github
diff --git a/‎content/actions/hosting-your-own-runners/managing-self-hosted-runners/about-self-hosted-runners.md
Lines changed: 1 addition & 0 deletions b/‎content/actions/hosting-your-own-runners/managing-self-hosted-runners/about-self-hosted-runners.md
Lines changed: 1 addition & 0 deletions
diff --git a/‎content/actions/hosting-your-own-runners/managing-self-hosted-runners/running-scripts-before-or-after-a-job.md
Lines changed: 2 additions & 1 deletion b/‎content/actions/hosting-your-own-runners/managing-self-hosted-runners/running-scripts-before-or-after-a-job.md
Lines changed: 2 additions & 1 deletion
diff --git a/‎content/actions/hosting-your-own-runners/managing-self-hosted-runners/using-self-hosted-runners-in-a-workflow.md
Lines changed: 4 additions & 4 deletions b/‎content/actions/hosting-your-own-runners/managing-self-hosted-runners/using-self-hosted-runners-in-a-workflow.md
Lines changed: 4 additions & 4 deletions
diff --git a/‎content/actions/managing-workflow-runs-and-deployments/managing-deployments/managing-environments-for-deployment.md
Lines changed: 1 addition & 1 deletion b/‎content/actions/managing-workflow-runs-and-deployments/managing-deployments/managing-environments-for-deployment.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎content/actions/migrating-to-github-actions/manually-migrating-to-github-actions/migrating-from-travis-ci-to-github-actions.md
Lines changed: 1 addition & 7 deletions b/‎content/actions/migrating-to-github-actions/manually-migrating-to-github-actions/migrating-from-travis-ci-to-github-actions.md
Lines changed: 1 addition & 7 deletions
diff --git a/‎content/actions/security-for-github-actions/using-artifact-attestations/enforcing-artifact-attestations-with-a-kubernetes-admission-controller.md
Lines changed: 8 additions & 0 deletions b/‎content/actions/security-for-github-actions/using-artifact-attestations/enforcing-artifact-attestations-with-a-kubernetes-admission-controller.md
Lines changed: 8 additions & 0 deletions
diff --git a/‎content/actions/sharing-automations/creating-actions/creating-a-composite-action.md
Lines changed: 1 addition & 1 deletion b/‎content/actions/sharing-automations/creating-actions/creating-a-composite-action.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎content/actions/use-cases-and-examples/building-and-testing/building-and-testing-java-with-maven.md
Lines changed: 1 addition & 1 deletion b/‎content/actions/use-cases-and-examples/building-and-testing/building-and-testing-java-with-maven.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎content/admin/administering-your-instance/administering-your-instance-from-the-command-line/accessing-the-administrative-shell-ssh.md
Lines changed: 1 addition & 1 deletion b/‎content/admin/administering-your-instance/administering-your-instance-from-the-command-line/accessing-the-administrative-shell-ssh.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎content/admin/managing-github-actions-for-your-enterprise/managing-access-to-actions-from-githubcom/about-using-actions-in-your-enterprise.md
Lines changed: 2 additions & 4 deletions b/‎content/admin/managing-github-actions-for-your-enterprise/managing-access-to-actions-from-githubcom/about-using-actions-in-your-enterprise.md
Lines changed: 2 additions & 4 deletions
diff --git a/‎content/admin/monitoring-and-managing-your-instance/monitoring-your-instance/monitoring-using-snmp.md
Lines changed: 1 addition & 1 deletion b/‎content/admin/monitoring-and-managing-your-instance/monitoring-your-instance/monitoring-using-snmp.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎content/codespaces/developing-in-a-codespace/creating-a-codespace-for-a-repository.md
Lines changed: 0 additions & 3 deletions b/‎content/codespaces/developing-in-a-codespace/creating-a-codespace-for-a-repository.md
Lines changed: 0 additions & 3 deletions
diff --git a/‎content/codespaces/developing-in-a-codespace/deleting-a-codespace.md
Lines changed: 1 addition & 1 deletion b/‎content/codespaces/developing-in-a-codespace/deleting-a-codespace.md
Lines changed: 1 addition & 1 deletion
@@ -124,6 +124,7 @@ The following processor architectures are supported for the self-hosted runner a
 
 ## Supported actions on self-hosted runners
 
+All `actions/setup-LANGUAGE` action repositories currently support three platforms: macOS, Windows, and Ubuntu.
 Some extra configuration might be required to use actions from {% data variables.product.github %} with {% data variables.product.prodname_ghe_server %}, or to use the `actions/setup-LANGUAGE` actions with self-hosted runners that do not have internet access. For more information, see [AUTOTITLE](/admin/github-actions/managing-access-to-actions-from-githubcom) and contact your {% data variables.product.prodname_enterprise %} site administrator.
 
