diff --git a/content/billing/concepts/product-billing/github-advanced-security.md b/content/billing/concepts/product-billing/github-advanced-security.md
index a4d5b709f939..fd10c2ab230d 100644
--- a/content/billing/concepts/product-billing/github-advanced-security.md
+++ b/content/billing/concepts/product-billing/github-advanced-security.md
@@ -59,7 +59,8 @@ Each **active committer** to at least one repository with an {% data variables.p
{% data variables.product.github %} makes some {% data variables.product.prodname_AS %} features available free of charge on {% data variables.product.prodname_dotcom_the_website %}.
* **All public repositories** have access to code scanning, secret scanning, and dependency review.
-* **Secret risk assessment** is available for organizations on {% data variables.product.prodname_dotcom_the_website %}. See {% ifversion fpt or ghec %}[AUTOTITLE](/code-security/securing-your-organization/understanding-your-organizations-exposure-to-leaked-secrets/viewing-the-secret-risk-assessment-report-for-your-organization){% elsif ghes %}[AUTOTITLE](/enterprise-cloud@latest/code-security/securing-your-organization/understanding-your-organizations-exposure-to-leaked-secrets/viewing-the-secret-risk-assessment-report-for-your-organization) in the {% data variables.product.prodname_ghe_cloud %} documentation{% endif %}.
+* **{% data variables.product.prodname_secret_risk_assessment_caps %}** is available for organizations on {% data variables.product.prodname_dotcom_the_website %}. See {% ifversion fpt or ghec %}[AUTOTITLE](/code-security/securing-your-organization/understanding-your-organizations-exposure-to-leaked-secrets/viewing-the-secret-risk-assessment-report-for-your-organization){% elsif ghes %}[AUTOTITLE](/enterprise-cloud@latest/code-security/securing-your-organization/understanding-your-organizations-exposure-to-leaked-secrets/viewing-the-secret-risk-assessment-report-for-your-organization) in the {% data variables.product.prodname_ghe_cloud %} documentation{% endif %}.{% ifversion code-security-risk-assessment %}
+* **{% data variables.product.prodname_code_security_risk_assessment_caps %}** is available for organizations on {% data variables.product.prodname_dotcom_the_website %}. See [AUTOTITLE](/code-security/concepts/code-scanning/code-security-risk-assessment).{% endif %}
For full details of available features, see [AUTOTITLE](/get-started/learning-about-github/about-github-advanced-security).
diff --git a/content/code-security/concepts/code-scanning/about-code-scanning.md b/content/code-security/concepts/code-scanning/about-code-scanning.md
index 9599ec5ebbd6..ec0068aa536b 100644
--- a/content/code-security/concepts/code-scanning/about-code-scanning.md
+++ b/content/code-security/concepts/code-scanning/about-code-scanning.md
@@ -41,6 +41,8 @@ To monitor results from {% data variables.product.prodname_code_scanning %} acro
{% data variables.product.prodname_code_scanning_caps %} uses {% data variables.product.prodname_actions %}, with each workflow run consuming {% data variables.product.prodname_actions %} minutes. If you want to use {% data variables.product.prodname_code_scanning %} on private repositories, you need a {% data variables.product.prodname_GH_code_security %} license. For more information, see [AUTOTITLE](/billing/managing-billing-for-github-actions/about-billing-for-github-actions). {% data reusables.advanced-security.ghas-trial %}
+If you want to assess your organization's exposure to vulnerabilities before purchasing a license, you can run a free {% data variables.product.prodname_code_security_risk_assessment %}. See [AUTOTITLE](/code-security/concepts/code-scanning/code-security-risk-assessment).
+
{% endif %}
To get started with {% data variables.product.prodname_code_scanning %}, see [AUTOTITLE](/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning).
diff --git a/content/code-security/concepts/code-scanning/code-security-risk-assessment.md b/content/code-security/concepts/code-scanning/code-security-risk-assessment.md
new file mode 100644
index 000000000000..3cd7e0ad66a9
--- /dev/null
+++ b/content/code-security/concepts/code-scanning/code-security-risk-assessment.md
@@ -0,0 +1,37 @@
+---
+title: Code security risk assessment
+intro: 'Generate a free code security risk assessment to understand your organization''s exposure to vulnerabilities.'
+product: '{% data reusables.gated-features.secret-risk-assessment-report %}
Get started with security risk assessments {% octicon "link-external" height:16 %}'
+permissions: '{% data reusables.permissions.secret-risk-assessment-report-generation %}'
+versions:
+ feature: code-security-risk-assessment
+contentType: concepts
+category:
+ - Find and fix code vulnerabilities
+---
+
+The {% data variables.product.prodname_code_security_risk_assessment %} is a free, self-serve scan that helps you understand your organization's exposure to code vulnerabilities. The assessment scans up to 20 of your organization's repositories and produces a report showing the vulnerabilities found, their severity, and how many can be fixed with {% data variables.copilot.copilot_autofix_short %}.
+
+The assessment is completely free. You won't be charged for any {% data variables.product.prodname_GH_code_security_always %} licenses, and the {% data variables.product.prodname_actions %} minutes used during the scan are provided at no cost.
+
+## Who can run the assessment
+
+**Organization owners** and **security managers** can run the {% data variables.product.prodname_code_security_risk_assessment %} for organizations on {% data variables.product.prodname_team %} or {% data variables.product.prodname_ghe_cloud %} plans.
+
+## What the assessment scans
+
+By default, the assessment pre-selects up to 20 of your organization's private and internal repositories based on commit activity in the last 90 days. You can change this selection before running the scan. Only repositories containing at least one language supported by code scanning can be selected.
+
+Scans have a one-hour timeout. If all languages in a repository fail to scan, that repository is counted as failed. If at least one language scans successfully, the repository's results are included in the report.
+
+You can rerun the assessment every 90 days. For each rerun, you can change which repositories are scanned.
+
+## Relationship to the {% data variables.product.prodname_secret_risk_assessment %}
+
+{% data variables.product.github %} offers two free security risk assessments for organizations: the {% data variables.product.prodname_code_security_risk_assessment %} and the {% data variables.product.prodname_secret_risk_assessment %}. The two assessments run independently and their results are displayed in separate tabs in the Assessments view. Each assessment can be rerun every 90 days.
+
+For more information about the {% data variables.product.prodname_secret_risk_assessment %}, see [AUTOTITLE](/code-security/concepts/secret-security/about-secret-security-with-github#secret-risk-assessment).
+
+## Next steps
+
+To generate a {% data variables.product.prodname_code_security_risk_assessment %} for your organization, see [AUTOTITLE](/code-security/how-tos/secure-at-scale/configure-organization-security/configure-specific-tools/assess-your-vulnerability-risk).
diff --git a/content/code-security/concepts/code-scanning/index.md b/content/code-security/concepts/code-scanning/index.md
index 4da08b05524c..410d8e920f0f 100644
--- a/content/code-security/concepts/code-scanning/index.md
+++ b/content/code-security/concepts/code-scanning/index.md
@@ -12,6 +12,7 @@ contentType: concepts
children:
- /about-code-scanning
- /about-code-scanning-alerts
+ - /code-security-risk-assessment
- /copilot-autofix-for-code-scanning
- /setup-types
- /about-integration-with-code-scanning
diff --git a/content/code-security/how-tos/secure-at-scale/configure-organization-security/configure-specific-tools/assess-your-secret-risk.md b/content/code-security/how-tos/secure-at-scale/configure-organization-security/configure-specific-tools/assess-your-secret-risk.md
index 05e93622c590..cbb9b0d3d74f 100644
--- a/content/code-security/how-tos/secure-at-scale/configure-organization-security/configure-specific-tools/assess-your-secret-risk.md
+++ b/content/code-security/how-tos/secure-at-scale/configure-organization-security/configure-specific-tools/assess-your-secret-risk.md
@@ -2,7 +2,7 @@
title: Running the secret risk assessment for your organization
shortTitle: Assess your secret risk
intro: Determine your organization's exposure to leaked secrets by generating a {% data variables.product.prodname_secret_risk_assessment %} report.
