Repo sync

.github/workflows/enterprise-dates.yml

@@ -35,7 +35,7 @@ jobs:
 
       - name: Create pull request
         id: create-pull-request
-        uses: peter-evans/create-pull-request@6cd32fd93684475c31847837f87bb135d40a2b79 # pin @v7.0.3
+        uses: peter-evans/create-pull-request@84ae59a2cdc2258d6fa0732dd66352dddae2a412 # pin @v7.0.9
         env:
           # Disable pre-commit hooks; they don't play nicely here
           HUSKY: '0'

.github/workflows/sync-graphql.yml

@@ -33,7 +33,7 @@ jobs:
         run: npm run sync-graphql
       - name: Create pull request
         id: create-pull-request
-        uses: peter-evans/create-pull-request@6cd32fd93684475c31847837f87bb135d40a2b79 # pin @v7.0.3
+        uses: peter-evans/create-pull-request@84ae59a2cdc2258d6fa0732dd66352dddae2a412 # pin @v7.0.9
         env:
           # Disable pre-commit hooks; they don't play nicely here
           HUSKY: '0'

data/release-notes/enterprise-server/3-14/20.yml

@@ -13,7 +13,7 @@ sections:
     - |
       On instances with a "No Proxy" setting configured for GitHub Actions with MinIO or AWS remote blob providers, administrators sometimes experienced failures reading or writing Actions logs, artifacts, or caches because some traffic was incorrectly routed through the instance's proxy.
     - |
-      <!-- markdownlint-disable-line GHD046 --> New Microsoft Teams integrations failed to set up because the required `tenant_id` field was missing from the configuration, following Microsoft's deprecation of multi-tenant bot creation.
+      New Microsoft Teams integrations failed to set up because the required `tenant_id` field was missing from the configuration, following Microsoft's deprecation of multi-tenant bot creation. <!-- markdownlint-disable-line GHD046 -->
     - |
       An "Invite member" button intended only for GitHub.com was displayed on the enterprise "People" tab.
     - |
@@ -22,7 +22,7 @@ sections:
       When new Elasticsearch indexes were created, index routing memos could go to a read-only MySQL replica and fail, causing delays in audit log indexing after monthly rollovers. The memos are now written to the primary database rather than a read-only replica.
   changes:
     - |
-      <!-- markdownlint-disable-line GHD046 --> A new weekly job automatically disables Elasticsearch deprecation logging and removes existing deprecation logs every Saturday at midnight. This helps administrators manage disk space by regularly cleaning up deprecation data streams and log indices that are no longer needed.
+      A new weekly job automatically disables Elasticsearch deprecation logging and removes existing deprecation logs every Saturday at midnight. This helps administrators manage disk space by regularly cleaning up deprecation data streams and log indices that are no longer needed. <!-- markdownlint-disable-line GHD046 -->
     - |
       Administrators can add security key-backed (SK) SSH certificate authorities.
     - |

data/release-notes/enterprise-server/3-15/14.yml

@@ -26,7 +26,7 @@ sections:
       On instances where GitHub Actions workflows require approval to run on pull requests from forked repositories, workflows remained queued indefinitely after users clicked "Approve and run".
   changes:
     - |
-      <!-- markdownlint-disable-line GHD046 --> Elasticsearch deprecation warnings, which are logged to index files in new versions of Elasticsearch, have been disabled. These warnings provided no value to administrators, and in some cases could block upgrades of instances in high-availability or cluster configurations.
+      Elasticsearch deprecation warnings, which are logged to index files in new versions of Elasticsearch, have been disabled. These warnings provided no value to administrators, and in some cases could block upgrades of instances in high-availability or cluster configurations. <!-- markdownlint-disable-line GHD046 -->
   known_issues:
     - |
       Custom firewall rules are removed during the upgrade process.

