[pull] main from github:main

.github/workflows/test.yml

@@ -58,7 +58,6 @@ jobs:
           - graphql
           - landings
           - languages
-          - learning-track
           # - links
           - observability
           # - open-source

content/README.md

@@ -23,9 +23,9 @@ See the [contributing docs](https://docs.github.com/en/contributing) for general
   - [`changelog`](#changelog)
   - [`defaultPlatform`](#defaultplatform)
   - [`defaultTool`](#defaulttool)
-  - [`learningTracks`](#learningtracks)
-  - [`includeGuides`](#includeguides)
+
   - [`journeyTracks`](#journeytracks)
+  - [`journeyArticlesHeading`](#journeyarticlesheading)
   - [`contentType`](#contenttype)
   - [`communityRedirect`](#communityRedirect)
   - [`effectiveDate`](#effectiveDate)
@@ -40,7 +40,6 @@ See the [contributing docs](https://docs.github.com/en/contributing) for general
   - [Legacy filepaths and redirects for links](#legacy-filepaths-and-redirects-for-links)
   - [Index pages](#index-pages)
   - [Home page](#homepage)
-  - [Creating new product guides pages](#creating-new-product-guides-pages)
 
 ## Frontmatter
 
@@ -230,27 +229,6 @@ defaultPlatform: linux
 defaultTool: cli
 ```
 
-### `learningTracks`
-- Purpose: Render a list of learning tracks on a product's sub-landing page.
-- type: `String`. This should reference learning tracks' names defined in [`data/learning-tracks/*.yml`](../data/learning-tracks/README.md).
-- Optional
-
-**Note: the featured track is set by a specific property in the learning tracks YAML. See that [README](../data/learning-tracks/README.md) for details.*
-
-### `includeGuides`
-- Purpose: Render a list of articles, filterable by `contentType`. Only applicable when used with `layout: product-guides`.
-- Type: `Array`
-- Optional.
-
-Example:
-
-```yaml
-includeGuides:
-  - /actions/guides/about-continuous-integration
-  - /actions/guides/setting-up-continuous-integration-using-workflow-templates
-  - /actions/guides/building-and-testing-nodejs
-  - /actions/guides/building-and-testing-powershell
-```
 
 ### `journeyTracks`
 - Purpose: Define journeys for journey landing pages.
@@ -284,6 +262,24 @@ journeyTracks:
       - href: '/actions/deployment/deploying-with-github-actions'
 ```
 
+### `journeyArticlesHeading`
+- Purpose: Override the default "Articles" heading shown above the article list on single-track journey landing pages.
+- Type: `String`
+- Only applicable when used with `layout: journey-landing` and a single journey track.
+- Optional. If omitted, the heading defaults to the translated value of `journey_landing.articles_heading` ("Articles").
+
+Example:
+
+```yaml
+layout: journey-landing
+journeyArticlesHeading: "Guides"
+journeyTracks:
+  - id: ado_migration
+    title: Run your migration
+    guides:
+      - href: /migrations/ado/understand-migrations-from-azure-devops-to-github
+```
+
 ### `contentType`
 - Purpose: Indicate the type of article.
 - Type: `String`, one of `get-started`, `concepts`, `how-tos`, `reference`, `tutorials`, `rai`, `landing` (only applies to `content/<product>/index.md` files).
@@ -433,13 +429,3 @@ The homepage is the main Table of Contents file for the docs site. The homepage
 
 `childGroups` is an array of mappings containing a `name` for the group, an optional `icon` for the group, and an array of `children`.  The `children` in the array must be present in the `children` frontmatter property.
 