-product: '{% data reusables.gated-features.secret-risk-assessment-report %}'
+product: '{% data reusables.gated-features.secret-risk-assessment-report %}
Get started with security risk assessments {% octicon "link-external" height:16 %}'
permissions: '{% data reusables.permissions.secret-risk-assessment-report-generation %}'
versions:
feature: secret-risk-assessment
@@ -30,10 +30,9 @@ category:
{% data reusables.organizations.navigate-to-org %}
{% data reusables.organizations.security-overview %}
{% data reusables.security-overview.open-assessments-view %}
-1. Towards the top right side of the existing report, click {% octicon "kebab-horizontal" aria-label="The horizontal kebab icon" %}.
-1. Select **Rerun scan**.
+1. Towards the top right side of the existing report, click **Rerun scan**.
- {% data reusables.secret-risk-assessment.notification-report-ready %}
+{% data reusables.secret-risk-assessment.notification-report-ready %}
## Next steps
diff --git a/content/code-security/how-tos/secure-at-scale/configure-organization-security/configure-specific-tools/assess-your-vulnerability-risk.md b/content/code-security/how-tos/secure-at-scale/configure-organization-security/configure-specific-tools/assess-your-vulnerability-risk.md
new file mode 100644
index 000000000000..0de5a49c1935
--- /dev/null
+++ b/content/code-security/how-tos/secure-at-scale/configure-organization-security/configure-specific-tools/assess-your-vulnerability-risk.md
@@ -0,0 +1,37 @@
+---
+title: Running the code security risk assessment for your organization
+shortTitle: Assess your vulnerability risk
+allowTitleToDifferFromFilename: true
+intro: Determine your organization's exposure to vulnerabilities by generating a {% data variables.product.prodname_code_security_risk_assessment %} report.
+product: '{% data reusables.gated-features.secret-risk-assessment-report %}
Get started with security risk assessments {% octicon "link-external" height:16 %}'
+permissions: '{% data reusables.permissions.secret-risk-assessment-report-generation %}'
+versions:
+ feature: code-security-risk-assessment
+contentType: how-tos
+category:
+ - Secure at scale
+---
+
+## Generating an initial {% data variables.product.prodname_code_security_risk_assessment %}
+
+{% data reusables.organizations.navigate-to-org %}
+{% data reusables.organizations.security-overview %}
+{% data reusables.security-overview.open-assessments-view %}
+{% data reusables.security-overview.generate-code-security-risk-assessment-report %}
+
+ {% data reusables.secret-risk-assessment.notification-report-ready %}
+
+## Rerunning the {% data variables.product.prodname_code_security_risk_assessment %}
+
+You can only generate a {% data variables.product.prodname_code_security_risk_assessment %} report once every 90 days.
+
+{% data reusables.organizations.navigate-to-org %}
+{% data reusables.organizations.security-overview %}
+{% data reusables.security-overview.open-assessments-view %}
+1. Towards the top right side of the existing report, click **Rerun scan**.
+
+ {% data reusables.secret-risk-assessment.notification-report-ready %}
+
+## Next steps
+
+Now that you've generated a {% data variables.product.prodname_code_security_risk_assessment %} report for your organization, learn how to interpret the results. See [AUTOTITLE](/code-security/tutorials/secure-your-organization/interpreting-code-security-risk-assessment-results).
diff --git a/content/code-security/how-tos/secure-at-scale/configure-organization-security/configure-specific-tools/index.md b/content/code-security/how-tos/secure-at-scale/configure-organization-security/configure-specific-tools/index.md
index bb80b1929d26..6fa6c22bfbcc 100644
--- a/content/code-security/how-tos/secure-at-scale/configure-organization-security/configure-specific-tools/index.md
+++ b/content/code-security/how-tos/secure-at-scale/configure-organization-security/configure-specific-tools/index.md
@@ -8,7 +8,8 @@ versions:
contentType: how-tos
children:
- /assess-your-secret-risk
- - /viewing-the-secret-risk-assessment-report-for-your-organization
+ - /assess-your-vulnerability-risk
+ - /viewing-your-security-risk-assessment-reports
- /estimating-the-price-of-secret-protection
- /protect-your-secrets
- /configuring-default-setup-for-code-scanning-at-scale
diff --git a/content/code-security/how-tos/secure-at-scale/configure-organization-security/configure-specific-tools/viewing-the-secret-risk-assessment-report-for-your-organization.md b/content/code-security/how-tos/secure-at-scale/configure-organization-security/configure-specific-tools/viewing-your-security-risk-assessment-reports.md
similarity index 72%
rename from content/code-security/how-tos/secure-at-scale/configure-organization-security/configure-specific-tools/viewing-the-secret-risk-assessment-report-for-your-organization.md
rename to content/code-security/how-tos/secure-at-scale/configure-organization-security/configure-specific-tools/viewing-your-security-risk-assessment-reports.md
index 543c51e27bef..6d15b24e7e33 100644
--- a/content/code-security/how-tos/secure-at-scale/configure-organization-security/configure-specific-tools/viewing-the-secret-risk-assessment-report-for-your-organization.md
+++ b/content/code-security/how-tos/secure-at-scale/configure-organization-security/configure-specific-tools/viewing-your-security-risk-assessment-reports.md
@@ -1,7 +1,7 @@
---
-title: Viewing the secret risk assessment report for your organization
+title: Viewing your security risk assessment reports
shortTitle: View risk report
-intro: Understand your organization's exposure to leaked secrets at a glance by viewing your most recent {% data variables.product.prodname_secret_risk_assessment %} report.
+intro: Understand your organization's exposure to leaked secrets and code vulnerabilities by viewing your most recent security risk assessment reports.
product: '{% data reusables.gated-features.secret-risk-assessment-report %}'
permissions: '{% data reusables.permissions.secret-risk-assessment-report-generation %}'
allowTitleToDifferFromFilename: true
@@ -17,3 +17,4 @@ category:
{% data reusables.organizations.navigate-to-org %}
{% data reusables.organizations.security-overview %}
{% data reusables.security-overview.open-assessments-view %} You can see the most recent report on this page.
+1. Click the **{% data variables.product.UI_code_security_scanning %}** or **{% data variables.product.UI_secret_protection_scanning %}** tab to switch between reports.
diff --git a/content/code-security/index.md b/content/code-security/index.md
index 2aac6cada3d9..7f7148b33b32 100644
--- a/content/code-security/index.md
+++ b/content/code-security/index.md
@@ -6,7 +6,7 @@ redirect_from:
- /code-security/guides
introLinks:
overview: '{% ifversion ghes %}/code-security/getting-started/github-security-features{% endif %}'
- generate_secret_risk_assessment_report_for_free: '{% ifversion secret-risk-assessment %}/code-security/how-tos/secure-at-scale/configure-organization-security/configure-specific-tools/assess-your-secret-risk{% endif %}'
+ generate_secret_risk_assessment_report_for_free: '{% ifversion secret-risk-assessment %}https://github.com/get_started?with=risk-assessment{% endif %}'
changelog:
label: security-and-compliance
versions:
diff --git a/content/code-security/tutorials/secure-your-organization/index.md b/content/code-security/tutorials/secure-your-organization/index.md
index 5ca7639433d9..d6d31d879460 100644
--- a/content/code-security/tutorials/secure-your-organization/index.md
+++ b/content/code-security/tutorials/secure-your-organization/index.md
@@ -12,5 +12,6 @@ children:
- /best-practice-fix-alerts-at-scale
- /prioritize-alerts-in-production-code
- /interpreting-secret-risk-assessment-results
+ - /interpreting-code-security-risk-assessment-results
- /organizing-remediation-efforts-for-leaked-secrets
---
diff --git a/content/code-security/tutorials/secure-your-organization/interpreting-code-security-risk-assessment-results.md b/content/code-security/tutorials/secure-your-organization/interpreting-code-security-risk-assessment-results.md
new file mode 100644
index 000000000000..4fc6bd2573b9
--- /dev/null
+++ b/content/code-security/tutorials/secure-your-organization/interpreting-code-security-risk-assessment-results.md
@@ -0,0 +1,90 @@
+---
+title: Interpreting code security risk assessment results
+shortTitle: Interpret code security risk assessment
+intro: Understand the results from your {% data variables.product.prodname_code_security_risk_assessment %} and prioritize vulnerability remediation.
