github
diff --git a/‎translations/log/msft-cn-resets.csv
Lines changed: 18 additions & 1 deletion b/‎translations/log/msft-cn-resets.csv
Lines changed: 18 additions & 1 deletion
diff --git a/‎translations/zh-CN/content/admin/configuration/configuring-network-settings/enabling-subdomain-isolation.md
Lines changed: 5 additions & 0 deletions b/‎translations/zh-CN/content/admin/configuration/configuring-network-settings/enabling-subdomain-isolation.md
Lines changed: 5 additions & 0 deletions
diff --git a/‎translations/zh-CN/content/admin/configuration/configuring-your-enterprise/accessing-the-management-console.md
Lines changed: 4 additions & 3 deletions b/‎translations/zh-CN/content/admin/configuration/configuring-your-enterprise/accessing-the-management-console.md
Lines changed: 4 additions & 3 deletions
diff --git a/‎translations/zh-CN/content/admin/configuration/configuring-your-enterprise/command-line-utilities.md
Lines changed: 56 additions & 2 deletions b/‎translations/zh-CN/content/admin/configuration/configuring-your-enterprise/command-line-utilities.md
Lines changed: 56 additions & 2 deletions
diff --git a/‎translations/zh-CN/content/admin/configuration/configuring-your-enterprise/configuring-rate-limits.md
Lines changed: 13 additions & 0 deletions b/‎translations/zh-CN/content/admin/configuration/configuring-your-enterprise/configuring-rate-limits.md
Lines changed: 13 additions & 0 deletions
@@ -63,6 +63,7 @@ translations/zh-CN/content/admin/identity-and-access-management/using-enterprise
 translations/zh-CN/content/admin/identity-and-access-management/using-enterprise-managed-users-and-saml-for-iam/configuring-scim-provisioning-for-enterprise-managed-users.md,file deleted because it no longer exists in main
 translations/zh-CN/content/admin/identity-and-access-management/using-enterprise-managed-users-and-saml-for-iam/index.md,file deleted because it no longer exists in main
 translations/zh-CN/content/admin/identity-and-access-management/using-enterprise-managed-users-and-saml-for-iam/managing-team-memberships-with-identity-provider-groups.md,file deleted because it no longer exists in main
+translations/zh-CN/content/admin/identity-and-access-management/using-saml-for-enterprise-iam/configuring-user-provisioning-for-your-enterprise.md,file deleted because it no longer exists in main
 translations/zh-CN/content/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-advanced-security-in-your-enterprise.md,file deleted because it no longer exists in main
 translations/zh-CN/content/admin/policies/enforcing-policies-for-your-enterprise/enforcing-project-board-policies-in-your-enterprise.md,file deleted because it no longer exists in main
 translations/zh-CN/content/admin/user-management/managing-organizations-in-your-enterprise/managing-unowned-organizations-in-your-enterprise.md,file deleted because it no longer exists in main
@@ -202,6 +203,7 @@ translations/zh-CN/content/sponsors/receiving-sponsorships-through-github-sponso
 translations/zh-CN/data/glossaries/internal.yml,file deleted because it no longer exists in main
 translations/zh-CN/data/graphql/ghes-3.1/graphql_previews.enterprise.yml,file deleted because it no longer exists in main
 translations/zh-CN/data/reusables/actions/link-to-example-library.md,file deleted because it no longer exists in main
+translations/zh-CN/data/reusables/actions/perform-blob-storage-precheck.md,file deleted because it no longer exists in main
 translations/zh-CN/data/reusables/actions/self-hosted-runner-configure-runner-group.md,file deleted because it no longer exists in main
 translations/zh-CN/data/reusables/actions/self-hosted-runner-groups-navigate-to-repo-org-enterprise.md,file deleted because it no longer exists in main
 translations/zh-CN/data/reusables/apps/metadata-permissions.md,file deleted because it no longer exists in main
@@ -404,6 +406,8 @@ translations/zh-CN/content/admin/enterprise-management/updating-the-virtual-mach
 translations/zh-CN/content/admin/github-actions/advanced-configuration-and-troubleshooting/backing-up-and-restoring-github-enterprise-server-with-github-actions-enabled.md,broken liquid tags
 translations/zh-CN/content/admin/github-actions/advanced-configuration-and-troubleshooting/troubleshooting-github-actions-for-your-enterprise.md,rendering error