-### Creating new product guides pages
-
-To create a product guides page (e.g. [Actions' Guide page](https://docs.github.com/en/actions/guides)), create or modify an existing markdown file with these specific frontmatter values:
-
-1. Use the product guides page template by referencing `layout: product-guides`.
-1. (optional) Include the learning tracks in [`learningTracks`](#learningTracks).
-1. (optional) Define which articles to include with [`includeGuides`](#includeGuides).
-
-If using learning tracks, they need to be defined in [`data/learning-tracks/*.yml`](../data/learning-tracks/README.md).
-If using `includeGuides`, make sure each of the articles in this list has [`contentType`](#contenttype) in its frontmatter.

content/billing/how-tos/set-up-payment/connect-azure-sub.md

@@ -8,6 +8,7 @@ redirect_from:
   - /billing/managing-billing-for-your-github-account/connecting-an-azure-subscription-to-your-enterprise
   - /billing/managing-billing-for-your-github-account/connecting-an-azure-subscription
   - /billing/managing-the-plan-for-your-github-account/connecting-an-azure-subscription
+  - /video-transcripts/transcript-billing-github-consumption-through-an-azure-subscription
 versions:
   fpt: '*'
   ghec: '*'

content/code-security/concepts/secret-security/about-push-protection.md

@@ -18,7 +18,7 @@ category:
 
 ## What is push protection?
 
-Push protection is a {% data variables.product.prodname_secret_scanning %} feature designed to prevent sensitive information, such as secrets or tokens, from ever being pushed to your repository. Unlike {% data variables.product.prodname_secret_scanning %}, which detects secrets after they have been committed, push protection proactively scans your code for secrets during the push process, then blocks the push if any are detected.
+Push protection is a {% data variables.product.prodname_secret_scanning %} feature designed to prevent hardcoded credentials, such as secrets or tokens, from ever being pushed to your repository. Rather than alerting you to credential leaks after the fact, push protection blocks pushes that contain secrets _before_ they reach your repository.
 
 ## How push protection works
 
@@ -74,9 +74,9 @@ If you want greater control over which contributors can bypass push protection a
 
 ## Benefits of push protection
 
-* **Preventative security:** Push protection acts as a frontline defense mechanism by scanning code for secrets at the time of the push. This preventative approach helps to catch potential issues before they are merged into a repository.
+* **Preventative security:** Push protection acts as a frontline defense mechanism by scanning code for hardcoded secrets at the time of the push. This preventative approach helps prevent credential leaks before they become ingrained in the repository's history, making it easier to address and remediate threats.
 * **Immediate feedback:** Developers receive instant feedback if a potential secret is detected during a push attempt. This immediate notification allows for quick remediation, reducing the likelihood of sensitive information being exposed.
-* **Reduced risk of data leaks:** By blocking commits that contain sensitive information, push protection significantly reduces the risk of accidental data leaks. This helps in safeguarding against unauthorized access to your infrastructure, services, and data.
+* **Reduced risk of credential leaks:** By blocking commits that contain hardcoded credentials, push protection significantly reduces the risk of accidental credential leaks and secret sprawl. This helps in safeguarding against potential breaches and maintaining the integrity of the codebase.
 * **Efficient secret management:** Instead of retrospectively dealing with exposed secrets, developers can address issues at the source. This makes secret management more efficient and less time-consuming.
 * **Bypass functionality for flexibility:** For cases where false positives occur or when certain patterns are necessary, you can bypass push protection for users, and designated users can use the delegated bypass feature to bypass push protection for repositories. {% ifversion push-protection-org-enterprise-exemptions %}Additionally, you can exempt trusted actors {% ifversion push-protection-repo-exemptions %}{% else %}at the organization and enterprise levels {% endif %}from push protection entirely. {% endif %}This provides flexibility without compromising overall security.
 * **Ability to detect custom patterns (for repositories in organizations):** Organizations can define custom patterns for detecting secrets unique to their environment. This customization ensures that push protection can effectively identify and block even non-standard secrets.

content/code-security/concepts/secret-security/about-secret-scanning.md

@@ -19,7 +19,7 @@ category:
   - Protect your secrets
 ---
 
-When credentials like API keys and passwords are committed to repositories, they become targets for unauthorized access. {% data variables.product.prodname_secret_scanning_caps %} automatically detects these exposed secrets so you can secure them before they're exploited.
+When credentials like API keys and passwords are committed to repositories as hardcoded secrets, they become targets for unauthorized access. {% data variables.product.prodname_secret_scanning_caps %} automatically detects credential leaks so you can secure them before they're exploited.
 