+permissions: '{% data reusables.permissions.secret-risk-assessment-report-generation %}'
+versions:
+ feature: code-security-risk-assessment
+contentType: tutorials
+category:
+ - Secure at scale
+---
+
+## Introduction
+
+In this tutorial, you'll interpret your {% data variables.product.prodname_code_security_risk_assessment %} results, and learn how to:
+
+* Understand risk metrics on the dashboard
+* Identify which repositories and languages are most affected
+* Prioritize vulnerabilities for remediation
+
+## Prerequisites
+
+You must generate a {% data variables.product.prodname_code_security_risk_assessment %} report and wait for the scan to complete. See [AUTOTITLE](/code-security/how-tos/secure-at-scale/configure-organization-security/configure-specific-tools/assess-your-vulnerability-risk).
+
+## Step 1: Understand your dashboard metrics
+
+Once your assessment completes, review the key metrics at the top of the dashboard:
+
+* **Total repositories scanned**: The number of repositories that were successfully scanned out of those selected.
+* **Total vulnerabilities found**: The total number of vulnerabilities found across all scanned repositories.
+* **Copilot Autofix**: The number of vulnerabilities that are eligible for {% data variables.copilot.copilot_autofix_short %}. Enabling {% data variables.product.prodname_GH_code_security %} gives you access to {% data variables.copilot.copilot_autofix_short %}, which can automatically suggest fixes for these alerts.
+
+## Step 2: Review vulnerabilities by language
+
+Look at the **Vulnerabilities by language** chart to understand which languages in your codebase are contributing most to your overall vulnerability count.
+
+If vulnerabilities are concentrated in a particular language, this may indicate:
+
+* Specific frameworks or patterns in use that introduce common weaknesses
+* Teams working in that language who may benefit from targeted secure coding guidance
+
+## Step 3: Identify the most affected repositories
+
+In the **Repositories scanned** table, you can see each scanned repository alongside the ratio of vulnerabilities eligible for {% data variables.copilot.copilot_autofix_short %} out of the total vulnerabilities found.
+
+The **Most vulnerable repository** metric at the top of the page highlights the repository with the highest vulnerability count. This is a good place to start when prioritizing remediation.
+
+If a **high percentage** of repositories contain vulnerabilities, this may indicate:
+
+* Widespread gaps in secure coding practices across teams
+* A need for organization-wide tooling and guardrails like {% data variables.product.prodname_code_scanning %}
+
+If only a **few** repositories contain vulnerabilities, you can focus remediation efforts on specific teams or codebases.
+
+## Step 4: Review rules detected
+
+Scroll to the **Rules detected** table to see a breakdown of vulnerabilities by rule, including:
+
+* **Rule**: The specific class of security issue detected
+* **Rule severity**: The severity level (critical, high, medium, or low)
+* **Distinct repositories**: How many different repositories contain this rule violation
+* **Vulnerabilities found**: The total count of this rule violation across all repositories
+
+The table sorts by vulnerability count by default, helping you identify the most prevalent issues. Pay particular attention to rules with a **Critical** or **High** severity that appear across multiple repositories, as these represent the greatest risk.
+
+## Step 5: Prioritize remediation
+
+Now that you understand the metrics, prioritize remediation based on risk.
+
+The highest priority vulnerabilities are **critical and high severity rules that appear across multiple repositories**, because they:
+
+* Represent the greatest potential impact if exploited
+* Are present in code your teams are actively working on
+
+Next, address vulnerabilities that present lower risk or require more effort to remediate:
+
+* **Medium and low severity issues**, which may still pose risk but are less immediately critical
+* **Rules appearing in only one repository**, which represent more contained exposure
+
+Also look for the following indicators, which may require broader intervention beyond individual fixes:
+
+* **Many repositories affected by the same rule**: Suggests a systemic pattern that may require team training or updated coding standards
+* **High vulnerability counts in a specific language**: May point to framework-level issues or missing scanning tooling for that language
+
+## Next steps
+
+To start remediating vulnerabilities with {% data variables.copilot.copilot_autofix_short %}, enable {% data variables.product.prodname_GH_code_security_always %} for your organization. You have two options:
+
+* To enable {% data variables.product.prodname_GH_code_security_always %} for an individual repository, click **Enable** next to a repository in the "Repositories scanned" table.
+* To enable {% data variables.product.prodname_GH_code_security_always %} across your organization, click **Enable {% data variables.product.UI_code_security_scanning %}** at the top of the page. Here, you can choose whether to enable it for all repositories or selected repositories, then review the estimated cost before confirming.
diff --git a/content/get-started/learning-about-github/about-github-advanced-security.md b/content/get-started/learning-about-github/about-github-advanced-security.md
index d11bfe514153..043ea6a458d9 100644
--- a/content/get-started/learning-about-github/about-github-advanced-security.md
+++ b/content/get-started/learning-about-github/about-github-advanced-security.md
@@ -129,13 +129,22 @@ A {% data variables.product.prodname_GHAS %} license provides the following addi
{% endif %}
-{% ifversion ghas-products %}{% ifversion secret-risk-assessment %}
+{% ifversion ghas-products %}
+
+## Run a free security risk assessment
+
+Get started with security risk assessments {% octicon "link-external" height:16 %}
-## Run an assessment of your organization's exposure to secret leaks
+Organizations on {% data variables.product.prodname_team %} and {% data variables.product.prodname_enterprise %} can run free security risk assessments to understand their exposure to security vulnerabilities:
-{% ifversion secret-risk-assessment %}{% data variables.secret-scanning.secret-risk-assessment-cta-product %}{% endif %}
+{% ifversion secret-risk-assessment %}
+* **Secret leaks**: Scan your organization for leaked secrets and see how many could have been prevented by {% data variables.product.prodname_GH_secret_protection %}. See [AUTOTITLE](/code-security/concepts/secret-security/about-secret-security-with-github#secret-risk-assessment).
+{% endif %}
+{% ifversion code-security-risk-assessment %}
+* **Code vulnerabilities**: Scan up to 20 of your most active repositories and see how many vulnerabilities could be automatically fixed with {% data variables.copilot.copilot_autofix_short %} if you enable {% data variables.product.prodname_GH_code_security %}. See [AUTOTITLE](/code-security/concepts/code-scanning/code-security-risk-assessment).