 {% endif %}
 
@@ -49,7 +49,8 @@ The scripts are automatically executed when the runner has the following environ
 * `ACTIONS_RUNNER_HOOK_JOB_STARTED`: The script defined in this environment variable is triggered when a job has been assigned to a runner, but before the job starts running.
 * `ACTIONS_RUNNER_HOOK_JOB_COMPLETED`: The script defined in this environment variable is triggered at the end of the job, after all the steps defined in the workflow have run.
 
-To set these environment variables, you can either add them to the operating system, or add them to a file named `.env` within the self-hosted runner application directory (that is, the directory into which you downloaded and unpacked the runner software). For example, the following `.env` entry will have the runner automatically run a script, saved as `/opt/runner/cleanup_script.sh` on the runner machine, before each job runs:
+To set these environment variables, you can either add them to the operating system, or add them to a file named `.env` within the self-hosted runner application directory (that is, the directory into which you downloaded and unpacked the runner software). Note that any change to the `.env` file will require restarting the runner.  
+For example, the following `.env` entry will have the runner automatically run a script, saved as `/opt/runner/cleanup_script.sh` on the runner machine, before each job runs:
 
 ```bash
 ACTIONS_RUNNER_HOOK_JOB_STARTED=/opt/runner/cleanup_script.sh
 
@@ -17,7 +17,7 @@ shortTitle: Use runners in a workflow
 
 You can target self-hosted runners for use in a workflow based on the labels assigned to the runners{% ifversion target-runner-groups %}, or their group membership, or a combination of these{% endif %}.
 
->[!NOTE]Actions Runner Controller does not support multiple labels, only the name of the runner can be used in place of a label
+>[!IMPORTANT]Runner Scale Sets do not support multiple labels, only the name of the runner can be used in place of a label. See [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners-with-actions-runner-controller/deploying-runner-scale-sets-with-actions-runner-controller).
 
 ## About self-hosted runner labels
 
@@ -109,9 +109,9 @@ These labels operate cumulatively, so a self-hosted runner must have all four la
 
 ## Routing precedence for self-hosted runners
 
-When routing a job to a self-hosted runner, {% data variables.product.prodname_dotcom %} looks for a runner that matches the job's `runs-on` labels{% ifversion target-runner-groups %} and/or groups{% endif %}:
+When routing a job to a self-hosted runner, {% data variables.product.prodname_dotcom %} looks for a runner that matches the job's `runs-on` labels{% ifversion target-runner-groups %} and groups{% endif %}:
 
-* If {% data variables.product.prodname_dotcom %} finds an online and idle runner that matches the job's `runs-on` labels{% ifversion target-runner-groups %} and/or groups{% endif %}, the job is then assigned and sent to the runner.
+* If {% data variables.product.prodname_dotcom %} finds an online and idle runner that matches the job's `runs-on` labels{% ifversion target-runner-groups %} and groups{% endif %}, the job is then assigned and sent to the runner.
   * If the runner doesn't pick up the assigned job within 60 seconds, the job is re-queued so that a new runner can accept it.
-* If {% data variables.product.prodname_dotcom %} doesn't find an online and idle runner that matches the job's `runs-on` labels {% ifversion target-runner-groups %} and/or groups{% endif %}, then the job will remain queued until a runner comes online.
+* If {% data variables.product.prodname_dotcom %} doesn't find an online and idle runner that matches the job's `runs-on` labels {% ifversion target-runner-groups %} and groups{% endif %}, then the job will remain queued until a runner comes online.
 * If the job remains queued for more than 24 hours, the job will fail.
@@ -66,7 +66,7 @@ For more information on reviewing jobs that reference an environment with requir
 
 ### Wait timer
 
-Use a wait timer to delay a job for a specific amount of time after the job is initially triggered. The time (in minutes) must be an integer between 1 and 43,200 (30 days).
+Use a wait timer to delay a job for a specific amount of time after the job is initially triggered. The time (in minutes) must be an integer between 1 and 43,200 (30 days). Wait time will not count towards your billable time.
 
 {% ifversion fpt %}
 
 
@@ -183,13 +183,7 @@ The concurrent jobs and workflow execution times in {% data variables.product.pr
 
 ### Using different languages in {% data variables.product.prodname_actions %}
 
-When working with different languages in {% data variables.product.prodname_actions %}, you can create a step in your job to set up your language dependencies. For more information about working with a particular language, see the specific guide:
