Merge branch 'main' into patch-1

Author: Sharra-writes

.github/copilot-instructions.md

@@ -10,7 +10,7 @@ The bulleted points in a bullet list should always be denoted in Markdown using
 
 Within Markdown files, with the exception of the `title` field in the metadata at the start of a file, **always use the Liquid syntax variables rather than text** if a variable has been defined for that text. This ensures consistency and makes it easier to update product names globally.
 
-**Important**: Variables must be used in all content, including reusable content, data files, and regular articles. The only exception is the `title` field in frontmatter metadata.
+**Important**: Variables must be used in all content, including reusable content, data files, and regular articles. The only exceptions are the `title` field in frontmatter metadata and any file in the `content/site-policy` directory.
 
 For example:
 

.github/workflows/create-changelog-pr.yml

@@ -0,0 +1,144 @@
+name: Create a PR to add an entry to the CHANGELOG.md file in this repo
+
+# **What it does**: If a member of the github org posts a changelog comment, it creates a PR to update the CHANGELOG.md file.
+# **Why we have it**: This surfaces docs changelog details publicly.
+# **Who does it impact**: GitHub users and staff.
+
+on:
+  issue_comment:
+    types: [created]
+  workflow_dispatch:
+
+permissions:
+  contents: write
+  pull-requests: write
+
+env:
+  CHANGELOG_FILE: CHANGELOG.md
+
+jobs:
+  docs-changelog-pr:
+    if: ${{ github.repository == 'github/docs-internal' && github.event.issue.pull_request }}
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: 'Ensure ${{ env.CHANGELOG_FILE }} exists'
+        run: |
+          if [ ! -f ${{ env.CHANGELOG_FILE }} ]; then
+            echo "${{ env.CHANGELOG_FILE }} is missing at the root of the repository."
+            exit 1
+          fi
+
+      - name: Check that the user belongs to the github org
+        id: hubber_check
+        uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea
+        with:
+          github-token: ${{ secrets.DOCS_BOT_PAT_BASE }}
+          script: |
+            try {
+              await github.rest.teams.getMembershipForUserInOrg({
+                org: 'github',
+                team_slug: 'employees',
+                username: context.payload.sender.login,
+              });
+              core.exportVariable('CONTINUE_WORKFLOW', 'true');
+            } catch(err) {
+              core.info("Workflow triggered by a comment, but the commenter is not a Hubber. Exiting.");
+              core.exportVariable('CONTINUE_WORKFLOW', 'false');
+            }
+
+      - name: Check if comment starts with '## Changelog summary'
+        if: env.CONTINUE_WORKFLOW == 'true'
+        id: check_summary
+        env:
+          COMMENT_BODY: ${{ github.event.comment.body }}
+        run: |
+          # Get the first line of the comment and trim the leading/trailing whitespace:
+          FIRST_LINE=$(printf "%s\n" "$COMMENT_BODY" | head -n1 | sed 's/^[[:space:]]*//;s/[[:space:]]*$//')
+          if [[ "$FIRST_LINE" != '## Changelog summary' ]]; then
+            echo "FIRST_LINE=|$FIRST_LINE|"
+            echo "The pull request comment is not a changelog summary. Exiting."
+            echo "CONTINUE_WORKFLOW=false" >> $GITHUB_ENV
+          fi
+
+      - name: Create changelog text
+        if: env.CONTINUE_WORKFLOW == 'true'
+        id: create_text
+        env:
+          COMMENT_BODY: ${{ github.event.comment.body }}
+        run: |
+          set -euo pipefail
+          DATE=$(date +"**%-d %B %Y**")
+          BODY="$(printf "%s\n" "$COMMENT_BODY" | tail -n +2)"
+          CHANGELOG_TEXT="$(printf "%s\n" "$BODY" | awk '/^:writing_hand:/{exit} {print}')"
+          {
+            echo "$DATE"