 translations/zh-CN/content/admin/github-actions/advanced-configuration-and-troubleshooting/using-a-staging-environment.md,broken liquid tags
+translations/zh-CN/content/admin/github-actions/enabling-github-actions-for-github-enterprise-server/enabling-github-actions-with-amazon-s3-storage.md,broken liquid tags
+translations/zh-CN/content/admin/github-actions/enabling-github-actions-for-github-enterprise-server/enabling-github-actions-with-azure-blob-storage.md,broken liquid tags
 translations/zh-CN/content/admin/github-actions/enabling-github-actions-for-github-enterprise-server/enabling-github-actions-with-minio-gateway-for-nas-storage.md,broken liquid tags
 translations/zh-CN/content/admin/github-actions/enabling-github-actions-for-github-enterprise-server/managing-self-hosted-runners-for-dependabot-updates.md,rendering error
 translations/zh-CN/content/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/about-github-actions-for-enterprises.md,rendering error
@@ -439,7 +443,6 @@ translations/zh-CN/content/admin/identity-and-access-management/using-saml-for-e
 translations/zh-CN/content/admin/identity-and-access-management/using-saml-for-enterprise-iam/configuring-authentication-and-provisioning-for-your-enterprise-using-azure-ad.md,broken liquid tags
 translations/zh-CN/content/admin/identity-and-access-management/using-saml-for-enterprise-iam/configuring-authentication-and-provisioning-for-your-enterprise-using-okta.md,broken liquid tags
 translations/zh-CN/content/admin/identity-and-access-management/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise.md,broken liquid tags
-translations/zh-CN/content/admin/identity-and-access-management/using-saml-for-enterprise-iam/configuring-user-provisioning-for-your-enterprise.md,broken liquid tags
 translations/zh-CN/content/admin/identity-and-access-management/using-saml-for-enterprise-iam/enabling-encrypted-assertions.md,broken liquid tags
 translations/zh-CN/content/admin/identity-and-access-management/using-saml-for-enterprise-iam/index.md,broken liquid tags
 translations/zh-CN/content/admin/identity-and-access-management/using-saml-for-enterprise-iam/saml-configuration-reference.md,broken liquid tags
@@ -747,6 +750,12 @@ translations/zh-CN/content/graphql/guides/introduction-to-graphql.md,broken liqu
 translations/zh-CN/content/graphql/guides/managing-enterprise-accounts.md,rendering error
 translations/zh-CN/content/graphql/guides/migrating-from-rest-to-graphql.md,broken liquid tags
 translations/zh-CN/content/graphql/overview/about-the-graphql-api.md,rendering error
+translations/zh-CN/content/graphql/reference/enums.md,broken liquid tags
+translations/zh-CN/content/graphql/reference/input-objects.md,broken liquid tags
+translations/zh-CN/content/graphql/reference/interfaces.md,broken liquid tags
+translations/zh-CN/content/graphql/reference/mutations.md,broken liquid tags
+translations/zh-CN/content/graphql/reference/objects.md,broken liquid tags
+translations/zh-CN/content/graphql/reference/unions.md,broken liquid tags
 translations/zh-CN/content/issues/organizing-your-work-with-project-boards/managing-project-boards/about-project-boards.md,broken liquid tags
 translations/zh-CN/content/issues/planning-and-tracking-with-projects/automating-your-project/automating-projects-using-actions.md,broken liquid tags
 translations/zh-CN/content/issues/planning-and-tracking-with-projects/automating-your-project/using-the-api-to-manage-projects.md,broken liquid tags
@@ -951,6 +960,7 @@ translations/zh-CN/data/reusables/actions/enterprise-common-prereqs.md,broken li
 translations/zh-CN/data/reusables/actions/enterprise-http-proxy.md,broken liquid tags
 translations/zh-CN/data/reusables/actions/enterprise-marketplace-actions.md,broken liquid tags
 translations/zh-CN/data/reusables/actions/enterprise-postinstall-nextsteps.md,broken liquid tags
+translations/zh-CN/data/reusables/actions/enterprise-storage-ha-backups.md,broken liquid tags
 translations/zh-CN/data/reusables/actions/github-connect-resolution.md,broken liquid tags
 translations/zh-CN/data/reusables/actions/ip-allow-list-self-hosted-runners.md,broken liquid tags
 translations/zh-CN/data/reusables/actions/jobs/section-defining-outputs-for-jobs.md,broken liquid tags
@@ -1068,6 +1078,7 @@ translations/zh-CN/data/reusables/getting-started/enforcing-repo-management-poli
