github · moizsohailn-rgb · Jun 13, 2026
diff --git a/...e-security/tutorials/secure-your-organization/respond-to-a-security-incident.md b/...e-security/tutorials/secure-your-organization/respond-to-a-security-incident.md
@@ -101,18 +101,16 @@ There are several containment actions you can choose to perform to limit the att
 
 For exposed or exploited credentials, the most immediate action you can take is to revoke the affected credentials to prevent further misuse.
 
-{% ifversion fpt or ghec %}
-
+{% ifversion fpt or ghec or ghes > 3.17 %}
 * **Revoke via the API**
 
   If the token is one of the following types, and the literal value of the token is known, you (or anybody) can revoke it by **submitting a request via the REST API**. See [AUTOTITLE](/rest/credentials/revoke?apiVersion=2022-11-28#revoke-a-list-of-credentials).
 
   * {% data variables.product.pat_v1_caps %}
-  * {% data variables.product.pat_v2_caps %}
+  * {% data variables.product.pat_v2_caps %}{% ifversion fpt or ghec or ghes > 3.20 %}
   * {% data variables.product.prodname_oauth_app %} access token
   * {% data variables.product.prodname_github_app %} user access token
-  * {% data variables.product.prodname_github_app %} refresh token
-
+  * {% data variables.product.prodname_github_app %} refresh token{% endif %}
 {% endif %}
 
 * **Revocation and containment options**

diff --git a/content/copilot/concepts/agents/about-enterprise-plugin-standards.md b/content/copilot/concepts/agents/about-enterprise-plugin-standards.md
@@ -17,7 +17,7 @@ redirect_from:
 
 > [!NOTE] This feature is in {% data variables.release-phases.public_preview %} and subject to change.
 
-Enterprise-managed plugin standards allow administrators to **define and enforce policies for plugin availability**. By configuring a `{% data variables.copilot.managed_setting_file %}` file in the enterprise's `.github-private` repository, administrators can specify which plugin marketplaces are available to users and which plugins are installed automatically.
+Enterprise-managed plugin standards allow administrators to **define and enforce policies for plugin availability**. By configuring a `settings.json` file in the enterprise's `.github-private` repository, administrators can specify which plugin marketplaces are available to users and which plugins are installed automatically.
 
 ## Where plugin standards apply
 
@@ -30,14 +30,14 @@ Users must upgrade to a supported client version for these standards to be appli
 
 ## How plugin standards work
 
-Enterprise plugin standards use a configuration file stored in your enterprise's `.github-private` repository. The configuration is defined in a `{% data variables.copilot.managed_setting_file %}` file at the following path: `.github/copilot/{% data variables.copilot.managed_setting_file %}`. This file was previously called `settings.json`, which is still supported.
+Enterprise plugin standards use a configuration file stored in your enterprise's `.github-private` repository. The configuration is defined in a `settings.json` file at the following path: `.github/copilot/settings.json`.
 
 For plugin standards, the file can define:
 
 * **Known marketplaces**. Plugin marketplaces that are available to users for browsing and installing plugins.
 * **Default-enabled plugins**. Specific plugins that are automatically installed when users authenticate.
 
-When a user authenticates to {% data variables.product.prodname_copilot_short %} in a supported client, the client queries an API endpoint that reads the `{% data variables.copilot.managed_setting_file %}` file. The policies defined in the file are then applied to the user's session.
+When a user authenticates to {% data variables.product.prodname_copilot_short %} in a supported client, the client queries an API endpoint that reads the `settings.json` from the enterprise's `.github-private` repository. The policies defined in the file are then applied to the user's session.
 
 ## Why use enterprise-managed plugin standards
 

diff --git a/...ot/manage-for-enterprise/manage-agents/configure-enterprise-plugin-standards.md b/...ot/manage-for-enterprise/manage-agents/configure-enterprise-plugin-standards.md
@@ -2,7 +2,7 @@
 title: Configuring enterprise plugin standards
 shortTitle: Configure plugin standards
 allowTitleToDifferFromFilename: true
-intro: 'Configure enterprise plugin standards by defining a `{% data variables.copilot.managed_setting_file %}` file in your enterprise''s `.github-private` repository.'
+intro: 'Configure enterprise plugin standards by defining a `settings.json` file in your enterprise''s `.github-private` repository.'
 permissions: Enterprise owners
 versions:
   feature: copilot
@@ -16,8 +16,9 @@ category:
 
 You can apply settings to control users' available plugin marketplaces and default-installed plugins. These settings apply to users on your enterprise's {% data variables.product.prodname_copilot_short %} plan. For more information, see [AUTOTITLE](/copilot/concepts/agents/about-enterprise-plugin-standards).
 