 {% ifversion secret-risk-assessment %}
 
@@ -32,15 +32,15 @@ When credentials like API keys and passwords are committed to repositories, they
 
 ## How secret scanning protects your code
 
-{% data variables.product.prodname_secret_scanning_caps %} scans your entire Git history on all branches of your repository for API keys, passwords, tokens, and other known secret types. {% data variables.product.github %} also periodically rescans repositories when new secret types are added.
+{% data variables.product.prodname_secret_scanning_caps %} scans your entire Git history on all branches of your repository for hardcoded credentials, including API keys, passwords, tokens, and other known secret types. This helps you identify secret sprawl, the uncontrolled proliferation of credentials across repositories, before it becomes a security risk. {% data variables.product.github %} also periodically rescans repositories when new secret types are added.
 
 {% data variables.product.github %} also automatically scans:
 
 {% data reusables.secret-scanning.what-is-scanned %}
 
 ### {% data variables.product.prodname_secret_scanning_caps %} alerts and remediation
 
-When {% data variables.product.prodname_secret_scanning %} finds a potential secret, {% data variables.product.github %} generates an alert on your repository's **{% data variables.product.prodname_security_and_quality_tab %}** tab with details about the exposed credential.
+When {% data variables.product.prodname_secret_scanning %} detects a credential leak, {% data variables.product.github %} generates an alert on your repository's **{% data variables.product.prodname_security_and_quality_tab %}** tab with details about the exposed credential.
 
 When you receive an alert, rotate the affected credential immediately to prevent unauthorized access. While you can also remove secrets from your Git history, this is time-intensive and often unnecessary if you've already revoked the credential.
 

content/code-security/concepts/secret-security/about-secret-security-with-github.md

@@ -14,7 +14,7 @@ category:
   - Protect your secrets
 ---
 
-Exposed secrets in your repositories can lead to unauthorized access, data breaches, and significant costs to your organization. For details about these risks and how to protect against them, see [AUTOTITLE](/code-security/concepts/secret-security/secret-leakage-risks).
+Hardcoded credentials in your repositories can lead to credential leaks, unauthorized access, data breaches, and significant costs to your organization. For details about these risks and how to protect against them, see [AUTOTITLE](/code-security/concepts/secret-security/secret-leakage-risks).
 
 {% data variables.product.github %} provides tools to help you understand and address your organization's exposure to leaked secrets:
 
@@ -23,7 +23,7 @@ Exposed secrets in your repositories can lead to unauthorized access, data breac
 
 ## Secret risk assessment
 
-The secret risk assessment provides organization owners and security managers with a free point-in-time scan of their organization's repositories to identify leaked secrets like API keys, tokens, and passwords.
+The secret risk assessment provides organization owners and security managers with a free point-in-time scan of their organization's repositories to identify hardcoded credentials like API keys, tokens, and passwords, and understand the extent of secret sprawl across your organization.
 
 {% data variables.secret-scanning.secret-risk-assessment-cta-product %}
 
@@ -52,13 +52,13 @@ Regular assessment helps prevent:
 While the {% data variables.product.prodname_secret_risk_assessment %} provides a point-in-time view of your organization's current secret exposure, {% data variables.product.prodname_GH_secret_protection %}:
 
 * **Implements continuous monitoring** and expands scanned surfaces beyond code to include pull requests, issues, wikis, and discussions
-* **Prevents secret leaks** by blocking commits containing secrets before they are saved to {% data variables.product.github %}
+* **Prevents credential leaks** by blocking commits containing hardcoded secrets before they are saved to {% data variables.product.github %}
 * **Creates actionable alerts** that can be grouped into campaigns and assigned to team members for remediation
 * **Meets your specific needs** by scanning for patterns unique to your organization and unstructured secrets like passwords
 * **Supports governance at scale** with settings dictating who can bypass protections and dismiss alerts
 * **Surfaces key analytics** through a view dedicated to your organization's secret security
 
-Through these features, {% data variables.product.prodname_GH_secret_protection %} provides complete coverage for your organization, reducing the risk of costly secret leaks and high-effort remediation processes.
+Through these features, {% data variables.product.prodname_GH_secret_protection %} provides complete coverage for your organization, reducing the risk of costly credential leaks, secret sprawl, and high-effort remediation.
 
 For more information about the specific features of {% data variables.product.prodname_GH_secret_protection %}, see [AUTOTITLE](/code-security/getting-started/github-security-features#available-with-github-secret-protection).