+{% endif %}
-Organizations on {% data variables.product.prodname_team %} and {% data variables.product.prodname_enterprise %} can run a free report to scan the code in the organization for leaked secrets. This can help you understand the current exposure of repositories in your organization to leaked secrets, as well as help you see how many existing secret leaks could have been prevented by {% data variables.product.prodname_GH_secret_protection %}.{% endif %}{% else %}{% endif %}
+{% endif %}
## Deploying {% ifversion ghas-products %}{% data variables.product.prodname_GH_code_security %} and {% data variables.product.prodname_GH_secret_protection %}{% else %}{% data variables.product.prodname_GHAS %} in your enterprise{% endif %}
diff --git a/data/features/code-security-risk-assessment.yml b/data/features/code-security-risk-assessment.yml
new file mode 100644
index 000000000000..3c814949e89c
--- /dev/null
+++ b/data/features/code-security-risk-assessment.yml
@@ -0,0 +1,5 @@
+# Reference: #19489
+# This feature is not yet available for GitHub Enterprise Server.
+versions:
+ ghec: '*'
+ fpt: '*'
diff --git a/data/reusables/security-overview/generate-code-security-risk-assessment-report.md b/data/reusables/security-overview/generate-code-security-risk-assessment-report.md
new file mode 100644
index 000000000000..797a944f87ed
--- /dev/null
+++ b/data/reusables/security-overview/generate-code-security-risk-assessment-report.md
@@ -0,0 +1,4 @@
+1. To generate the {% data variables.product.prodname_code_security_risk_assessment %}, click **Scan your organization**.
+
+ > [!NOTE]
+ > If you haven't previously run a security risk assessment, this will also initiate a **{% data variables.product.prodname_secret_risk_assessment %}**.
diff --git a/data/reusables/security-overview/generate-secret-risk-assessment-report.md b/data/reusables/security-overview/generate-secret-risk-assessment-report.md
index 36e9c07d1548..809d579a9e01 100644
--- a/data/reusables/security-overview/generate-secret-risk-assessment-report.md
+++ b/data/reusables/security-overview/generate-secret-risk-assessment-report.md
@@ -1 +1,4 @@
1. To generate the {% data variables.product.prodname_secret_risk_assessment %}, click **Scan your organization**.
+
+ > [!NOTE]
+ > If you haven't previously run a security risk assessment, this will also initiate a **{% data variables.product.prodname_code_security_risk_assessment %}**.
diff --git a/data/ui.yml b/data/ui.yml
index a3c072b1cc46..1eae9b4d28f0 100644
--- a/data/ui.yml
+++ b/data/ui.yml
@@ -281,7 +281,7 @@ product_landing:
overview: Overview
try_ghec_for_free: Try GitHub's enterprise features
try_ghas_for_free: Try GitHub Advanced Security for free
- generate_secret_risk_assessment_report_for_free: Find out how to run a free secret risk assessment
+ generate_secret_risk_assessment_report_for_free: Assess your organization's security for free
plan_your_migration: Plan your migration
ado_key_differences: Key differences between Azure DevOps and GitHub
releases: Releases
diff --git a/data/variables/product.yml b/data/variables/product.yml
index bbfb45ebf74f..0795a570826e 100644
--- a/data/variables/product.yml
+++ b/data/variables/product.yml
@@ -224,6 +224,10 @@ prodname_advanced_security: 'Advanced Security'
prodname_secret_risk_assessment: 'secret risk assessment'
prodname_secret_risk_assessment_caps: 'Secret risk assessment'
+## Code security risk assessment
+prodname_code_security_risk_assessment: 'code security risk assessment'
+prodname_code_security_risk_assessment_caps: 'Code security risk assessment'
+
## Azure DevOps
prodname_ghas_azdo: 'GitHub Advanced Security for Azure DevOps'
diff --git a/package-lock.json b/package-lock.json
index 568b60d35631..99bf7fa97ae2 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -47,7 +47,7 @@
"escape-string-regexp": "5.0.0",
"express": "^5.2.1",
"fastest-levenshtein": "1.0.16",
- "file-type": "21.3.2",
+ "file-type": "22.0.0",
"flat": "^6.0.1",
"github-slugger": "^2.0.0",
"glob": "13.0.2",
@@ -182,7 +182,7 @@
"rimraf": "^6.1.3",
"robots-parser": "^3.0.1",
"sass": "^1.97.3",
- "start-server-and-test": "^2.1.3",
+ "start-server-and-test": "^3.0.0",
"unist-util-remove": "^4.0.0",
"unist-util-visit-parents": "6.0.1",
"vitest": "^4.0.18",
@@ -494,6 +494,7 @@
"resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.29.0.tgz",
"integrity": "sha512-T1NCJqT/j9+cn8fvkt7jtwbLBfLC/1y1c7NtCeXFRgzGTsafi68MRv8yzkYSapBnFA6L3U2VSc02ciDzoAJhJg==",
"license": "MIT",
+ "peer": true,
"engines": {
"node": ">=6.9.0"
}
@@ -534,6 +535,7 @@
"resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz",
"integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==",
"license": "ISC",
+ "peer": true,
"bin": {
"semver": "bin/semver.js"
}
@@ -570,6 +572,7 @@
"resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.28.6.tgz",
"integrity": "sha512-JYtls3hqi15fcx5GaSNL7SCTJ2MNmjrkHXg4FSpOA/grxK8KwyZ5bubHsCq8FXCkua6xhuaaBit+3b7+VZRfcA==",
"license": "MIT",
+ "peer": true,
"dependencies": {
"@babel/compat-data": "^7.28.6",
"@babel/helper-validator-option": "^7.27.1",
@@ -586,6 +589,7 @@
"resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz",
"integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==",
"license": "ISC",
+ "peer": true,
"dependencies": {
"yallist": "^3.0.2"
}
@@ -595,6 +599,7 @@
"resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz",
"integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==",
"license": "ISC",
+ "peer": true,
"bin": {
"semver": "bin/semver.js"
}
@@ -626,6 +631,7 @@
"resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.28.6.tgz",
"integrity": "sha512-67oXFAYr2cDLDVGLXTEABjdBJZ6drElUSI7WKp70NrpyISso3plG9SAGEF6y7zbha/wOzUByWWTJvEDVNIUGcA==",
"license": "MIT",
+ "peer": true,
"dependencies": {
"@babel/helper-module-imports": "^7.28.6",
"@babel/helper-validator-identifier": "^7.28.5",
@@ -669,6 +675,7 @@
"resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.27.1.tgz",
"integrity": "sha512-YvjJow9FxbhFFKDSuFnVCe2WxXk1zWc22fFePVNEaWJEu8IrZVlda6N0uHwzZrUM1il7NC9Mlp4MaJYbYd9JSg==",
"license": "MIT",
+ "peer": true,
"engines": {
"node": ">=6.9.0"
}
@@ -678,6 +685,7 @@
"resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.28.6.tgz",
"integrity": "sha512-xOBvwq86HHdB7WUDTfKfT/Vuxh7gElQ+Sfti2Cy6yIWNW05P8iUslOVcZ4/sKbE+/jQaukQAdz/gf3724kYdqw==",
"license": "MIT",
+ "peer": true,
"dependencies": {
"@babel/template": "^7.28.6",
"@babel/types": "^7.28.6"
@@ -2334,6 +2342,7 @@
"resolved": "https://registry.npmjs.org/@jridgewell/remapping/-/remapping-2.3.5.tgz",
"integrity": "sha512-LI9u/+laYG4Ds1TDKSJW2YPrIlcVYOwi2fUC6xB43lueCjgxV4lffOCZCtYFiH6TNOX+tQKXx97T4IKHbhyHEQ==",
"license": "MIT",
+ "peer": true,
"dependencies": {
"@jridgewell/gen-mapping": "^0.3.5",
"@jridgewell/trace-mapping": "^0.3.24"
@@ -2562,7 +2571,6 @@
"resolved": "https://registry.npmjs.org/@octokit/core/-/core-7.0.6.tgz",
"integrity": "sha512-DhGl4xMVFGVIyMwswXeyzdL4uXD5OGILGX5N8Y+f6W7LhC1Ze2poSNrkF/fedpVDHEEZ+PHFW0vL14I+mm8K3Q==",
"license": "MIT",
- "peer": true,
"dependencies": {
"@octokit/auth-token": "^6.0.0",
"@octokit/graphql": "^9.0.3",
@@ -2863,7 +2871,6 @@
"resolved": "https://registry.npmjs.org/@opentelemetry/api/-/api-1.9.0.tgz",
"integrity": "sha512-3giAOQvZiH5F9bMlMiv8+GSPMeqg0dbaeo58/0SlA9sxSqZhnUtxzX9/2FzyhS9sWQf5S0GJE0AKBrFqjpeYcg==",
"license": "Apache-2.0",
- "peer": true,
"engines": {
"node": ">=8.0.0"
}
@@ -3771,7 +3778,6 @@
"resolved": "https://registry.npmjs.org/@opentelemetry/core/-/core-2.5.1.tgz",
"integrity": "sha512-Dwlc+3HAZqpgTYq0MUyZABjFkcrKTePwuiFVLjahGD8cx3enqihmpAmdgNFO1R4m/sIe5afjJrA25Prqy4NXlA==",
"license": "Apache-2.0",
- "peer": true,
"dependencies": {
"@opentelemetry/semantic-conventions": "^1.29.0"
},
@@ -5349,7 +5355,6 @@
"version": "2.5.1",
"resolved": "https://registry.npmjs.org/@parcel/watcher/-/watcher-2.5.1.tgz",
"integrity": "sha512-dfUnCxiN9H4ap84DvD2ubjw+3vUNpstxa0TneY/Paat8a3R4uQZDLSvWjmznAY/DoahqTHl9V46HF/Zs3F29pg==",
- "dev": true,
"hasInstallScript": true,
"license": "MIT",
"optional": true,
@@ -5389,7 +5394,6 @@
"cpu": [
"arm64"
],
- "dev": true,
"license": "MIT",
"optional": true,
"os": [
@@ -5410,7 +5414,6 @@
"cpu": [
"arm64"
],
- "dev": true,
"license": "MIT",
"optional": true,
"os": [
@@ -5431,7 +5434,6 @@
"cpu": [
"x64"
],
- "dev": true,
"license": "MIT",
"optional": true,
"os": [
@@ -5452,7 +5454,6 @@
"cpu": [
"x64"
],
- "dev": true,
"license": "MIT",
"optional": true,
"os": [
@@ -5473,7 +5474,6 @@
"cpu": [
"arm"
],
- "dev": true,
"license": "MIT",
"optional": true,
"os": [
@@ -5494,7 +5494,6 @@
"cpu": [
"arm"
],
- "dev": true,
"license": "MIT",
"optional": true,
"os": [
@@ -5515,7 +5514,6 @@
"cpu": [
"arm64"
],
- "dev": true,
"license": "MIT",
"optional": true,
"os": [
@@ -5536,7 +5534,6 @@
"cpu": [
"arm64"
],
- "dev": true,
"license": "MIT",
"optional": true,
"os": [
@@ -5557,7 +5554,6 @@
"cpu": [
"x64"
],
- "dev": true,
"license": "MIT",
"optional": true,
"os": [
@@ -5578,7 +5574,6 @@
"cpu": [
"x64"
],
- "dev": true,
"license": "MIT",
"optional": true,
"os": [
@@ -5599,7 +5594,6 @@
"cpu": [
"arm64"
],
- "dev": true,
"license": "MIT",
"optional": true,
"os": [
@@ -5620,7 +5614,6 @@
"cpu": [
"ia32"
],
- "dev": true,
"license": "MIT",
"optional": true,
"os": [
@@ -5641,7 +5634,6 @@
"cpu": [
"x64"
],
- "dev": true,
"license": "MIT",
"optional": true,
"os": [
@@ -5659,7 +5651,6 @@
"version": "1.0.3",
"resolved": "https://registry.npmjs.org/detect-libc/-/detect-libc-1.0.3.tgz",
"integrity": "sha512-pGjwhsmsp4kL2RTz08wcOlGN83otlqHeD/Z5T8GXZB+/YcpQ/dgo+lbU8ZsGxV0HIvqqxo9l7mqYwyYMD9bKDg==",
- "dev": true,
"license": "Apache-2.0",
"optional": true,
"bin": {
@@ -5688,7 +5679,6 @@
"integrity": "sha512-akea+6bHYBBfA9uQqSYmlJXn61cTa+jbO87xVLCWbTqbWadRVmhxlXATaOjOgcBaWU4ePo0wB41KMFv3o35IXA==",
"devOptional": true,
"license": "Apache-2.0",
- "peer": true,
"dependencies": {
"playwright": "1.58.2"
},
@@ -6599,7 +6589,6 @@
"integrity": "sha512-sKYVuV7Sv9fbPIt/442koC7+IIwK5olP1KWeD88e/idgoJqDm3JV/YUiPwkoKK92ylff2MGxSz1CSjsXelx0YA==",
"dev": true,
"license": "MIT",
- "peer": true,
"dependencies": {
"@types/body-parser": "*",
"@types/express-serve-static-core": "^5.0.0",
@@ -6809,7 +6798,6 @@
"resolved": "https://registry.npmjs.org/@types/react/-/react-18.3.20.tgz",
"integrity": "sha512-IPaCZN7PShZK/3t6Q87pfTkRm6oLTd4vztyoj+cbHUF1g3FfVb2tFIL79uCRKEfv16AhqDMBywP2VW3KIZUvcg==",
"license": "MIT",
- "peer": true,
"dependencies": {
"@types/prop-types": "*",
"csstype": "^3.0.2"
@@ -6821,7 +6809,6 @@
"integrity": "sha512-MEe3UeoENYVFXzoXEWsvcpg6ZvlrFNlOQ7EOsvhI3CfAXwzPfO8Qwuxd40nepsYKqyyVQnTdEfv68q91yLcKrQ==",
"devOptional": true,
"license": "MIT",
- "peer": true,
"peerDependencies": {
"@types/react": "^18.0.0"