-* [Building and testing Node.js](/actions/automating-builds-and-tests/building-and-testing-nodejs)
-* [Building and testing Python](/actions/automating-builds-and-tests/building-and-testing-python)
-* [Building and testing PowerShell](/actions/automating-builds-and-tests/building-and-testing-powershell)
-* [Building and testing Java with Maven](/actions/automating-builds-and-tests/building-and-testing-java-with-maven)
-* [Building and testing Java with Gradle](/actions/automating-builds-and-tests/building-and-testing-java-with-gradle)
-* [Building and testing Java with Ant](/actions/automating-builds-and-tests/building-and-testing-java-with-ant)
+When working with different languages in {% data variables.product.prodname_actions %}, you can create a step in your job to set up your language dependencies. For more information about working with a particular language, see [AUTOTITLE](/actions/use-cases-and-examples/building-and-testing).
 
 ## Executing scripts
 
 
@@ -9,6 +9,8 @@ redirect_from:
   - /actions/security-guides/enforcing-artifact-attestations-with-a-kubernetes-admission-controller
 ---
 
+>[!NOTE] Before proceeding, ensure you have enabled build provenance for container images, including setting the `push-to-registry` attribute in the [`attest-build-provenance` action](https://github.com/actions/attest-build-provenance) as documented in [Generating build provenance for container images](/actions/security-guides/using-artifact-attestations-to-establish-provenance-for-builds#generating-build-provenance-for-container-images). This is required for the Policy Controller to verify the attestation.
+
 ## About Kubernetes admission controller
 
 [Artifact attestations](/actions/security-guides/using-artifact-attestations-to-establish-provenance-for-builds) enable you to create unfalsifiable provenance and integrity guarantees for the software you build. In turn, people who consume your software can verify where and how your software was built.
@@ -19,6 +21,12 @@ Using the open source [Sigstore Policy Controller](https://docs.sigstore.dev/pol
 
 To [install the controller](#getting-started-with-kubernetes-admission-controller), we offer [two Helm charts](https://github.com/github/artifact-attestations-helm-charts): one for deploying the Sigstore Policy Controller, and another for loading the GitHub trust root and a default policy.
 
+### About image verification
+
+When the Policy Controller is installed, it will intercept all image pull requests and verify the attestation for the image. The attestation must be stored in the image registry as an [OCI attached artifact](https://oras.land/docs/concepts/reftypes/) containing a [Sigstore Bundle](https://docs.sigstore.dev/about/bundle/) which contains the attestation and cryptographic material (e.g. certificates and signatures) used to verify the attestation. A verification process is then performed that ensures the image was built with the specified build provenance and matches any policies enabled by the cluster administrator.
+
+In order for an image to be verifiable, it must have a valid provenance attestation in the registry, which can be done by enabling the `push-to-registry: true` attribute in the `actions/attest-build-provenance` action. See [Generating build provenance for container images](/actions/security-guides/using-artifact-attestations-to-establish-provenance-for-builds#generating-build-provenance-for-container-images) for more details on how to generate attestations for container images.
+
 ### About trust roots and policies
 
 The Sigstore Policy Controller is primarily configured with trust roots and policies, represented by the Custom Resources `TrustRoot` and `ClusterImagePolicy`. A `TrustRoot` represents a trusted distribution channel for the public key material used to verify attestations. A `ClusterImagePolicy` represents a policy for enforcing attestations on images.
 
@@ -155,7 +155,7 @@ Before you begin, you'll create a repository on {% data variables.product.github
 
 The following workflow code uses the completed hello world action that you made in [AUTOTITLE](/actions/creating-actions/creating-a-composite-action#creating-an-action-metadata-file).
 
-Copy the workflow code into a `.github/workflows/main.yml` file in another repository, replacing `actions` and `SHA` with the repository owner and the SHA of the commit you want to use, respectively. You can also replace the `who-to-greet` input with your name.
+Copy the workflow code into a `.github/workflows/main.yml` file in another repository, replacing `OWNER` and `SHA` with the repository owner and the SHA of the commit you want to use, respectively. You can also replace the `who-to-greet` input with your name.
 
