta`, `nightly`) rather than SemVer prerelease identifiers. {% data variables.product.prodname_dependabot %} updates the pinned channel or date-stamped nightly (for example, `nightly-2024-01-15`) to the latest available.
{% endif %}
* **Terraform:** Follows SemVer prerelease conventions. The `v` prefix is stripped before comparison. Build metadata (`+...`) is ignored for version precedence.
+* **Composer:** Follows PHP Composer stability conventions (case-insensitive). Stability flags (`@dev`, `@beta`) in constraints are stripped before comparison. The `v` prefix is handled transparently.
+{% ifversion dependabot-conda-support %}
+* **Conda:** Follows conda version spec (similar to PEP 440). Epoch versions (`N!...`) and local versions (`+local`) are supported. Post-release (`post`) suffixes are recognized.
+{% endif %}
+* **.NET SDK:** Prerelease identifiers follow the `preview.N`, `rc.N`, `alpha.N` pattern. Prerelease updates require `allowPrerelease: true` in `global.json`.
+{% ifversion dependabot-helm-support %}
+* **Helm Charts:** Follows SemVer prerelease conventions. Chart version prefixes (for example, `chart-v`) and build digests (`+sha256:...`) are stripped before comparison.
+{% endif %}
+{% ifversion dependabot-pre-commit-support %}
+* **pre-commit:** Resolves hook versions from git tags. Prerelease detection uses both Gem::Version heuristic and the GitHub Release API `prerelease` flag. SHA-pinned hooks are also supported.
+{% endif %}
+* **Pub:** Follows SemVer prerelease conventions. Build metadata (`+...`) is supported but ignored for version precedence.
+* **Swift:** Follows SemVer prerelease conventions. Prerelease filtering is not currently applied—all versions are treated equally in comparison.
+{% ifversion dependabot-vcpkg-support %}
+* **vcpkg:** Supports multiple version formats: dot-separated numeric, SemVer (without build metadata), and date-based. Port version suffix (`#N`) indicates packaging revisions and does not affect prerelease detection.
+{% endif %}
diff --git a/data/reusables/desktop/configure-llm-provider.md b/data/reusables/desktop/configure-llm-provider.md
new file mode 100644
index 000000000000..8ce84111308e
--- /dev/null
+++ b/data/reusables/desktop/configure-llm-provider.md
@@ -0,0 +1,19 @@
+1. Click the **Providers** tab.
+1. Click **Add Provider**.
+1. Under **Name**, type a name for the LLM provider.
+1. Under **Type**, select the provider type.
+1. Under **Base URL**, type the base URL of your model provider's API endpoint.
+
+ The base URL must be an HTTPS URL, or an HTTP URL that points to the local machine.
+1. If you selected **OpenAI / OpenAI-compatible**, under **API Format**, select the API format your provider expects.
+ * Select **Chat completions (default)** for providers that use the OpenAI Chat Completions API.
+ * Select **Responses (GPT-5 series)** for providers that use the OpenAI Responses API.
+1. If you selected **Azure**, under **Azure API Version**, type the API version for your deployment.
+1. Optionally, under **Request Timeout (seconds)**, type the number of seconds {% data variables.product.prodname_desktop %} waits for the provider to respond.
+1. Under **Authentication**, select the authentication method.
+ * Select **API key** to authenticate with an API key.
+ * Select **Bearer token** to authenticate with a bearer token.
+ * Select **None** only for endpoints that do not require credentials.
+1. If you selected **API key** or **Bearer token**, type the required credential.
+1. Add at least one model to the provider. For more information, see [Adding models to your provider](#adding-models-to-your-provider).
+1. Click **Add**.