}
@@ -7002,7 +6989,6 @@
"integrity": "sha512-rLoGZIf9afaRBYsPUMtvkDWykwXwUPL60HebR4JgTI8mxfFe2cQTu3AGitANp4b9B2QlVru6WzjgB2IzJKiCSA==",
"dev": true,
"license": "MIT",
- "peer": true,
"dependencies": {
"@typescript-eslint/scope-manager": "8.58.0",
"@typescript-eslint/types": "8.58.0",
@@ -7674,7 +7660,6 @@
"resolved": "https://registry.npmjs.org/acorn/-/acorn-8.15.0.tgz",
"integrity": "sha512-NZyJarBfL7nWwIq+FDL6Zp/yHEhePMNnnJ0y3qfieCrmNvYct8uvtiV41UvlSe6apAfk0fY1FbWx+NwfmpvtTg==",
"license": "MIT",
- "peer": true,
"bin": {
"acorn": "bin/acorn"
},
@@ -7714,7 +7699,6 @@
"resolved": "https://registry.npmjs.org/ajv/-/ajv-8.18.0.tgz",
"integrity": "sha512-PlXPeEWMXMZ7sPYOHqmDyCJzcfNrUr3fGNKtezX14ykXOEIvyK81d+qydx89KY5O71FKMPaQ2vBfBFI5NHR63A==",
"license": "MIT",
- "peer": true,
"dependencies": {
"fast-deep-equal": "^3.1.3",
"fast-uri": "^3.0.1",
@@ -8283,7 +8267,6 @@
}
],
"license": "MIT",
- "peer": true,
"dependencies": {
"caniuse-lite": "^1.0.30001733",
"electron-to-chromium": "^1.5.199",
@@ -9085,7 +9068,8 @@
"version": "2.0.0",
"resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz",
"integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==",
- "license": "MIT"
+ "license": "MIT",
+ "peer": true
},
"node_modules/cookie": {
"version": "0.7.2",
@@ -9604,11 +9588,6 @@
"node": ">= 0.4"
}
},
- "node_modules/duplexer": {
- "version": "0.1.2",
- "dev": true,
- "license": "MIT"
- },
"node_modules/ecdsa-sig-formatter": {
"version": "1.0.11",
"resolved": "https://registry.npmjs.org/ecdsa-sig-formatter/-/ecdsa-sig-formatter-1.0.11.tgz",
@@ -9958,7 +9937,6 @@
"integrity": "sha512-VmQ+sifHUbI/IcSopBCF/HO3YiHQx/AVd3UVyYL6weuwW+HvON9VYn5l6Zl1WZzPWXPNZrSQpxwkkZ/VuvJZzg==",
"dev": true,
"license": "MIT",
- "peer": true,
"dependencies": {
"@eslint-community/eslint-utils": "^4.8.0",
"@eslint-community/regexpp": "^4.12.1",
@@ -10019,7 +9997,6 @@
"integrity": "sha512-82GZUjRS0p/jganf6q1rEO25VSoHH0hKPCTrgillPjdI/3bgBhAE1QzHrHTizjpRvy6pGAvKjDJtk2pF9NDq8w==",
"dev": true,
"license": "MIT",
- "peer": true,
"bin": {
"eslint-config-prettier": "bin/cli.js"
},
@@ -10284,7 +10261,6 @@
"integrity": "sha512-whOE1HFo/qJDyX4SnXzP4N6zOWn79WhnCUY/iDR0mPfQZO8wcYE4JClzI2oZrhBnnMUCBCHZhO6VQyoBU95mZA==",
"dev": true,
"license": "MIT",
- "peer": true,
"dependencies": {
"@rtsao/scc": "^1.1.0",
"array-includes": "^3.1.9",
@@ -10782,20 +10758,6 @@
"node": ">= 0.6"
}
},
- "node_modules/event-stream": {
- "version": "3.3.4",
- "dev": true,
- "license": "MIT",
- "dependencies": {
- "duplexer": "~0.1.1",
- "from": "~0",
- "map-stream": "~0.1.0",
- "pause-stream": "0.0.11",
- "split": "0.3",
- "stream-combiner": "~0.0.4",
- "through": "~2.3.1"
- }
- },
"node_modules/event-to-promise": {
"version": "0.8.0",
"dev": true,
@@ -10998,18 +10960,18 @@
}
},
"node_modules/file-type": {
- "version": "21.3.2",
- "resolved": "https://registry.npmjs.org/file-type/-/file-type-21.3.2.tgz",
- "integrity": "sha512-DLkUvGwep3poOV2wpzbHCOnSKGk1LzyXTv+aHFgN2VFl96wnp8YA9YjO2qPzg5PuL8q/SW9Pdi6WTkYOIh995w==",
+ "version": "22.0.0",
+ "resolved": "https://registry.npmjs.org/file-type/-/file-type-22.0.0.tgz",
+ "integrity": "sha512-cmBmnYo8Zymabm2+qAP7jTFbKF10bQpYmxoGfuZbRFRcq00BRddJdGNH/P7GA1EMpJy5yQbqa9B7yROb3z8Ziw==",
"license": "MIT",
"dependencies": {
"@tokenizer/inflate": "^0.4.1",
- "strtok3": "^10.3.4",
- "token-types": "^6.1.1",
- "uint8array-extras": "^1.4.0"
+ "strtok3": "^10.3.5",
+ "token-types": "^6.1.2",
+ "uint8array-extras": "^1.5.0"
},
"engines": {
- "node": ">=20"
+ "node": ">=22"
},
"funding": {
"url": "https://github.com/sindresorhus/file-type?sponsor=1"
@@ -11214,11 +11176,6 @@
"node": ">= 0.8"
}
},
- "node_modules/from": {
- "version": "0.1.7",
- "dev": true,
- "license": "MIT"
- },
"node_modules/fs-extra": {
"version": "10.1.0",
"dev": true,
@@ -11236,7 +11193,6 @@
"version": "2.3.2",
"resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.2.tgz",
"integrity": "sha512-xiqMQR4xAeHTuB9uWm+fFRcIOgKBMiOBP+eXiyT7jsgVCq1bkVygt00oASowB7EdtpOHaaPgKt812P9ab+DDKA==",
- "dev": true,
"hasInstallScript": true,
"optional": true,
"os": [
@@ -11337,6 +11293,7 @@
"resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz",
"integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==",
"license": "MIT",
+ "peer": true,
"engines": {
"node": ">=6.9.0"
}
@@ -11534,7 +11491,6 @@
"resolved": "https://registry.npmjs.org/graphql/-/graphql-16.12.0.tgz",
"integrity": "sha512-DKKrynuQRne0PNpEbzuEdHlYOMksHSUI8Zc9Unei5gTsMNA2/vMpoMz/yKba50pejK56qj98qM0SjYxAKi13gQ==",
"dev": true,
- "peer": true,
"engines": {
"node": "^12.22.0 || ^14.16.0 || ^16.0.0 || >=17.0.0"
}
@@ -12906,15 +12862,14 @@
"resolved": "https://registry.npmjs.org/jiti/-/jiti-2.6.1.tgz",
"integrity": "sha512-ekilCSN1jwRvIbgeg/57YFh8qQDNbwDb9xT/qu2DAHbFFZUicIl4ygVaAvzveMhMVr3LnpSKTNnwt8PoOfmKhQ==",
"dev": true,
- "peer": true,
"bin": {
"jiti": "lib/jiti-cli.mjs"
}
},
"node_modules/joi": {
- "version": "18.0.2",
- "resolved": "https://registry.npmjs.org/joi/-/joi-18.0.2.tgz",
- "integrity": "sha512-RuCOQMIt78LWnktPoeBL0GErkNaJPTBGcYuyaBvUOQSpcpcLfWrHPPihYdOGbV5pam9VTWbeoF7TsGiHugcjGA==",
+ "version": "18.1.2",
+ "resolved": "https://registry.npmjs.org/joi/-/joi-18.1.2.tgz",
+ "integrity": "sha512-rF5MAmps5esSlhCA+N1b6IYHDw9j/btzGaqfgie522jS02Ju/HXBxamlXVlKEHAxoMKQL77HWI8jlqWsFuekZA==",
"dev": true,
"license": "BSD-3-Clause",
"dependencies": {