+            echo -e "$CHANGELOG_TEXT\n<hr>"
+          } > changelog_entry.txt
+
+      - name: Set up git
+        if: env.CONTINUE_WORKFLOW == 'true'
+        run: |
+          git config user.name "github-actions[bot]"
+          git config user.email "github-actions[bot]@users.noreply.github.com"
+
+      - name: Prepare branch
+        if: env.CONTINUE_WORKFLOW == 'true'
+        run: |
+          BRANCH="changelog-update-$(date +%s)"
+          echo "BRANCH=$BRANCH" >> $GITHUB_ENV
+          git checkout -b "$BRANCH"
+
+          # Insert new changelog entry after the first heading, as follows:
+          # Print the first line of the existing CHANGELOG.md file into a `tmp` file, followed by an empty line.
+          # Then, print the contents of `changelog_entry.txt` into the `tmp` file.
+          # Then, print the rest of the existing CHANGELOG.md file into the `tmp` file.
+          # Finally, replace the existing CHANGELOG.md file with the `tmp` file.
+          awk 'NR==1{print; print ""; while ((getline line < "changelog_entry.txt") > 0) print line; next}1' CHANGELOG.md > tmp && mv tmp CHANGELOG.md
+
+          git add CHANGELOG.md
+          git commit -m "Update changelog for $(head -n1 changelog_entry.txt)"
+          git push origin "$BRANCH"
+
+      - name: Create a pull request
+        if: env.CONTINUE_WORKFLOW == 'true'
+        uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea
+        id: create_pull_request
+        with:
+          github-token: ${{ secrets.DOCS_BOT_PAT_BASE }}
+          script: |
+            const { data: pullRequest } = await github.rest.pulls.create({
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              title: `Update docs changelog (for PR #${context.payload.issue.number})`,
+              body: `### Automated docs changelog update\n\n**Purpose:** Update the <code>${{ env.CHANGELOG_FILE }}</code> file with details of a recent docs change.\n\nThis PR is an automated update, generated by the <code>create-changelog-pr.yml</code> Actions workflow as a result of a "Changelog summary" comment being added to [PR #${context.payload.issue.number}](${context.payload.issue.html_url}).\n\n**Note for reviewer**: This change to the <code>${{ env.CHANGELOG_FILE }}</code> file will be synced to the public docs site, so make sure that the content of the entry is appropriate for public consumption. If the content is wholly inappropriate for public consumption, then this PR can be closed.\n\n<details><summary>Original PR comment posted by @${context.payload.comment.user.login}, using the <code>/changelog</code> slash command:</summary>\n\n${context.payload.comment.body}</details>`,
+              head: process.env.BRANCH,
+              base: 'main'
+            });
+
+            core.setOutput('pull-request-number', pullRequest.number);
+            core.setOutput('pull-request-url', pullRequest.html_url);
+
+      - name: Add 'ready-for-doc-review' label to PR
+        if: env.CONTINUE_WORKFLOW == 'true'
+        uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea
+        env:
+          # Get the number of the PR that was just created:
+          PULL_REQUEST_NUMBER: ${{ steps.create_pull_request.outputs.pull-request-number }}
+        with:
+          github-token: ${{ secrets.DOCS_BOT_PAT_BASE }}
+          script: |
+            await github.rest.issues.addLabels({
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              issue_number: Number(process.env.PULL_REQUEST_NUMBER),
+              labels: ['ready-for-doc-review']
+            });
+
+      - uses: ./.github/actions/slack-alert
+        if: ${{ failure() && github.event_name != 'workflow_dispatch' }}
+        with:
+          slack_channel_id: ${{ secrets.DOCS_ALERTS_SLACK_CHANNEL_ID }}
+          slack_token: ${{ secrets.SLACK_DOCS_BOT_TOKEN }}