 ```yaml copy
 on: [push]
 
@@ -117,7 +117,7 @@ You can cache your dependencies to speed up your workflow runs. After a successf
 ```yaml copy
 steps:
   - uses: {% data reusables.actions.action-checkout %}
-  - name: Set up JDK 11
+  - name: Set up JDK 17
     uses: {% data reusables.actions.action-setup-java %}
     with:
       java-version: '17'
 
@@ -66,7 +66,7 @@ Host HOSTNAME
 
 ## Accessing the administrative shell using the local console
 
-In an emergency situation, for example if SSH is unavailable, you can access the administrative shell locally. Sign in as the `admin` user and use the password established during initial setup of {% data variables.product.prodname_ghe_server %}.
+In an emergency situation, for example if SSH is unavailable, you can access the administrative shell locally if your hypervisor provides console access. Press `Alt` + `F2` to switch to an interactive prompt, then sign in as the `admin` user and use the password established during initial setup of {% data variables.product.prodname_ghe_server %}.
 
 ## Access limitations for the administrative shell
 
 
@@ -45,21 +45,19 @@ Each action is a repository in the `actions` organization, and each action repos
 
 > [!NOTE]
 > * When using setup actions (such as `actions/setup-LANGUAGE`) on {% data variables.product.product_name %} with self-hosted runners, you might need to set up the tools cache on runners that do not have internet access. For more information, see [AUTOTITLE](/admin/github-actions/managing-access-to-actions-from-githubcom/setting-up-the-tool-cache-on-self-hosted-runners-without-internet-access).
+> * All `actions/setup-LANGUAGE` action repositories currently support three platforms: macOS, Windows, and Ubuntu.
 > * When {% data variables.product.product_name %} is updated, bundled actions are automatically replaced with default versions in the upgrade package.
+> * Being bundled with {% data variables.product.prodname_ghe_server %} means the action is available within that environment, but it doesn’t automatically guarantee compatibility with all platforms or self-hosted runners.
 
 ## Configuring access to actions on {% data variables.product.prodname_dotcom_the_website %}
 
 {% data reusables.actions.access-actions-on-dotcom %}
 
 The recommended approach is to enable automatic access to all actions from {% data variables.product.prodname_dotcom_the_website %}. You can do this by using {% data variables.product.prodname_github_connect %} to integrate {% data variables.product.product_name %} with {% data variables.product.prodname_ghe_cloud %}. For more information, see [AUTOTITLE](/admin/github-actions/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect).
 
-{% ifversion ghes %}
-
 > [!NOTE]
 > Before you can configure access to actions on {% data variables.product.prodname_dotcom_the_website %}, you must configure {% data variables.location.product_location %} to use {% data variables.product.prodname_actions %}. For more information, see [AUTOTITLE](/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/getting-started-with-github-actions-for-github-enterprise-server).
 
-{% endif %}
-
 {% data reusables.actions.self-hosted-runner-networking-to-dotcom %}
 
 {% data reusables.actions.enterprise-limit-actions-use %}
 
@@ -20,7 +20,7 @@ topics:
 ---
 SNMP is a common standard for monitoring devices over a network. We strongly recommend enabling SNMP so you can monitor the health of {% data variables.location.product_location %} and know when to add more memory, storage, or processor power to the host machine.
 
-{% data variables.product.prodname_enterprise %} has a standard SNMP installation, so you can take advantage of the [many plugins](https://www.monitoring-plugins.org/doc/man/check_snmp.html) available for Nagios or for any other monitoring system.
+{% data variables.product.prodname_enterprise %} has a standard SNMP installation, so you can take advantage of the [many plugins](https://nagios-plugins.org/doc/man/check_snmp.html) available for Nagios or for any other monitoring system.
 
 ## Configuring SNMP v2c
 
 
@@ -42,9 +42,6 @@ Organizations can enable members and outside collaborators to create and use cod
 
 {% data reusables.codespaces.starting-new-project-template %} For more information, see [AUTOTITLE](/codespaces/developing-in-a-codespace/creating-a-codespace-from-a-template).
 
-> [!NOTE]
-> If you use a JetBrains IDE, you can use {% data variables.product.prodname_cli %} to create a codespace. You can then use the JetBrains Gateway application to open the codespace in a JetBrains IDE. For more information, see [AUTOTITLE](/codespaces/developing-in-a-codespace/using-github-codespaces-in-your-jetbrains-ide).
-
 If you create a codespace from a repository, the codespace will be associated with a specific branch, which cannot be empty. You can create more than one codespace per repository or even per branch.
 
 {% data reusables.codespaces.you-can-see-all-your-codespaces %}
 
@@ -28,7 +28,7 @@ You can manually delete a codespace in a variety of ways:
 Use the tabs at the top of this article to display instructions for each of these ways of deleting a codespace.
 
 > [!NOTE]
-> You can't delete a codespace from within the JetBrains Gateway, or the JetBrains client application, or from within JupyterLab.
+> You can't delete a codespace from within JupyterLab.
 
 ## Why you should delete unused codespaces