\ No newline at end of file
diff --git a/data/tables/copilot/auto-model-selection.yml b/data/tables/copilot/auto-model-selection.yml
index 05a89d89f044..2d1eb9bd2880 100644
--- a/data/tables/copilot/auto-model-selection.yml
+++ b/data/tables/copilot/auto-model-selection.yml
@@ -51,7 +51,7 @@
# Microsoft
- name: MAI-Code-1-Flash
- cloud_agent: false
+ cloud_agent: true
chat: true
cli: true
diff --git a/package-lock.json b/package-lock.json
index 9ee4046dadc3..d51817544d49 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -59,7 +59,7 @@
"helmet": "^8.1.0",
"highlight.js": "^11.11.1",
"highlightjs-curl": "^1.3.0",
- "hot-shots": "^15.0.0",
+ "hot-shots": "^16.0.0",
"html-entities": "^2.5.6",
"http-proxy-middleware": "^4.0.0",
"imurmurhash": "^0.1.4",
@@ -143,10 +143,10 @@
"@typescript-eslint/parser": "^8.33.1",
"chalk": "^5.0.1",
"change-case": "^5.4.4",
- "commander": "^14.0.3",
+ "commander": "^15.0.0",
"cross-env": "^10.1.0",
"csp-parse": "0.0.2",
- "csv-parse": "6.1.0",
+ "csv-parse": "7.0.0",
"eslint": "^9.39.3",
"eslint-config-prettier": "^10.1.8",
"eslint-import-resolver-typescript": "^4.4.4",
@@ -7972,13 +7972,13 @@
}
},
"node_modules/commander": {
- "version": "14.0.3",
- "resolved": "https://registry.npmjs.org/commander/-/commander-14.0.3.tgz",
- "integrity": "sha512-H+y0Jo/T1RZ9qPP4Eh1pkcQcLRglraJaSLoyOtHxu6AapkjWVCy2Sit1QQ4x3Dng8qDlSsZEet7g5Pq06MvTgw==",
+ "version": "15.0.0",
+ "resolved": "https://registry.npmjs.org/commander/-/commander-15.0.0.tgz",
+ "integrity": "sha512-z67u4ZhzCL/Tydu1lJARtEZYWbWaN7oYLHbsuzocr6y4N6WZAagG3RQ4FW61V1/0+jImpj293XfrcYnd1qxtPg==",
"dev": true,
"license": "MIT",
"engines": {
- "node": ">=20"
+ "node": ">=22.12.0"
}
},
"node_modules/compute-gcd": {
@@ -8166,9 +8166,9 @@
"license": "MIT"
},
"node_modules/csv-parse": {
- "version": "6.1.0",
- "resolved": "https://registry.npmjs.org/csv-parse/-/csv-parse-6.1.0.tgz",
- "integrity": "sha512-CEE+jwpgLn+MmtCpVcPtiCZpVtB6Z2OKPTr34pycYYoL7sxdOkXDdQ4lRiw6ioC0q6BLqhc6cKweCVvral8yhw==",
+ "version": "7.0.0",
+ "resolved": "https://registry.npmjs.org/csv-parse/-/csv-parse-7.0.0.tgz",
+ "integrity": "sha512-CSssqPAK5us09FhMI9juM0jnqXUJP+rtWeIfivTYBLNH/8rnxkQlZvoRemF6MAyfNov9XU8mN2wwF/pP68sxTA==",
"dev": true,
"license": "MIT"
},
@@ -10787,9 +10787,9 @@
}
},
"node_modules/hot-shots": {
- "version": "15.0.0",
- "resolved": "https://registry.npmjs.org/hot-shots/-/hot-shots-15.0.0.tgz",
- "integrity": "sha512-89EmKbvjVbDdFmUcvMl1x9XaKdEzg1VDLElbKaQCPC88wrus6O5XlCyZ+KbwZk9Dy4BNcsyfEHMfSkUtRZHBQg==",
+ "version": "16.0.0",
+ "resolved": "https://registry.npmjs.org/hot-shots/-/hot-shots-16.0.0.tgz",
+ "integrity": "sha512-1WHuq7vv0Hj6wiSmR89XpxxiNnw9s1W50yGJExC3/PSqVv+Kr7GSk3rz0jsTWjhIkF1c5Nz9mpLdzJ+CqKKwMg==",
"license": "MIT",
"engines": {
"node": ">=18.0.0"
diff --git a/package.json b/package.json
index c415b9d1ff59..49936cd947f4 100644
--- a/package.json
+++ b/package.json
@@ -218,7 +218,7 @@
"helmet": "^8.1.0",
"highlight.js": "^11.11.1",
"highlightjs-curl": "^1.3.0",
- "hot-shots": "^15.0.0",
+ "hot-shots": "^16.0.0",
"html-entities": "^2.5.6",
"http-proxy-middleware": "^4.0.0",
"imurmurhash": "^0.1.4",
@@ -302,10 +302,10 @@
"@typescript-eslint/parser": "^8.33.1",
"chalk": "^5.0.1",
"change-case": "^5.4.4",
- "commander": "^14.0.3",
+ "commander": "^15.0.0",
"cross-env": "^10.1.0",
"csp-parse": "0.0.2",
- "csv-parse": "6.1.0",
+ "csv-parse": "7.0.0",
"eslint": "^9.39.3",
"eslint-config-prettier": "^10.1.8",
"eslint-import-resolver-typescript": "^4.4.4",