Reorganize the code scanning docs into map topics that align with use…

…r journeys (#40424) Co-authored-by: Felicity Chapman <felicitymay@github.com>
github · Aug 21, 2023 · 179307d · 179307d
1 parent f97bc7a
commit 179307d
Show file tree

Hide file tree

Showing 92 changed files with 480 additions and 351 deletions.
diff --git a/...runner-controller/deploying-runner-scale-sets-with-actions-runner-controller.md b/...runner-controller/deploying-runner-scale-sets-with-actions-runner-controller.md
@@ -521,7 +521,7 @@ template:
 
 You can use {% data variables.product.prodname_actions_runner_controller %} to create dedicated runners for your GitHub Enterprise Server instance that {% data variables.product.prodname_dependabot %} can use to help secure and maintain the dependencies used in repositories on your enterprise. For more information, see "[AUTOTITLE](/admin/github-actions/enabling-github-actions-for-github-enterprise-server/managing-self-hosted-runners-for-dependabot-updates#system-requirements-for-dependabot-runners)."
 
-You can also use ARC with CodeQL to identify vulnerabilities and errors in your code. For more information, see "[AUTOTITLE](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-with-codeql)."
+You can also use ARC with CodeQL to identify vulnerabilities and errors in your code. For more information, see "[AUTOTITLE](/code-security/code-scanning/introduction-to-code-scanning/about-code-scanning-with-codeql)."
 
 {% data variables.product.prodname_actions_runner_controller %} does not use labels to route jobs to specific runner scale sets. Instead, to designate a runner scale set for {% data variables.product.prodname_dependabot %} updates or code scanning with CodeQL, use a descriptive installation name in your Helm chart, such as `dependabot` or `code-scanning`. You can then set the `runs-on` value in your workflows to the installation name, and use the designated runner scale set for {% data variables.product.prodname_dependabot %} updates or code scanning jobs.
 

diff --git a/content/actions/security-guides/security-hardening-for-github-actions.md b/content/actions/security-guides/security-hardening-for-github-actions.md
@@ -165,7 +165,7 @@ With this approach, the value of the {% raw %}`${{ github.event.issue.title }}`{
 {% data reusables.advanced-security.starter-workflows-beta %}
 {% data variables.product.prodname_code_scanning_caps %} allows you to find security vulnerabilities before they reach production. {% data variables.product.product_name %} provides starter workflows for {% data variables.product.prodname_code_scanning %}. You can use these suggested workflows to construct your {% data variables.product.prodname_code_scanning %} workflows, instead of starting from scratch. {% data variables.product.company_short%}'s workflow, the {% data variables.code-scanning.codeql_workflow %}, is powered by {% data variables.product.prodname_codeql %}. There are also third-party starter workflows available.
 
-For more information, see "[AUTOTITLE](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning)" and "[AUTOTITLE](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-advanced-setup-for-code-scanning#configuring-code-scanning-using-third-party-actions)."
+For more information, see "[AUTOTITLE](/code-security/code-scanning/introduction-to-code-scanning/about-code-scanning)" and "[AUTOTITLE](/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/configuring-advanced-setup-for-code-scanning#configuring-code-scanning-using-third-party-actions)."
 
 {% endif %}
 

diff --git a/...eviewing-audit-logs-for-your-enterprise/audit-log-events-for-your-enterprise.md b/...eviewing-audit-logs-for-your-enterprise/audit-log-events-for-your-enterprise.md
@@ -1128,7 +1128,7 @@ Before you'll see `git` category actions, you must enable Git events in the audi
 | `repo.clear_actions_settings` | A repository administrator cleared {% data variables.product.prodname_actions %} policy settings for a repository.
 | `repo.code_scanning_analysis_deleted` | Code scanning analysis for a repository was deleted. For more information, see "[AUTOTITLE](/rest/code-scanning#delete-a-code-scanning-analysis-from-a-repository)."
 {%- ifversion remove-code-scanning-configurations %}
-| `repo.code_scanning_configuration_for_branch_deleted` | A {% data variables.product.prodname_code_scanning %} configuration for a branch of a repository was deleted. For more information, see "[AUTOTITLE](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/managing-code-scanning-alerts-for-your-repository#removing-stale-configurations-and-alerts-from-a-branch)."
+| `repo.code_scanning_configuration_for_branch_deleted` | A {% data variables.product.prodname_code_scanning %} configuration for a branch of a repository was deleted. For more information, see "[AUTOTITLE](/code-security/code-scanning/managing-code-scanning-alerts/managing-code-scanning-alerts-for-your-repository#removing-stale-configurations-and-alerts-from-a-branch)."
 {%- endif %}
 | `repo.config`         | A repository administrator blocked force pushes. For more information, see "[AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise)."
 {%- ifversion fpt or ghec %}

diff --git a/...aging-billing-for-github-marketplace-apps/canceling-a-github-marketplace-app.md b/...aging-billing-for-github-marketplace-apps/canceling-a-github-marketplace-app.md
@@ -59,13 +59,12 @@ When you cancel a free trial on a paid plan, your subscription is immediately ca
 {% data reusables.marketplace.cancel-free-trial-billing-settings %}
 {% data reusables.marketplace.cancel-app %}
 