-{% data reusables.copilot.create-managed-settings %}
-1. Add your plugin policy configuration to the file. The `{% data variables.copilot.managed_setting_file %}` file supports the following top-level properties:
+1. In your enterprise's `.github-private` repository, navigate to the `.github/copilot/` directory. If you don't have a `.github-private` repository yet, see [AUTOTITLE](/copilot/how-tos/administer-copilot/manage-for-enterprise/manage-agents/prepare-for-custom-agents).
+1. Create or edit the `settings.json` file at `.github/copilot/settings.json`.
+1. Add your plugin policy configuration to the file. The `settings.json` file supports the following top-level properties:
 
    ```json copy
    {

diff --git a/...ister-copilot/manage-for-enterprise/manage-agents/disable-automatic-commands.md b/...ister-copilot/manage-for-enterprise/manage-agents/disable-automatic-commands.md
diff --git a/...copilot/how-tos/administer-copilot/manage-for-enterprise/manage-agents/index.md b/...copilot/how-tos/administer-copilot/manage-for-enterprise/manage-agents/index.md
@@ -7,7 +7,6 @@ versions:
 children:
   - /prepare-for-custom-agents
   - /configure-enterprise-plugin-standards
-  - /disable-automatic-commands
   - /monitor-agentic-activity
   - /enable-copilot-cloud-agent
   - /block-agentic-features

diff --git a/content/copilot/how-tos/copilot-cli/set-up-copilot-cli/configure-copilot-cli.md b/content/copilot/how-tos/copilot-cli/set-up-copilot-cli/configure-copilot-cli.md
@@ -267,9 +267,7 @@ This flag combines:
 * `--allow-all-paths` (disable path verification).
 * `--allow-all-urls` (disables URL verification).
 
-During an interactive session, you can also enable all permissions with the `/allow-all` or `/yolo` slash commands.
-
-{% data reusables.copilot.disable-bypass %}
+> [!TIP] During an interactive session, you can also enable all permissions with the `/allow-all` or `/yolo` slash commands.
 
 ## Further reading
 

diff --git a/content/copilot/how-tos/copilot-cli/use-copilot-cli/allowing-tools.md b/content/copilot/how-tos/copilot-cli/use-copilot-cli/allowing-tools.md
@@ -79,8 +79,6 @@ For details of the supported tool kinds, see [AUTOTITLE](/copilot/reference/copi
 
 The following command-line options give {% data variables.copilot.copilot_cli_short %} permission to use all available tools.
 
-{% data reusables.copilot.disable-bypass %}
-
 * `--allow-all-tools` — Full access to the available tools.
 
 * `--allow-all`  or `--yolo` — Equivalent to using all of the `--allow-all-tools`, `--allow-all-paths`, and `--allow-all-urls` options when starting the CLI.

diff --git a/...ns/managing-programmatic-access-to-your-organization/github-credential-types.md b/...ns/managing-programmatic-access-to-your-organization/github-credential-types.md
@@ -38,7 +38,7 @@ The following sections describe revocation options for each credential type base
 