@@ -12924,7 +12879,7 @@
"@hapi/pinpoint": "^2.0.1",
"@hapi/tlds": "^1.1.1",
"@hapi/topo": "^6.0.2",
- "@standard-schema/spec": "^1.0.0"
+ "@standard-schema/spec": "^1.1.0"
},
"engines": {
"node": ">= 20"
@@ -13051,6 +13006,7 @@
"resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz",
"integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==",
"license": "MIT",
+ "peer": true,
"bin": {
"json5": "lib/cli.js"
},
@@ -13499,10 +13455,6 @@
"@jridgewell/sourcemap-codec": "^1.5.5"
}
},
- "node_modules/map-stream": {
- "version": "0.1.0",
- "dev": true
- },
"node_modules/markdown-it": {
"version": "14.1.0",
"resolved": "https://registry.npmjs.org/markdown-it/-/markdown-it-14.1.0.tgz",
@@ -15202,7 +15154,6 @@
"version": "7.1.1",
"resolved": "https://registry.npmjs.org/node-addon-api/-/node-addon-api-7.1.1.tgz",
"integrity": "sha512-5m3bsyrjFWE1xf7nz7YXdN4udnVtXK6/Yfgn5qnahL6bCkf2yKt4k3nuTKAtT4r3IG8JNR2ncsIMdZuAzJjHQQ==",
- "dev": true,
"license": "MIT",
"optional": true
},
@@ -15905,17 +15856,6 @@
"dev": true,
"license": "MIT"
},
- "node_modules/pause-stream": {
- "version": "0.0.11",
- "dev": true,
- "license": [
- "MIT",
- "Apache2"
- ],
- "dependencies": {
- "through": "~2.3"
- }
- },
"node_modules/pg-int8": {
"version": "1.0.1",
"resolved": "https://registry.npmjs.org/pg-int8/-/pg-int8-1.0.1.tgz",
@@ -16001,7 +15941,6 @@
"integrity": "sha512-yZkEtftgwS8CsfYo7nm0KE8jsvm6i/PTgVtB8DL726wNf6H2IMsDuxCpJj59KDaxCtSnrWan2AeDqM7JBaultg==",
"devOptional": true,
"license": "Apache-2.0",
- "peer": true,
"bin": {
"playwright-core": "cli.js"
},
@@ -16104,7 +16043,6 @@
"integrity": "sha512-UOnG6LftzbdaHZcKoPFtOcCKztrQ57WkHDeRD9t/PTQtmT0NHSeWWepj6pS0z/N7+08BHFDQVUrfmfMRcZwbMg==",
"dev": true,
"license": "MIT",
- "peer": true,
"bin": {
"prettier": "bin/prettier.cjs"
},
@@ -16185,20 +16123,6 @@
"integrity": "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg==",
"license": "MIT"
},
- "node_modules/ps-tree": {
- "version": "1.2.0",
- "dev": true,
- "license": "MIT",
- "dependencies": {
- "event-stream": "=3.3.4"
- },
- "bin": {
- "ps-tree": "bin/ps-tree.js"
- },
- "engines": {
- "node": ">= 0.10"
- }
- },
"node_modules/pstree.remy": {
"version": "1.1.8",
"dev": true,
@@ -16277,7 +16201,6 @@
"version": "18.3.1",
"resolved": "https://registry.npmjs.org/react/-/react-18.3.1.tgz",
"integrity": "sha512-wS+hAgJShR0KhEvPJArfuPVN1+Hz1t0Y6n5jLrGQbkb4urgPE/0Rve+1kMB1v/oWgHgm4WIcV+i7F2pTVj+2iQ==",
- "peer": true,
"dependencies": {
"loose-envify": "^1.1.0"
},
@@ -16298,7 +16221,6 @@
"version": "18.3.1",
"resolved": "https://registry.npmjs.org/react-dom/-/react-dom-18.3.1.tgz",
"integrity": "sha512-5m4nQKp+rZRb09LNH59GM4BxTh9251/ylbKIbpe7TpGxfJ+9kv6BLkLBXIjjspbgbnIBNqlI23tRnTWT0snUIw==",
- "peer": true,
"dependencies": {
"loose-envify": "^1.1.0",
"scheduler": "^0.23.2"
@@ -16326,8 +16248,7 @@
"version": "19.2.4",
"resolved": "https://registry.npmjs.org/react-is/-/react-is-19.2.4.tgz",
"integrity": "sha512-W+EWGn2v0ApPKgKKCy/7s7WHXkboGcsrXE+2joLyVxkbyVQfO3MUEaUQDHoSmb8TFFrSKYa9mw64WZHNHSDzYA==",
- "license": "MIT",
- "peer": true
+ "license": "MIT"
},
"node_modules/react-markdown": {
"version": "10.1.0",
@@ -16951,7 +16872,6 @@
"integrity": "sha512-fDz1zJpd5GycprAbu4Q2PV/RprsRtKC/0z82z0JLgdytmcq0+ujJbJ/09bPGDxCLkKY3Np5cRAOcWiVkLXJURg==",
"devOptional": true,
"license": "MIT",
- "peer": true,
"dependencies": {
"chokidar": "^4.0.0",
"immutable": "^5.0.2",
@@ -17472,17 +17392,6 @@
"url": "https://github.com/sponsors/wooorm"
}
},
- "node_modules/split": {
- "version": "0.3.3",
- "dev": true,
- "license": "MIT",
- "dependencies": {
- "through": "2"
- },
- "engines": {
- "node": "*"
- }
- },
"node_modules/srcset": {
"version": "5.0.0",
"dev": true,
@@ -17511,9 +17420,9 @@
"dev": true
},
"node_modules/start-server-and-test": {
- "version": "2.1.3",
- "resolved": "https://registry.npmjs.org/start-server-and-test/-/start-server-and-test-2.1.3.tgz",
- "integrity": "sha512-k4EcbNjeg0odaDkAMlIeDVDByqX9PIgL4tivgP2tES6Zd8o+4pTq/HgbWCyA3VHIoZopB+wGnNPKYGGSByNriQ==",
+ "version": "3.0.0",
+ "resolved": "https://registry.npmjs.org/start-server-and-test/-/start-server-and-test-3.0.0.tgz",
+ "integrity": "sha512-R//IdnWC+H+raB6zJIqw5QbIsMAjjYFwJC/OIJO6kgZljguYe4n4LlA7vkPTO7zoctFlVPfymsNShjcPOIH8nw==",
"dev": true,
"license": "MIT",
"dependencies": {
@@ -17523,8 +17432,8 @@
"debug": "4.4.3",
"execa": "5.1.1",
"lazy-ass": "1.6.0",
- "ps-tree": "1.2.0",
- "wait-on": "9.0.3"
+ "tree-kill": "1.2.2",
+ "wait-on": "9.0.4"
},
"bin": {
"server-test": "src/bin/start.js",
@@ -17532,7 +17441,7 @@
"start-test": "src/bin/start.js"
},
"engines": {
- "node": ">=16"
+ "node": "^22 || >=24"
}
},
"node_modules/statuses": {
@@ -17588,14 +17497,6 @@
"node": ">= 0.4"
}
},
- "node_modules/stream-combiner": {
- "version": "0.0.4",
- "dev": true,
- "license": "MIT",
- "dependencies": {
- "duplexer": "~0.1.1"
- }
- },
"node_modules/stream-http": {
"version": "3.2.0",
"resolved": "https://registry.npmjs.org/stream-http/-/stream-http-3.2.0.tgz",
@@ -17825,9 +17726,9 @@
}
},
"node_modules/strtok3": {
- "version": "10.3.4",
- "resolved": "https://registry.npmjs.org/strtok3/-/strtok3-10.3.4.tgz",
- "integrity": "sha512-KIy5nylvC5le1OdaaoCJ07L+8iQzJHGH6pWDuzS+d07Cu7n1MZ2x26P8ZKIWfbK02+XIL8Mp4RkWeqdUCrDMfg==",
+ "version": "10.3.5",
+ "resolved": "https://registry.npmjs.org/strtok3/-/strtok3-10.3.5.tgz",