CHANGELOG.md

@@ -0,0 +1,90 @@
+# Docs changelog
+
+**30 June 2025**
+
+Many enterprise customers want to measure the downstream impact of Copilot on their company, looking beyond leading metrics like adoption and usage.
+
+Inspired by [GitHub's latest guidance](https://resources.github.com/engineering-system-success-playbook/), we've published three guides that provide usecases, training resources, and metrics to help you plan and measure your rollout to achieve real-world goals, such as increasing test coverage.
+
+Get started at [Achieving your company's engineering goals with GitHub Copilot](https://docs.github.com/en/copilot/get-started/achieve-engineering-goals).
+
+<hr>
+
+**27 June 2025**
+
+We've published a new guide about how to combine use of GitHub Copilot's agent mode with Model Context Protocol (MCP) servers to complete complex tasks through agentic "loops" - illustrated through an accessibility compliance example. The guide also discusses best practices and benefits around using these two features together. See [Enhancing Copilot agent mode with MCP](https://docs.github.com/copilot/tutorials/enhancing-copilot-agent-mode-with-mcp).
+
+<hr>
+
+**27 June 2025**
+
+We’ve published a new set of new documentation articles designed to help users make the most of the **Dependabot metrics page** in the organization’s security overview.
+
+These clear, actionable guides help users:
+
+- **[View metrics for Dependabot alerts](https://docs.github.com/en/enterprise-cloud@latest/code-security/security-overview/viewing-metrics-for-dependabot-alerts)**
+  This article is aimed at security and engineering leads who want to learn how to access and interpret key metrics, so they can quickly assess their organization’s exposure and remediation progress.
+
+- **[Understand your organization’s exposure to vulnerable dependencies](https://docs.github.com/en/enterprise-cloud@latest/code-security/securing-your-organization/understanding-your-organizations-exposure-to-vulnerabilites/about-your-exposure-to-vulnerable-dependencies)**
+  In this article, security analysts and compliance teams get a deep dive into how vulnerable dependencies are tracked and what these numbers mean for their risk landscape.
+
+- **[Prioritize Dependabot alerts using metrics](https://docs.github.com/en/enterprise-cloud@latest/code-security/securing-your-organization/understanding-your-organizations-exposure-to-vulnerabilites/prioritizing-dependabot-alerts-using-metrics)**
+  This guide provides engineering managers and remediation teams with strategies for using metrics to focus the team’s efforts where they matter most, making remediation more efficient.
+
+<hr>
+
+**27 June 2025**
+
+We've published a new scenario-based guide for Copilot: [Learning a new programming language with GitHub Copilot](https://docs.github.com/en/copilot/tutorials/learning-a-new-programming-language-with-github-copilot).
+
+This guide is for developers who are proficient with at least one programming language and want to learn an additional language. It provides information about how you can use Copilot as your personalized learning assistant. It also provides many ready-made prompts that you can use when you are learning a new programming language.
+
+<hr>
+
+**25 June 2025**
+
+GitHub Models launched [Pay-As-You-Go billing and Bring Your Own Key support](https://github.blog/changelog/2025-06-24-github-models-now-supports-moving-beyond-free-limits/). This provides real production usage for the first time and lays the foundation for Models to scale beyond a free sandbox.
+
+See [About Billing for GitHub Models](https://docs.github.com/billing/managing-billing-for-your-products/about-billing-for-github-models) and [Using your own API keys in GitHub Models](https://docs.github.com/github-models/github-models-at-scale/set-up-custom-model-integration-models-byok).
+
+<hr>
+
+**23 June 2025**
+
+We’ve restructured our documentation around Copilot’s AI models to make it easier for users to understand, choose, and configure models across clients and plans. See [Supported AI models in Copilot](https://docs.github.com/copilot/using-github-copilot/ai-models/supported-ai-models-in-copilot) and [Choosing the right AI model for your task](https://docs.github.com/copilot/using-github-copilot/ai-models/choosing-the-right-ai-model-for-your-task).
+
+<hr>
+
+**18 June 2025**
+
+We've published a new responsible AI article for Copilot: [Responsible use of GitHub Copilot code completion](https://docs.github.com/copilot/responsible-use-of-github-copilot-features/responsible-use-of-github-copilot-code-completion). This provides RAI transparency information for this feature of GitHub Copilot.
+
+<hr>
+
+**13 June 2025**
+
+We've published a new article for people learning to code: [Developing your project locally](https://docs.github.com/get-started/learning-to-code/developing-your-project-locally).
+
+This tutorial helps learners gain core skills needed to set up any project locally by working through an example client-side application using HTML, CSS, and JavaScript. The goal is to help new coders use GitHub tools to recognize patterns across different technologies and build confidence in their ability to set up any project locally.
+
+<hr>
+
+**13 June 2025**
+
+To manage System for Cross-domain Identity Management (SCIM) integration with confidence, customers need to understand the different types of deprovisioning, the actions that trigger them, and their options for reinstating deprovisioned users.
+
+We've published a new article to answer questions around suspending and reinstating Enterprise Managed Users, or users where SCIM is enabled on GitHub Enterprise Server: [Deprovisioning and reinstating users with SCIM](https://docs.github.com/enterprise-cloud@latest/admin/managing-iam/provisioning-user-accounts-with-scim/deprovisioning-and-reinstating-users).
+
+<hr>
+
+**11 June 2025**
+
+We've added a new scenario-based guide for the Builder persona: [Using Copilot to explore a codebase](https://docs.github.com/copilot/tutorials/using-copilot-to-explore-a-codebase).
+
+<hr>
+
+**24 April 2025**
+
+To help learners feel confident they are building real coding skills while using Copilot, we published [Setting up Copilot for learning to code](https://docs.github.com/get-started/learning-to-code/setting-up-copilot-for-learning-to-code).
+
+This article helps learners take their first steps in coding with Copilot acting as a tutor, rather than a code completion tool. Configuring Copilot for learning emphasizes skill development and gives learners a way to use Copilot as a daily tool to foster learning and coding independence.