 translations/zh-CN/data/reusables/getting-started/enterprise-advanced-security.md,broken liquid tags
 translations/zh-CN/data/reusables/getting-started/managing-enterprise-members.md,broken liquid tags
 translations/zh-CN/data/reusables/git/git-push.md,broken liquid tags
+translations/zh-CN/data/reusables/github-ae/saml-idp-table.md,broken liquid tags
 translations/zh-CN/data/reusables/identity-and-permissions/ip-allow-lists-enable.md,broken liquid tags
 translations/zh-CN/data/reusables/identity-and-permissions/vigilant-mode-beta-note.md,broken liquid tags
 translations/zh-CN/data/reusables/large_files/storage_assets_location.md,broken liquid tags
@@ -1093,6 +1104,8 @@ translations/zh-CN/data/reusables/package_registry/packages-billing.md,broken li
 translations/zh-CN/data/reusables/package_registry/required-scopes.md,broken liquid tags
 translations/zh-CN/data/reusables/pages/build-failure-email-server.md,broken liquid tags
 translations/zh-CN/data/reusables/pages/emu-org-only.md,broken liquid tags
+translations/zh-CN/data/reusables/pages/new-or-existing-repo.md,broken liquid tags
+translations/zh-CN/data/reusables/pages/pages-about-publishing-source.md,broken liquid tags
 translations/zh-CN/data/reusables/pages/sidebar-pages.md,rendering error
 translations/zh-CN/data/reusables/projects/enable-basic-workflow.md,broken liquid tags
 translations/zh-CN/data/reusables/pull_requests/configure_pull_request_merges_intro.md,broken liquid tags
@@ -1118,13 +1131,16 @@ translations/zh-CN/data/reusables/saml/about-authorized-credentials.md,broken li
 translations/zh-CN/data/reusables/saml/about-linked-identities.md,broken liquid tags
 translations/zh-CN/data/reusables/saml/about-saml-access-enterprise-account.md,broken liquid tags
 translations/zh-CN/data/reusables/saml/authorized-creds-info.md,broken liquid tags
+translations/zh-CN/data/reusables/saml/create-a-machine-user.md,broken liquid tags
 translations/zh-CN/data/reusables/saml/must-authorize-linked-identity.md,broken liquid tags
+translations/zh-CN/data/reusables/saml/okta-ae-sso-beta.md,broken liquid tags
 translations/zh-CN/data/reusables/saml/you-must-periodically-authenticate.md,rendering error
 translations/zh-CN/data/reusables/scim/enterprise-account-scim.md,broken liquid tags
 translations/zh-CN/data/reusables/scim/supported-idps.md,broken liquid tags
 translations/zh-CN/data/reusables/search/syntax_tips.md,broken liquid tags
 translations/zh-CN/data/reusables/secret-scanning/enterprise-enable-secret-scanning.md,broken liquid tags
 translations/zh-CN/data/reusables/secret-scanning/partner-secret-list-private-repo.md,rendering error
+translations/zh-CN/data/reusables/secret-scanning/partner-secret-list-public-repo.md,broken liquid tags
 translations/zh-CN/data/reusables/secret-scanning/push-protection-web-ui-choice.md,broken liquid tags
 translations/zh-CN/data/reusables/secret-scanning/secret-list-private-push-protection.md,rendering error
 translations/zh-CN/data/reusables/security-overview/permissions.md,rendering error
@@ -1154,3 +1170,4 @@ translations/zh-CN/data/reusables/webhooks/pull_request_webhook_properties.md,br
 translations/zh-CN/data/reusables/webhooks/repository_vulnerability_alert_short_desc.md,broken liquid tags
 translations/zh-CN/data/reusables/webhooks/workflow_run_properties.md,broken liquid tags
 translations/zh-CN/data/variables/product.yml,broken liquid tags
+translations/zh-CN/data/variables/projects.yml,broken liquid tags
@@ -32,7 +32,12 @@ When subdomain isolation is enabled, {% data variables.product.prodname_ghe_serv
 | `http(s)://HOSTNAME/media/`       | `http(s)://media.HOSTNAME/`       |
 | `http(s)://HOSTNAME/pages/`       | `http(s)://pages.HOSTNAME/`       |
 | `http(s)://HOSTNAME/raw/`         | `http(s)://raw.HOSTNAME/`         |
+{%- ifversion viewscreen-and-notebooks %}
+| `http(s)://HOSTNAME/viewscreen/`  | `http(s)://viewscreen.HOSTNAME/`  |
+| `http(s)://HOSTNAME/notebooks/`   | `http(s)://notebooks.HOSTNAME/`   |
+{%- else %}
 | `http(s)://HOSTNAME/render/`      | `http(s)://render.HOSTNAME/`      |
+{%- endif %}
 | `http(s)://HOSTNAME/reply/`       | `http(s)://reply.HOSTNAME/`       |
 | `http(s)://HOSTNAME/uploads/`     | `http(s)://uploads.HOSTNAME/`     | {% ifversion ghes %}
 | `https://HOSTNAME/` | `http(s)://docker.HOSTNAME/`{% endif %}{% ifversion ghes %}
 