-
 ## Canceling an app in your enterprise
 
 {% data reusables.marketplace.marketplace-enterprise-account %}
 
 {% data reusables.enterprise-accounts.access-enterprise %}
 {% data reusables.enterprise-accounts.billing-tab %}
-1. In the "Marketplace apps" tab, find the app you want to cancel. 
+1. In the "Marketplace apps" tab, find the app you want to cancel.
 1. Next to the organization where you want to cancel the app, select **{% octicon "kebab-horizontal" aria-label="More" %}** and then click **Cancel plan**.
-2. Click **Confirm**.
+1. Click **Confirm**.
diff --git a/...hub-marketplace-apps/upgrading-the-billing-plan-for-a-github-marketplace-app.md b/...hub-marketplace-apps/upgrading-the-billing-plan-for-a-github-marketplace-app.md
@@ -47,10 +47,9 @@ When you upgrade an app, your payment method is charged a prorated amount based
 
 {% data reusables.enterprise-accounts.access-enterprise %}
 {% data reusables.enterprise-accounts.billing-tab %}
-1. In the "Marketplace apps" tab, find the app you want to uprade. 
+1. In the "Marketplace apps" tab, find the app you want to uprade.
 1. Next to the organization where you want to upgrade the app, select **{% octicon "kebab-horizontal" aria-label="More" %}** and then click **Change plan**.
-2. Select the **Edit your plan** dropdown and click an account's plan to edit.
+1. Select the **Edit your plan** dropdown and click an account's plan to edit.
 {% data reusables.marketplace.choose-new-plan %}
 {% data reusables.marketplace.choose-new-quantity %}
 {% data reusables.marketplace.issue-plan-changes %}
-
diff --git a/...pting-github-advanced-security-at-scale/phase-2-preparing-to-enable-at-scale.md b/...pting-github-advanced-security-at-scale/phase-2-preparing-to-enable-at-scale.md
@@ -18,7 +18,7 @@ This article is part of a series on adopting {% data variables.product.prodname_
 
 ## Preparing to enable {% data variables.product.prodname_code_scanning %}
 
-{% data reusables.code-scanning.about-code-scanning %} For more information, see "[AUTOTITLE](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning)."
+{% data reusables.code-scanning.about-code-scanning %} For more information, see "[AUTOTITLE](/code-security/code-scanning/introduction-to-code-scanning/about-code-scanning)."
 
 Rolling {% data variables.product.prodname_code_scanning %} out across hundreds of repositories can be difficult, especially when done inefficiently. Following these steps will ensure your rollout is both efficient and successful. As part of your preparation, you will work with your teams, use automation to collect data about your repositories, and enable {% data variables.product.prodname_code_scanning %}.
 

diff --git a/...e-security/adopting-github-advanced-security-at-scale/phase-3-pilot-programs.md b/...e-security/adopting-github-advanced-security-at-scale/phase-3-pilot-programs.md
@@ -52,13 +52,13 @@ For more information about {% data variables.product.prodname_actions %}, see:
 - "[AUTOTITLE](/actions/using-workflows/events-that-trigger-workflows)"
 - "[AUTOTITLE](/actions/using-workflows/workflow-syntax-for-github-actions#filter-pattern-cheat-sheet)"
 
-We recommend enabling {% data variables.product.prodname_code_scanning %} on a repository-by-repository basis as part of your pilot program. For more information, see "[AUTOTITLE](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-advanced-setup-for-code-scanning)."
+We recommend enabling {% data variables.product.prodname_code_scanning %} on a repository-by-repository basis as part of your pilot program. For more information, see "[AUTOTITLE](/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/configuring-advanced-setup-for-code-scanning)."
 
 If you want to enable code scanning for many repositories, you may want to script the process.
 
 For an example of a script that opens pull requests to add a {% data variables.product.prodname_actions %} workflow to multiple repositories, see the [`jhutchings1/Create-ActionsPRs`](https://github.com/jhutchings1/Create-ActionsPRs) repository for an example using PowerShell, or [`nickliffen/ghas-enablement`](https://github.com/NickLiffen/ghas-enablement) for teams who do not have PowerShell and instead would like to use NodeJS.
 
-When running initial code scans, you may find that no results are found or that an unusual number of results are returned. You may want to adjust what is flagged in future scans. For more information, see "[AUTOTITLE](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/customizing-code-scanning)."
+When running initial code scans, you may find that no results are found or that an unusual number of results are returned. You may want to adjust what is flagged in future scans. For more information, see "[AUTOTITLE](/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning)."
 
 If your company wants to use other third-party code analysis tools with GitHub code scanning, you can use actions to run those tools within GitHub. Alternatively, you can upload results, which are generated by third-party tools as SARIF files, to code scanning. For more information, see "[AUTOTITLE](/code-security/code-scanning/integrating-with-code-scanning)."
 

diff --git a/...and-errors/configuring-advanced-setup-for-code-scanning-with-codeql-at-scale.md b/...and-errors/configuring-advanced-setup-for-code-scanning-with-codeql-at-scale.md
diff --git a/...anning/automatically-scanning-your-code-for-vulnerabilities-and-errors/index.md b/...anning/automatically-scanning-your-code-for-vulnerabilities-and-errors/index.md