data/release-notes/enterprise-server/3-15/15.yml

@@ -13,7 +13,7 @@ sections:
     - |
       On instances with a "No Proxy" setting configured for GitHub Actions with MinIO or AWS remote blob providers, administrators sometimes experienced failures reading or writing Actions logs, artifacts, or caches because some traffic was incorrectly routed through the instances proxy.
     - |
-      <!-- markdownlint-disable-line GHD046 --> New Microsoft Teams integrations failed to set up because the required `tenant_id` field was missing from the configuration, following Microsoft's deprecation of multi-tenant bot creation.
+      New Microsoft Teams integrations failed to set up because the required `tenant_id` field was missing from the configuration, following Microsoft's deprecation of multi-tenant bot creation. <!-- markdownlint-disable-line GHD046 --> 
     - |
       Site administrators using the Management Console would see overly verbose error messages on the maintenance page. These error messages were not cleared when a new request was made, and no message was displayed when maintenance mode changes were saved successfully.
     - |
@@ -26,7 +26,7 @@ sections:
       When new Elasticsearch indexes were created, index routing memos could go to a read-only MySQL replica and fail, causing delays in audit log indexing after monthly rollovers. The memos are now written to the primary database rather than a read-only replica.
   changes:
     - |
-      <!-- markdownlint-disable-line GHD046 --> A new weekly job automatically disables Elasticsearch deprecation logging and removes existing deprecation logs every Saturday at midnight. This helps administrators manage disk space by regularly cleaning up deprecation data streams and log indices that are no longer needed.
+      A new weekly job automatically disables Elasticsearch deprecation logging and removes existing deprecation logs every Saturday at midnight. This helps administrators manage disk space by regularly cleaning up deprecation data streams and log indices that are no longer needed. <!-- markdownlint-disable-line GHD046 --> 
     - |
       Administrators can add security key-backed (SK) SSH certificate authorities.
     - |

data/release-notes/enterprise-server/3-16/10.yml

@@ -38,7 +38,7 @@ sections:
       The GitHub system user was not always properly set on startup, occasionally surfacing in authentication errors or failed secret scanning jobs in logs.
   changes:
     - |
-      <!-- markdownlint-disable-line GHD046 --> Elasticsearch deprecation warnings, which are logged to index files in new versions of Elasticsearch, have been disabled. These warnings provided no value to administrators, and in some cases could block upgrades of instances in high-availability or cluster configurations.
+      Elasticsearch deprecation warnings, which are logged to index files in new versions of Elasticsearch, have been disabled. These warnings provided no value to administrators, and in some cases could block upgrades of instances in high-availability or cluster configurations. <!-- markdownlint-disable-line GHD046 --> 
     - |
       Logging of configuration runs is improved with streamlined logging for different configuration phases. Phase-specific logs are written to both the main log file (`ghe-config.log`) and the console for better visibility.
   known_issues:

data/release-notes/enterprise-server/3-16/11.yml

@@ -11,7 +11,7 @@ sections:
     - |
       On instances with a "No Proxy" setting configured for GitHub Actions with MinIO or AWS remote blob providers, administrators sometimes experienced failures reading or writing Actions logs, artifacts, or caches because some traffic was incorrectly routed through the instances proxy.
     - |
-      <!-- markdownlint-disable-line GHD046 --> New Microsoft Teams integrations failed to set up because the required `tenant_id` field was missing from the configuration, following Microsoft's deprecation of multi-tenant bot creation.
+      New Microsoft Teams integrations failed to set up because the required `tenant_id` field was missing from the configuration, following Microsoft's deprecation of multi-tenant bot creation. <!-- markdownlint-disable-line GHD046 --> 
     - |
       Site administrators using the Management Console would see overly verbose error messages on the maintenance page. These error messages were not cleared when a new request was made, and no message was displayed when maintenance mode changes were saved successfully.
     - |
@@ -30,7 +30,7 @@ sections:
       When new Elasticsearch indexes were created, index routing memos could go to a read-only MySQL replica and fail, causing delays in audit log indexing after monthly rollovers. The memos are now written to the primary database rather than a read-only replica.
   changes:
     - |
-      <!-- markdownlint-disable-line GHD046 --> A new weekly job automatically disables Elasticsearch deprecation logging and removes existing deprecation logs every Saturday at midnight. This helps administrators manage disk space by regularly cleaning up deprecation data streams and log indices that are no longer needed.
+      A new weekly job automatically disables Elasticsearch deprecation logging and removes existing deprecation logs every Saturday at midnight. This helps administrators manage disk space by regularly cleaning up deprecation data streams and log indices that are no longer needed. <!-- markdownlint-disable-line GHD046 --> 
     - |
       Administrators can add security key-backed (SK) SSH certificate authorities.
   known_issues:

