From 70cec296ced27b18589efb91b5b0a706a54c69a1 Mon Sep 17 00:00:00 2001
From: mc <42146119+mchammer01@users.noreply.github.com>
Date: Wed, 11 Dec 2024 15:46:59 +0000
Subject: [PATCH 1/4] Note limitation for push protection in free public
 repositories (#53555)

Co-authored-by: Courtney Claessens <courtneycl@github.com>
Co-authored-by: Vanessa <vgrl@github.com>
---
 .../secret-scanning/introduction/about-push-protection.md      | 2 ++
 .../troubleshooting-secret-scanning.md                         | 3 ++-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/content/code-security/secret-scanning/introduction/about-push-protection.md b/content/code-security/secret-scanning/introduction/about-push-protection.md
index 0c957edf3e26..dd50bc97f268 100644
--- a/content/code-security/secret-scanning/introduction/about-push-protection.md
+++ b/content/code-security/secret-scanning/introduction/about-push-protection.md
@@ -36,6 +36,8 @@ You can enable push protection:
 
 For information about the secrets and service providers supported by push protection, see "[AUTOTITLE](/code-security/secret-scanning/introduction/supported-secret-scanning-patterns#supported-secrets)."
 
+Push protection has some limitations. For more information, see "[AUTOTITLE](/code-security/secret-scanning/troubleshooting-secret-scanning-and-push-protection/troubleshooting-secret-scanning#push-protection-limitations)."
+
 ## How push protection works
 
 Push protection works:
diff --git a/content/code-security/secret-scanning/troubleshooting-secret-scanning-and-push-protection/troubleshooting-secret-scanning.md b/content/code-security/secret-scanning/troubleshooting-secret-scanning-and-push-protection/troubleshooting-secret-scanning.md
index 554728e9dc17..67bd7665e2e2 100644
--- a/content/code-security/secret-scanning/troubleshooting-secret-scanning-and-push-protection/troubleshooting-secret-scanning.md
+++ b/content/code-security/secret-scanning/troubleshooting-secret-scanning-and-push-protection/troubleshooting-secret-scanning.md
@@ -38,4 +38,5 @@ If your secret is in the supported list, there are various reasons why push prot
 * The version of your secret may be old. {% data reusables.secret-scanning.push-protection-older-tokens %}
 * The push may be too large, for example, if you're trying to push thousands of large files. A push protection scan may time out and not block a user if the push is too large. {% data variables.product.prodname_dotcom %} will still scan and create alerts, if needed, after the push.
 * If the push results in the detection of over five new secrets, we will only show you the first five (we will always show you a maximum of five secrets at one time).
-* If a push contains over 1,000 existing secrets (that is, secrets for which alerts have already been created), push protection will not block the push.
+* If a push contains over 1,000 existing secrets (that is, secrets for which alerts have already been created), push protection will not block the push. {% ifversion fpt or ghec %}
+* If a push in a public repository is larger than 50 MB, push protection will skip it and won't scan it.{% endif %}

From 913668772339137e508e6d198503cf9129fd03cf Mon Sep 17 00:00:00 2001
From: docs-bot <77750099+docs-bot@users.noreply.github.com>
Date: Wed, 11 Dec 2024 08:36:08 -0800
Subject: [PATCH 2/4] Update audit log event data (#53574)

---
 src/audit-logs/lib/config.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/audit-logs/lib/config.json b/src/audit-logs/lib/config.json
index 33c021c99d56..33c6e070be96 100644
--- a/src/audit-logs/lib/config.json
+++ b/src/audit-logs/lib/config.json
@@ -3,5 +3,5 @@
     "apiOnlyEvents": "This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.",
     "apiRequestEvent": "This event is only available via audit log streaming."
   },
-  "sha": "2c40dff92f97e4efcefcfd98ed9e6c9f3d69284b"
+  "sha": "1b079a4c67a6c2eecccbef1d2d465dd62bc2248b"
 }
\ No newline at end of file