Dockerfile

@@ -8,7 +8,7 @@
 # ---------------------------------------------------------------
 # To update the sha:
 # https://github.com/github/gh-base-image/pkgs/container/gh-base-image%2Fgh-base-noble
-FROM ghcr.io/github/gh-base-image/gh-base-noble:20250619-223112-g14de19c1f AS base
+FROM ghcr.io/github/gh-base-image/gh-base-noble:20250625-232939-g2376d80a2 AS base
 
 # Install curl for Node install and determining the early access branch
 # Install git for cloning docs-early-access & translations repos
@@ -54,19 +54,28 @@ RUN --mount=type=secret,id=DOCS_BOT_PAT_BASE,mode=0444 \
   . ./build-scripts/fetch-repos.sh
 
 # -----------------------------------------
-# DEPENDENCIES STAGE: Install node packages
+# PROD_DEPS STAGE: Install production dependencies
 # -----------------------------------------
-FROM base AS dependencies
+FROM base AS prod_deps
 USER node:node
 WORKDIR $APP_HOME
 
 # Copy what is needed to run npm ci
 COPY --chown=node:node package.json package-lock.json ./
 
-RUN npm ci --omit=optional --registry https://registry.npmjs.org/
+# Install only production dependencies (skip scripts to avoid husky)
+RUN npm ci --omit=dev --ignore-scripts --registry https://registry.npmjs.org/
 
 # -----------------------------------------
-# BUILD STAGE: Prepare for production stage
+# ALL_DEPS STAGE: Install all dependencies on top of prod deps
+# -----------------------------------------
+FROM prod_deps AS all_deps
+
+# Install dev dependencies on top of production ones
+RUN npm ci --registry https://registry.npmjs.org/
+
+# -----------------------------------------
+# BUILD STAGE: Build the application
 # -----------------------------------------
 FROM base AS build
 USER node:node
@@ -84,14 +93,27 @@ COPY --chown=node:node --from=clones $APP_HOME/assets assets/
 COPY --chown=node:node --from=clones $APP_HOME/content content/
 COPY --chown=node:node --from=clones $APP_HOME/translations translations/
 
-# From the dependencies stage
-COPY --chown=node:node --from=dependencies $APP_HOME/node_modules node_modules/
+# From the all_deps stage (need dev deps for build)
+COPY --chown=node:node --from=all_deps $APP_HOME/node_modules node_modules/
+
+# Build the application
+RUN npm run build
+
+# -----------------------------------------
+# WARMUP_CACHE STAGE: Warm up remote JSON cache
+# -----------------------------------------
+FROM build AS warmup_cache
+
+# Generate remote JSON cache
+RUN npm run warmup-remotejson
 
-# Generate build files
-RUN npm run build \
-  && npm run warmup-remotejson \
-  && npm run precompute-pageinfo -- --max-versions 2 \
-  && npm prune --production
+# -----------------------------------------
+# PRECOMPUTE STAGE: Precompute page info
+# -----------------------------------------
+FROM build AS precompute_stage
+
+# Generate precomputed page info
+RUN npm run precompute-pageinfo -- --max-versions 2
 
 # -------------------------------------------------
 # PRODUCTION STAGE: What will run on the containers
@@ -112,13 +134,17 @@ COPY --chown=node:node --from=clones $APP_HOME/assets assets/
 COPY --chown=node:node --from=clones $APP_HOME/content content/
 COPY --chown=node:node --from=clones $APP_HOME/translations translations/
 
-# From dependencies stage (*modified in build stage)
-COPY --chown=node:node --from=build $APP_HOME/node_modules node_modules/
+# From prod_deps stage (production-only node_modules)
+COPY --chown=node:node --from=prod_deps $APP_HOME/node_modules node_modules/
 
 # From build stage
 COPY --chown=node:node --from=build $APP_HOME/.next .next/
-COPY --chown=node:node --from=build $APP_HOME/.remotejson-cache ./
-COPY --chown=node:node --from=build $APP_HOME/.pageinfo-cache.json.br* ./
+
+# From warmup_cache stage
+COPY --chown=node:node --from=warmup_cache $APP_HOME/.remotejson-cache ./
+
+# From precompute_stage
+COPY --chown=node:node --from=precompute_stage $APP_HOME/.pageinfo-cache.json.br* ./
 
 # This makes it possible to set `--build-arg BUILD_SHA=abc123`
 # and it then becomes available as an environment variable in the docker run.