@@ -23,14 +23,15 @@ shortTitle: Access the management console
 
 Use the {% data variables.enterprise.management_console %} for basic administrative activities:
 - **Initial setup**: Walk through the initial setup process when first launching {% data variables.location.product_location %} by visiting {% data variables.location.product_location %}'s IP address in your browser.
+- **Configuring authentication policies for the {% data variables.enterprise.management_console %}**: Set rate limits for login attempts, and the lockout duration if someone exceeds the rate limit. 
 - **Configuring basic settings for your instance**: Configure DNS, hostname, SSL, user authentication, email, monitoring services, and log forwarding on the Settings page.
 - **Scheduling maintenance windows**: Take {% data variables.location.product_location %} offline while performing maintenance using the {% data variables.enterprise.management_console %} or administrative shell.
 - **Troubleshooting**: Generate a support bundle or view high level diagnostic information.
 - **License management**: View or update your {% data variables.product.prodname_enterprise %} license.
 
 You can always reach the {% data variables.enterprise.management_console %} using {% data variables.location.product_location %}'s IP address, even when the instance is in maintenance mode, or there is a critical application failure or hostname or SSL misconfiguration.
 
-To access the {% data variables.enterprise.management_console %}, you must use the administrator password established during initial setup of {% data variables.location.product_location %}. You must also be able to connect to the virtual machine host on port 8443. If you're having trouble reaching the {% data variables.enterprise.management_console %}, please check intermediate firewall and security group configurations.
+To access the {% data variables.enterprise.management_console %}, you must use the administrator password established during initial setup of {% data variables.location.product_location %}. You must also be able to connect to the virtual machine host on port 8443. If you're having trouble reaching the {% data variables.enterprise.management_console %}, please check intermediate firewall and security group configurations. 
 
 The {% data variables.enterprise.management_console %} password hash is stored in `/data/user/common/secrets.conf`, and that file is automatically synced from the primary appliance to any high-availability replicas. Any change to the primary's password will automatically be replicated to high-availability replicas. For more information about high availability, see "[About high availability configuration](/admin/enterprise-management/configuring-high-availability/about-high-availability-configuration)."
 
@@ -52,9 +53,9 @@ The first time that you access the {% data variables.enterprise.management_conso
 
 ## Unlocking the {% data variables.enterprise.management_console %} after failed login attempts
 
-The {% data variables.enterprise.management_console %} locks after ten failed login attempts are made in the span of ten minutes. You must wait for the login screen to automatically unlock before attempting to log in again. The login screen automatically unlocks as soon as the previous ten minute period contains fewer than ten failed login attempts. The counter resets after a successful login occurs.
+The {% data variables.enterprise.management_console %} locks after {% ifversion enterprise-authentication-rate-limits %}the number of failed login attempts configured by your authentication policies. For more information, see "[Configuring authentication policy rate limits](/admin/configuration/configuring-your-enterprise/configuring-rate-limits#configuring-authentication-policy-rate-limits)".{% else %}ten failed login attempts are made in the span of ten minutes. You must wait for the login screen to automatically unlock before attempting to log in again. The login screen automatically unlocks as soon as the previous ten minute period contains fewer than ten failed login attempts. The counter resets after a successful login occurs.{% endif %}
 