+ "integrity": "sha512-ki4hZQfh5rX0QDLLkOCj+h+CVNkqmp/CMf8v8kZpkNVK6jGQooMytqzLZYUVYIZcFZ6yDB70EfD8POcFXiF5oA==",
"license": "MIT",
"dependencies": {
"@tokenizer/token": "^0.3.0"
@@ -17854,7 +17755,6 @@
"resolved": "https://registry.npmjs.org/styled-components/-/styled-components-5.3.11.tgz",
"integrity": "sha512-uuzIIfnVkagcVHv9nE0VPlHPSCmXIUGKfJ42LNjxCCTDTL5sgnJ8Z7GZBq0EnLYGln77tPpEpExt2+qa+cZqSw==",
"license": "MIT",
- "peer": true,
"dependencies": {
"@babel/helper-module-imports": "^7.0.0",
"@babel/traverse": "^7.4.5",
@@ -18054,11 +17954,6 @@
"node": ">=v0.10.0"
}
},
- "node_modules/through": {
- "version": "2.3.8",
- "dev": true,
- "license": "MIT"
- },
"node_modules/tinybench": {
"version": "2.9.0",
"resolved": "https://registry.npmjs.org/tinybench/-/tinybench-2.9.0.tgz",
@@ -18116,7 +18011,6 @@
"integrity": "sha512-QP88BAKvMam/3NxH6vj2o21R6MjxZUAd6nlwAS/pnGvN9IVLocLHxGYIzFhg6fUQ+5th6P4dv4eW9jX3DSIj7A==",
"dev": true,
"license": "MIT",
- "peer": true,
"engines": {
"node": ">=12"
},
@@ -18199,6 +18093,16 @@
"integrity": "sha512-N3WMsuqV66lT30CrXNbEjx4GEwlow3v6rr4mCcv6prnfwhS01rkgyFdjPNBYd9br7LpXV1+Emh01fHnq2Gdgrw==",
"license": "MIT"
},
+ "node_modules/tree-kill": {
+ "version": "1.2.2",
+ "resolved": "https://registry.npmjs.org/tree-kill/-/tree-kill-1.2.2.tgz",
+ "integrity": "sha512-L0Orpi8qGpRG//Nd+H90vFB+3iHnue1zSSGmNOOCh1GLJ7rUKVwV2HvijphGQS2UmhUZewS9VgvxYIdgr+fG1A==",
+ "dev": true,
+ "license": "MIT",
+ "bin": {
+ "tree-kill": "cli.js"
+ }
+ },
"node_modules/trim-lines": {
"version": "3.0.1",
"resolved": "https://registry.npmjs.org/trim-lines/-/trim-lines-3.0.1.tgz",
@@ -18449,7 +18353,6 @@
"resolved": "https://registry.npmjs.org/typescript/-/typescript-6.0.2.tgz",
"integrity": "sha512-bGdAIrZ0wiGDo5l8c++HWtbaNCWTS4UTv7RaTH/ThVIgjkveJt83m74bBHMJkuCbslY8ixgLBVZJIOiQlQTjfQ==",
"license": "Apache-2.0",
- "peer": true,
"bin": {
"tsc": "bin/tsc",
"tsserver": "bin/tsserver"
@@ -18498,9 +18401,9 @@
"dev": true
},
"node_modules/uint8array-extras": {
- "version": "1.4.0",
- "resolved": "https://registry.npmjs.org/uint8array-extras/-/uint8array-extras-1.4.0.tgz",
- "integrity": "sha512-ZPtzy0hu4cZjv3z5NW9gfKnNLjoz4y6uv4HlelAjDK7sY/xOkKZv9xK/WQpcsBB3jEybChz9DPC2U/+cusjJVQ==",
+ "version": "1.5.0",
+ "resolved": "https://registry.npmjs.org/uint8array-extras/-/uint8array-extras-1.5.0.tgz",
+ "integrity": "sha512-rvKSBiC5zqCCiDZ9kAOszZcDvdAHwwIKJG33Ykj43OKcWsnmcBRL09YTU4nOeHZ8Y2a7l1MgTd08SBe9A8Qj6A==",
"license": "MIT",
"engines": {
"node": ">=18"
@@ -18797,7 +18700,6 @@
"dev": true,
"hasInstallScript": true,
"license": "MIT",
- "peer": true,
"dependencies": {
"napi-postinstall": "^0.3.0"
},
@@ -19002,7 +18904,6 @@
"integrity": "sha512-w+N7Hifpc3gRjZ63vYBXA56dvvRlNWRczTdmCBBa+CotUzAPf5b7YMdMR/8CQoeYE5LX3W4wj6RYTgonm1b9DA==",
"dev": true,
"license": "MIT",
- "peer": true,
"dependencies": {
"esbuild": "^0.27.0",
"fdir": "^6.5.0",
@@ -19111,7 +19012,6 @@
"integrity": "sha512-QP88BAKvMam/3NxH6vj2o21R6MjxZUAd6nlwAS/pnGvN9IVLocLHxGYIzFhg6fUQ+5th6P4dv4eW9jX3DSIj7A==",
"dev": true,
"license": "MIT",
- "peer": true,
"engines": {
"node": ">=12"
},
@@ -19240,15 +19140,15 @@
}
},
"node_modules/wait-on": {
- "version": "9.0.3",
- "resolved": "https://registry.npmjs.org/wait-on/-/wait-on-9.0.3.tgz",
- "integrity": "sha512-13zBnyYvFDW1rBvWiJ6Av3ymAaq8EDQuvxZnPIw3g04UqGi4TyoIJABmfJ6zrvKo9yeFQExNkOk7idQbDJcuKA==",
+ "version": "9.0.4",
+ "resolved": "https://registry.npmjs.org/wait-on/-/wait-on-9.0.4.tgz",
+ "integrity": "sha512-k8qrgfwrPVJXTeFY8tl6BxVHiclK11u72DVKhpybHfUL/K6KM4bdyK9EhIVYGytB5MJe/3lq4Tf0hrjM+pvJZQ==",
"dev": true,
"license": "MIT",
"dependencies": {
- "axios": "^1.13.2",
- "joi": "^18.0.1",
- "lodash": "^4.17.21",
+ "axios": "^1.13.5",
+ "joi": "^18.0.2",
+ "lodash": "^4.17.23",
"minimist": "^1.2.8",
"rxjs": "^7.8.2"
},
@@ -19702,7 +19602,8 @@
"version": "3.1.1",
"resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz",
"integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==",
- "license": "ISC"
+ "license": "ISC",
+ "peer": true
},
"node_modules/yaml": {
"version": "2.8.3",
diff --git a/package.json b/package.json
index b4de47700214..f3b6d7c048be 100644
--- a/package.json
+++ b/package.json
@@ -204,7 +204,7 @@
"escape-string-regexp": "5.0.0",
"express": "^5.2.1",
"fastest-levenshtein": "1.0.16",
- "file-type": "21.3.2",
+ "file-type": "22.0.0",
"flat": "^6.0.1",
"github-slugger": "^2.0.0",
"glob": "13.0.2",
@@ -339,7 +339,7 @@
"rimraf": "^6.1.3",
"robots-parser": "^3.0.1",
"sass": "^1.97.3",
- "start-server-and-test": "^2.1.3",
+ "start-server-and-test": "^3.0.0",
"unist-util-remove": "^4.0.0",
"unist-util-visit-parents": "6.0.1",
"vitest": "^4.0.18",
diff --git a/src/fixtures/fixtures/data/ui.yml b/src/fixtures/fixtures/data/ui.yml
index a3c072b1cc46..1eae9b4d28f0 100644
--- a/src/fixtures/fixtures/data/ui.yml
+++ b/src/fixtures/fixtures/data/ui.yml
@@ -281,7 +281,7 @@ product_landing:
overview: Overview
try_ghec_for_free: Try GitHub's enterprise features
try_ghas_for_free: Try GitHub Advanced Security for free
- generate_secret_risk_assessment_report_for_free: Find out how to run a free secret risk assessment
+ generate_secret_risk_assessment_report_for_free: Assess your organization's security for free
plan_your_migration: Plan your migration
ado_key_differences: Key differences between Azure DevOps and GitHub
releases: Releases