 * If the token **belongs to you**, you can delete it via your personal account settings. See [AUTOTITLE](/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens#deleting-a-personal-access-token).
 {% data reusables.credentials.revoke-via-api %}
-* **Organization owners** and **enterprise owners** do not have direct visibility into or control over individual tokens. However, they can:{% ifversion fpt or ghec %}
+* **Organization owners** and **enterprise owners** do not have direct visibility into or control over individual tokens. However, they can:{% ifversion fpt or ghec or ghes > 3.17 %}
    * Revoke them using the REST API, if the actual token value is known. See [AUTOTITLE](/rest/credentials/revoke?apiVersion=2022-11-28#revoke-a-list-of-credentials).{% endif %}
    * Restrict the access of {% data variables.product.pat_generic_plural %} to the organization or enterprise entirely. See [AUTOTITLE](/organizations/managing-programmatic-access-to-your-organization/setting-a-personal-access-token-policy-for-your-organization) and [AUTOTITLE](/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-personal-access-tokens-in-your-enterprise).
 * **Organization owners and enterprise owners** on {% data variables.product.prodname_ghe_cloud %} with SSO enforced can revoke the SSO authorization for a specific {% data variables.product.pat_v1 %}. See [Revoking SSO authorization](#revoking-sso-authorization) for details.
@@ -49,7 +49,7 @@ The following sections describe revocation options for each credential type base
 * If the token **belongs to you**, you can delete it via your personal account settings. See [AUTOTITLE](/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens#deleting-a-personal-access-token).
 {% data reusables.credentials.revoke-via-api %}
 * **Organization owners**: Can view and revoke individual tokens. Note, however, that when an organization owner revokes a {% data variables.product.pat_v2 %}, any SSH keys created by the token will continue to work and the token will still be able to read public resources within the organization. The revocation changes the resource owner from the organization to the user, and the user can reassign it back. See [AUTOTITLE](/organizations/managing-programmatic-access-to-your-organization/reviewing-and-revoking-personal-access-tokens-in-your-organization).
-* **Organization owners** and **enterprise owners** can:{% ifversion fpt or ghec %}
+* **Organization owners** and **enterprise owners** can:{% ifversion fpt or ghec or ghes > 3.17 %}
    * Revoke the token using the REST API. See [AUTOTITLE](/rest/credentials/revoke?apiVersion=2022-11-28#revoke-a-list-of-credentials).{% endif %}
    * Restrict the access of {% data variables.product.pat_generic_plural %} to the organization or enterprise entirely. See [AUTOTITLE](/organizations/managing-programmatic-access-to-your-organization/setting-a-personal-access-token-policy-for-your-organization) and [AUTOTITLE](/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-personal-access-tokens-in-your-enterprise).
 * **Revoked automatically** if pushed to a public repository or gist, or if unused for one year. See [AUTOTITLE](/authentication/keeping-your-account-and-data-secure/token-expiration-and-revocation).

diff --git a/content/rest/credentials/revoke.md b/content/rest/credentials/revoke.md
@@ -7,6 +7,7 @@ intro: >-
 versions: # DO NOT MANUALLY EDIT. CHANGES WILL BE OVERWRITTEN BY A 🤖
   fpt: '*'
   ghec: '*'
+  ghes: '>=3.18'
 autogenerated: rest
 allowTitleToDifferFromFilename: true
 category:

diff --git a/data/reusables/copilot/create-managed-settings.md b/data/reusables/copilot/create-managed-settings.md
diff --git a/data/reusables/copilot/disable-bypass.md b/data/reusables/copilot/disable-bypass.md
diff --git a/data/reusables/credentials/revoke-via-api.md b/data/reusables/credentials/revoke-via-api.md
@@ -1,2 +1,2 @@
-{% ifversion fpt or ghec %}
+{% ifversion fpt or ghec or ghes > 3.17 %}
 * If the token is owned by someone else, and the actual token value is known, **anyone** can submit a request to revoke it using the REST API. The API doesn't require authentication - anyone with the token value can submit it for revocation. See [AUTOTITLE](/rest/credentials/revoke?apiVersion=2022-11-28#revoke-a-list-of-credentials) in the REST API documentation.{% endif %}
diff --git a/data/variables/copilot.yml b/data/variables/copilot.yml
@@ -254,6 +254,3 @@ copilot_workspace_short: 'Workspace'
 
 # BYOK
 copilot_byok_supported_features: '{% data variables.copilot.copilot_chat_short %}, {% data variables.copilot.copilot_cli_short %}, and {% data variables.product.prodname_vscode_shortname %}'
-
-## File for enterprise client management
-managed_setting_file: 'managed-settings.json'
diff --git a/src/github-apps/lib/config.json b/src/github-apps/lib/config.json
@@ -60,5 +60,5 @@
       "2022-11-28"
     ]
   },
-  "sha": "7a0a14cf24805c7efd23fef351bfab80391ec8fb"
+  "sha": "5228aaa58229307d5c18092199d4d3b09050265a"
 }
diff --git a/src/rest/data/fpt-2022-11-28/billing.json b/src/rest/data/fpt-2022-11-28/billing.json
@@ -28,7 +28,7 @@
         },
         {
           "name": "per_page",
-          "description": "<p>The number of results per page (max 100).</p>",
+          "description": "<p>The number of results per page (max 10).</p>",
           "in": "query",
           "schema": {
             "type": "integer",
@@ -61,7 +61,7 @@
         }
       ],
       "bodyParameters": [],
-      "descriptionHTML": "<p>Gets all budgets for an organization. The authenticated user must be an organization admin or billing manager.\nEach page returns up to 100 budgets.</p>",
+      "descriptionHTML": "<p>Gets all budgets for an organization. The authenticated user must be an organization admin or billing manager.\nEach page returns up to 10 budgets.</p>",
       "codeExamples": [
         {
           "request": {