-To immediately unlock the {% data variables.enterprise.management_console %}, use the `ghe-reactivate-admin-login` command via the administrative shell. For more information, see "[Command line utilities](/enterprise/admin/guides/installation/command-line-utilities#ghe-reactivate-admin-login)" and "[Accessing the administrative shell (SSH)](/enterprise/admin/guides/installation/accessing-the-administrative-shell-ssh/)."
+{% data reusables.enterprise_management_console.unlocking-management-console-with-shell %}
 
 ## Troubleshooting failed connections to the {% data variables.enterprise.management_console %}
 
 
@@ -282,7 +282,7 @@ ghe-org-admin-promote -a
 
 ### ghe-reactivate-admin-login
 
-Use this command to immediately unlock the {% data variables.enterprise.management_console %} after 10 failed login attempts in the span of 10 minutes.
+Use this command to immediately unlock the {% data variables.enterprise.management_console %} after {% ifversion enterprise-authentication-rate-limits %}an account lockout. To configure authentication policies for {% data variables.location.product_location %}, see "[Configuring authentication policy rate limits](/admin/configuration/configuring-your-enterprise/configuring-rate-limits#configuring-authentication-policy-rate-limits)".{% else %}10 failed login attempts in the span of 10 minutes.{% endif %}
 
 ```shell
 $ ghe-reactivate-admin-login
@@ -314,6 +314,60 @@ This utility lists all of the services that have been started or stopped (are ru
 
 ```shell
 $ ghe-service-list
+{% ifversion viewscreen-and-notebooks %}
+active
+  - alambic
+  - alive
+  - aqueduct-lite
+  - authzd
+  - babeld
+  - codeload
+  - consul, process 17114
+  - consul-template, process 19493
+  - driftwood
+  - elasticsearch
+  - enterprise-manage-unicorn, process 9359
+  - ghe-user-disk, process 2545
+  - git-daemon
+  - github-env
+  - github-gitauth
+  - github-resqued
+  - github-stream-processors
+  - github-timerd
+  - github-unicorn
+  - gitrpcd
+  - governor
+  - gpgverify
+  - grafana-server, process 19314
+  - graphite-web, process 20189
+  - hookshot-go
+  - kafka-lite
+  - kredz
+  - lfs-server
+  - mail-replies
+  - memcached
+  - minio
+  - mysql
+  - nginx
+  - nomad, process 19562
+  - pages
+  - postfix
+  - redis
+  - spokesd
+  - spokes-sweeper
+  - svnbridge
+  - token-scanning-api
+  - token-scanning-backfill-worker
+  - token-scanning-hydro-consumer
+  - token-scanning-incremental-worker
+  - token-scanning-udp-backfill-worker
+  - treelights
+  - turboscan
+  - viewscreen
+
+inactive
+  - wireguard
+{% else %}
 start/running
   - github-resqued, process 12711
   - github-unicorn, process 12726
@@ -330,9 +384,9 @@ start/running
   - ghe-storage, process 2012
   - enterprise-manage-unicorn, process 2024
   - enterprise-manage-resque, process 2053
-
 stop/waiting
   - ghe-replica-mode
+  {% endif %}
 ```
 
 ### ghe-set-password
 
@@ -34,6 +34,19 @@ You can exempt a list of users from API rate limits using the `ghe-config` utili
 3. Type limits for authenticated and unauthenticated requests for each API, or accept the pre-filled default limits.
 {% data reusables.enterprise_management_console.save-settings %}
 
+{% ifversion enterprise-authentication-rate-limits %}
+## Configuring rate limits for authentication to the {% data variables.enterprise.management_console %}
+
+You can configure the lockout time and login attempt limits for the {% data variables.enterprise.management_console %}. If a user exceeds the login attempt limit, the {% data variables.enterprise.management_console %} will remain locked for the duration set by the lockout time. {% data reusables.enterprise_management_console.unlocking-management-console-with-shell %}
+
+
+{% data reusables.enterprise_site_admin_settings.access-settings %}
+{% data reusables.enterprise_site_admin_settings.management-console %}
+2. Under "Login attempt rate limiting", configure the lockout time and login attempt rate limit or accept the pre-filled default settings.
+![Fields for configuring lockout time and login attempt rate limit](/assets/images/enterprise/management-console/login-attempt-rate-limiting.png)
+{% data reusables.enterprise_management_console.save-settings %}
+
+{% endif %}
 ## Enabling secondary rate limits
 
 Setting secondary rate limits protects the overall level of service on {% data variables.location.product_location %}.