data/release-notes/enterprise-server/3-17/7.yml

@@ -46,7 +46,7 @@ sections:
       In rare cases, inconsistent data could lead to a panic in the code scanning service, causing it to restart and become unavailable for a few seconds. This could cause HTTP 500 errors when interacting with the code scanning API or in parts of the UI.
   changes:
     - |
-      <!-- markdownlint-disable-line GHD046 --> Elasticsearch deprecation warnings, which are logged to index files in new versions of Elasticsearch, have been disabled. These warnings provided no value to administrators, and in some cases could block upgrades of instances in high-availability or cluster configurations.
+      Elasticsearch deprecation warnings, which are logged to index files in new versions of Elasticsearch, have been disabled. These warnings provided no value to administrators, and in some cases could block upgrades of instances in high-availability or cluster configurations. <!-- markdownlint-disable-line GHD046 --> 
     - |
       Logging of configuration runs is improved with streamlined logging for different configuration phases. Phase-specific logs are written to both the main log file (`ghe-config.log`) and the console for better visibility.
   known_issues:

data/release-notes/enterprise-server/3-17/8.yml

@@ -11,7 +11,7 @@ sections:
     - |
       On instances with a "No Proxy" setting configured for GitHub Actions with MinIO or AWS remote blob providers, administrators sometimes experienced failures reading or writing Actions logs, artifacts, or caches because some traffic was incorrectly routed through the instances proxy.
     - |
-      <!-- markdownlint-disable-line GHD046 --> New Microsoft Teams integrations failed to set up because the required `tenant_id` field was missing from the configuration, following Microsoft's deprecation of multi-tenant bot creation.
+      New Microsoft Teams integrations failed to set up because the required `tenant_id` field was missing from the configuration, following Microsoft's deprecation of multi-tenant bot creation. <!-- markdownlint-disable-line GHD046 --> 
     - |
       Site administrators using the Management Console would see overly verbose error messages on the maintenance page. These error messages were not cleared when a new request was made, and no message was displayed when maintenance mode changes were saved successfully.
     - |
@@ -34,7 +34,7 @@ sections:
       When new Elasticsearch indexes were created, index routing memos could go to a read-only MySQL replica and fail, causing delays in audit log indexing after monthly rollovers. The memos are now written to the primary database rather than a read-only replica.
   changes:
     - |
-      <!-- markdownlint-disable-line GHD046 --> A new weekly job automatically disables Elasticsearch deprecation logging and removes existing deprecation logs every Saturday at midnight. This helps administrators manage disk space by regularly cleaning up deprecation data streams and log indices that are no longer needed.
+      A new weekly job automatically disables Elasticsearch deprecation logging and removes existing deprecation logs every Saturday at midnight. This helps administrators manage disk space by regularly cleaning up deprecation data streams and log indices that are no longer needed. <!-- markdownlint-disable-line GHD046 --> 
     - |
       Administrators can add security key-backed (SK) SSH certificate authorities.
     - |