diff --git a/src/rest/data/fpt-2022-11-28/code-security.json b/src/rest/data/fpt-2022-11-28/code-security.json
@@ -145,10 +145,7 @@
                     ]
                   },
                   "description": {
-                    "type": [
-                      "string",
-                      "null"
-                    ],
+                    "type": "string",
                     "description": "A description of the code security configuration"
                   },
                   "advanced_security": {
@@ -490,7 +487,8 @@
         {
           "type": "string",
           "name": "description",
-          "description": "<p>A description of the code security configuration</p>"
+          "description": "<p>A description of the code security configuration</p>",
+          "isRequired": true
         },
         {
           "type": "string",
@@ -810,10 +808,7 @@
                   ]
                 },
                 "description": {
-                  "type": [
-                    "string",
-                    "null"
-                  ],
+                  "type": "string",
                   "description": "A description of the code security configuration"
                 },
                 "advanced_security": {
@@ -1272,10 +1267,7 @@
                         ]
                       },
                       "description": {
-                        "type": [
-                          "string",
-                          "null"
-                        ],
+                        "type": "string",
                         "description": "A description of the code security configuration"
                       },
                       "advanced_security": {
@@ -1677,10 +1669,7 @@
                   ]
                 },
                 "description": {
-                  "type": [
-                    "string",
-                    "null"
-                  ],
+                  "type": "string",
                   "description": "A description of the code security configuration"
                 },
                 "advanced_security": {
@@ -2338,10 +2327,7 @@
                   ]
                 },
                 "description": {
-                  "type": [
-                    "string",
-                    "null"
-                  ],
+                  "type": "string",
                   "description": "A description of the code security configuration"
                 },
                 "advanced_security": {
@@ -2972,10 +2958,7 @@
                       ]
                     },
                     "description": {
-                      "type": [
-                        "string",
-                        "null"
-                      ],
+                      "type": "string",
                       "description": "A description of the code security configuration"
                     },
                     "advanced_security": {
@@ -4017,10 +4000,7 @@
                     ]
                   },
                   "description": {
-                    "type": [
-                      "string",
-                      "null"
-                    ],
+                    "type": "string",
                     "description": "A description of the code security configuration"
                   },
                   "advanced_security": {
@@ -4366,7 +4346,8 @@
         {
           "type": "string",
           "name": "description",
-          "description": "<p>A description of the code security configuration</p>"
+          "description": "<p>A description of the code security configuration</p>",
+          "isRequired": true
         },
         {
           "type": "string",
@@ -4762,10 +4743,7 @@
                   ]
                 },
                 "description": {
-                  "type": [
-                    "string",
-                    "null"
-                  ],
+                  "type": "string",
                   "description": "A description of the code security configuration"
                 },
                 "advanced_security": {
@@ -5216,10 +5194,7 @@
                         ]
                       },
                       "description": {
-                        "type": [
-                          "string",
-                          "null"
-                        ],
+                        "type": "string",
                         "description": "A description of the code security configuration"
                       },
                       "advanced_security": {
@@ -5736,10 +5711,7 @@
                   ]
                 },
                 "description": {
-                  "type": [
-                    "string",
-                    "null"
-                  ],
+                  "type": "string",
                   "description": "A description of the code security configuration"
                 },
                 "advanced_security": {
@@ -6465,10 +6437,7 @@
                   ]
                 },
                 "description": {
-                  "type": [
-                    "string",
-                    "null"
-                  ],
+                  "type": "string",
                   "description": "A description of the code security configuration"
                 },
                 "advanced_security": {
@@ -7099,10 +7068,7 @@
                       ]
                     },
                     "description": {
-                      "type": [
-                        "string",
-                        "null"
-                      ],
+                      "type": "string",
                       "description": "A description of the code security configuration"
                     },
                     "advanced_security": {
@@ -8110,10 +8076,7 @@
                       ]
                     },
                     "description": {
-                      "type": [
-                        "string",
-                        "null"
-                      ],
+                      "type": "string",
                       "description": "A description of the code security configuration"
                     },
                     "advanced_security": {