From dd6df90cebb58e699e9839227d4cbf0f8b66861e Mon Sep 17 00:00:00 2001
From: Jan Hentschel <jan.hentschel@ultratendency.com>
Date: Wed, 11 Dec 2024 18:43:01 +0100
Subject: [PATCH 3/4] Update supported Terraform version in Dependabot to
 1.10.x (#35614)

---
 data/reusables/dependabot/supported-package-managers.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/data/reusables/dependabot/supported-package-managers.md b/data/reusables/dependabot/supported-package-managers.md
index 71f2ffd6373e..7fd291a749c2 100644
--- a/data/reusables/dependabot/supported-package-managers.md
+++ b/data/reusables/dependabot/supported-package-managers.md
@@ -31,7 +31,7 @@ poetry         | `pip`            | v1               | {% octicon "check" aria-l
 | {% ifversion dependabot-updates-swift-support %} |
 [Swift](#swift)      | `swift`      | v5  | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %} (git only) | {% octicon "x" aria-label="Not supported" %} |
 | {% endif %} |
-[Terraform](#terraform)      | `terraform`      | >= 0.13, <= 1.8.x  | {% octicon "check" aria-label="Supported" %} | {% octicon "x" aria-label="Not supported" %} | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %} | Not applicable |
+[Terraform](#terraform)      | `terraform`      | >= 0.13, <= 1.10.x  | {% octicon "check" aria-label="Supported" %} | {% octicon "x" aria-label="Not supported" %} | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %} | Not applicable |
 | {% ifversion dependabot-yarn-v3-update %} |
 [yarn](#yarn)           | `npm`            | v1, v2, v3       | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %}|{% else %}yarn           | `npm`            | v1               | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %} |  |
 | {% endif %} |

From 6c7a301e69076c521d29ca03bad8008adda5fd04 Mon Sep 17 00:00:00 2001
From: Simon Engledew <simon-engledew@github.com>
Date: Wed, 11 Dec 2024 18:38:01 +0000
Subject: [PATCH 4/4] Add some more info about code scanning ruleset rules
 (#53572)

Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
---
 .../set-code-scanning-merge-protection.md                    | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/content/code-security/code-scanning/managing-your-code-scanning-configuration/set-code-scanning-merge-protection.md b/content/code-security/code-scanning/managing-your-code-scanning-configuration/set-code-scanning-merge-protection.md
index bc9a11df53d9..468dd6eed250 100644
--- a/content/code-security/code-scanning/managing-your-code-scanning-configuration/set-code-scanning-merge-protection.md
+++ b/content/code-security/code-scanning/managing-your-code-scanning-configuration/set-code-scanning-merge-protection.md
@@ -15,7 +15,6 @@ topics:
 ## About using rulesets for {% data variables.product.prodname_code_scanning %} merge protection
 
 > [!NOTE]
-> * This feature is currently in {% data variables.release-phases.public_preview %} and subject to change.
 > * Merge protection with rulesets is not related to status checks. For more information about status checks, see "[AUTOTITLE](/pull-requests/collaborating-with-pull-requests/collaborating-on-repositories-with-code-quality-features/about-status-checks)."
 > * Merge protection with rulesets will not apply to merge queue groups or {% data variables.product.prodname_dependabot %} pull requests analyzed by default setup.
 
@@ -23,6 +22,10 @@ You can use rulesets to prevent pull requests from being merged when one of the
 
 {% data reusables.code-scanning.merge-protection-rulesets-conditions %}
 
+Typically you should use rulesets target long-lived feature branches, where you would like to guarantee that code has been analyzed before pull requests can be merged.
+
+Configuring a {% data variables.product.prodname_code_scanning %} rule will not automatically enable {% data variables.product.prodname_code_scanning %}. For more information about how to enable code scanning, see "[AUTOTITLE](/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning)."
+
 For more information about {% data variables.product.prodname_code_scanning %} alerts, see "[AUTOTITLE](/code-security/code-scanning/managing-code-scanning-alerts/about-code-scanning-alerts)."
 
 You can set merge protection with rulesets at the repository {% ifversion ghec or ghes %}or organization levels{% else %}level{% endif %}, and for repositories configured with either default setup or advanced setup. You can also use the REST API to set merge protection with rulesets.