data/release-notes/enterprise-server/3-18/1.yml

@@ -44,7 +44,7 @@ sections:
       The GitHub system user was not always properly set on startup, occasionally surfacing in authentication errors or failed secret scanning jobs in logs.
   changes:
     - |
-      <!-- markdownlint-disable-line GHD046 --> Elasticsearch deprecation warnings, which are logged to index files in new versions of Elasticsearch, have been disabled. These warnings provided no value to administrators, and in some cases could block upgrades of instances in high-availability or cluster configurations.
+      Elasticsearch deprecation warnings, which are logged to index files in new versions of Elasticsearch, have been disabled. These warnings provided no value to administrators, and in some cases could block upgrades of instances in high-availability or cluster configurations. <!-- markdownlint-disable-line GHD046 --> 
     - |
       Logging of configuration runs is improved with streamlined logging for different configuration phases. Phase-specific logs are written to both the main log file (`ghe-config.log`) and the console for better visibility.
     - |

data/release-notes/enterprise-server/3-18/2.yml

@@ -13,7 +13,7 @@ sections:
     - |
       On instances with a "No Proxy" setting configured for GitHub Actions with MinIO or AWS remote blob providers, administrators sometimes experienced failures reading or writing Actions logs, artifacts, or caches because some traffic was incorrectly routed through the instances proxy.
     - |
-      <!-- markdownlint-disable-line GHD046 --> New Microsoft Teams integrations failed to set up because the required `tenant_id` field was missing from the configuration, following Microsoft's deprecation of multi-tenant bot creation.
+      New Microsoft Teams integrations failed to set up because the required `tenant_id` field was missing from the configuration, following Microsoft's deprecation of multi-tenant bot creation. <!-- markdownlint-disable-line GHD046 --> 
     - |
       Administrators running the `ghe-repl-decommission` script received an error.
     - |

src/graphql/data/ghes-3.19/graphql_upcoming_changes.public-enterprise.yml

@@ -1382,14 +1382,12 @@ upcoming_changes:
     date: '2025-04-01T00:00:00+00:00'
     criticality: breaking
     owner: github/memex
-  - location: SearchType.ISSUE_ADVANCED
-    description: '`ISSUE_ADVANCED` will be removed.'
-    reason:
-      Search for issues and pull requests will be overridden by advanced search
-      on September 4, 2025. You can read more about this change on https://github.blog/changelog/2025-03-06-github-issues-projects-api-support-for-issues-advanced-search-and-more/.
-    date: '2025-09-04'
+  - location: Issue.stateReason.enableDuplicate
+    description: '`enableDuplicate` will be removed.'
+    reason: The state reason for duplicate issue is now returned by default.
+    date: '2025-10-01T00:00:00+00:00'
     criticality: breaking
-    owner: github/issues_advanced_search
+    owner: issues
   - location: SecurityAdvisory.cvss
     description:
       '`cvss` will be removed. New `cvss_severities` field will now contain
@@ -1398,6 +1396,26 @@ upcoming_changes:
     date: '2025-10-01T00:00:00+00:00'
     criticality: breaking
     owner: github/advisory-database
+  - location: SearchType.ISSUE_ADVANCED
+    description: '`ISSUE_ADVANCED` will be removed.'
+    reason:
+      Search for issues and pull requests will be overridden by advanced search
+      on November 4, 2025. You can read more about this change on https://github.blog/changelog/2025-03-06-github-issues-projects-api-support-for-issues-advanced-search-and-more/.
+    date: '2025-11-04'
+    criticality: breaking
+    owner: github/issues_advanced_search
+  - location: NotificationThread.list
+    description: '`list` will be removed. Use the `optionalList` field instead.'
+    reason: Null values are possible for this field.
+    date: '2026-01-01T00:00:00+00:00'
+    criticality: breaking
+    owner: github/notifications
+  - location: NotificationThread.subject
+    description: '`subject` will be removed. Use the `optionalSubject` field instead.'
+    reason: Null values are possible for this field.
+    date: '2026-01-01T00:00:00+00:00'
+    criticality: breaking
+    owner: github/notifications
   - location: AuditEntry.action
     description: '`action` will be removed.'
     reason: The GraphQL audit-log is deprecated. Please use the REST API instead.