feanil
diff --git a/‎.github/review-template.md‎
Lines changed: 1 addition & 1 deletion b/‎.github/review-template.md‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/add-review-template.yml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/add-review-template.yml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎assets/images/help/pull_requests/dragging_images.gif‎
667 KB b/‎assets/images/help/pull_requests/dragging_images.gif‎
667 KB
diff --git a/‎content/actions/guides/creating-postgresql-service-containers.md‎
Lines changed: 19 additions & 19 deletions b/‎content/actions/guides/creating-postgresql-service-containers.md‎
Lines changed: 19 additions & 19 deletions
diff --git a/‎content/code-security/secure-coding/about-codeql-code-scanning-in-your-ci-system.md‎
Lines changed: 4 additions & 2 deletions b/‎content/code-security/secure-coding/about-codeql-code-scanning-in-your-ci-system.md‎
Lines changed: 4 additions & 2 deletions
diff --git a/‎content/code-security/secure-coding/configuring-code-scanning.md‎
Lines changed: 29 additions & 0 deletions b/‎content/code-security/secure-coding/configuring-code-scanning.md‎
Lines changed: 29 additions & 0 deletions
diff --git a/‎content/code-security/secure-coding/configuring-codeql-runner-in-your-ci-system.md‎
Lines changed: 2 additions & 1 deletion b/‎content/code-security/secure-coding/configuring-codeql-runner-in-your-ci-system.md‎
Lines changed: 2 additions & 1 deletion
diff --git a/‎content/code-security/secure-coding/running-codeql-cli-in-your-ci-system.md‎
Lines changed: 2 additions & 1 deletion b/‎content/code-security/secure-coding/running-codeql-cli-in-your-ci-system.md‎
Lines changed: 2 additions & 1 deletion
@@ -5,7 +5,7 @@
 - [ ] I've worked through build failures and tests are passing.
 - [ ] For REST API content, I've verified that endpoints, parameters, and responses are correct and work as expected and provided curl samples below.
 
-  For more information, check out our [full review guidelines and checklist](https://github.com/github/docs-content/blob/main/docs-content-docs/docs-content-workflows/reviews-and-feedback/review-process.md).
+For more information, check out our [full review guidelines and checklist](https://github.com/github/docs-content/blob/main/docs-content-docs/docs-content-workflows/reviews-and-feedback/review-process.md).
 
 ## Review request
 
 
@@ -22,7 +22,7 @@ jobs:
       # Jump through some hoops to work with a multi-line file
       - name: Store review template in variable
         run: |
-          TEMPLATE=$(cat .github/workflows/review-template.md)
+          TEMPLATE=$(cat .github/review-template.md)
           echo "TEMPLATE<<EOF" >> $GITHUB_ENV
           echo "$TEMPLATE" >> $GITHUB_ENV
           echo "EOF" >> $GITHUB_ENV
 
@@ -22,7 +22,7 @@ topics:
 
 ### Introduction
 
-This guide shows you workflow examples that configure a service container using the Docker Hub `postgres` image. The workflow runs a script to create a PostgreSQL client and populate the client with data. To test that the workflow creates and populates the PostgreSQL client, the script prints the client's data to the console.
+This guide shows you workflow examples that configure a service container using the Docker Hub `postgres` image. The workflow runs a script that connects to the PostgreSQL service, creates a table, and then populates it with data. To test that the workflow creates and populates the PostgreSQL table, the script prints the data from the table to the console.
 
 {% data reusables.github-actions.docker-container-os-support %}
 
@@ -81,10 +81,10 @@ jobs:
         run: npm ci
 
       - name: Connect to PostgreSQL
-        # Runs a script that creates a PostgreSQL client, populates
-        # the client with data, and retrieves data
+        # Runs a script that creates a PostgreSQL table, populates
+        # the table with data, and then retrieves the data.
         run: node client.js
-        # Environment variable used by the `client.js` script to create a new PostgreSQL client.
+        # Environment variables used by the `client.js` script to create a new PostgreSQL table.
         env:
           # The hostname used to communicate with the PostgreSQL service container
           POSTGRES_HOST: postgres
@@ -141,8 +141,8 @@ steps:
     run: npm ci
 
   - name: Connect to PostgreSQL
-    # Runs a script that creates a PostgreSQL client, populates
-    # the client with data, and retrieves data
+    # Runs a script that creates a PostgreSQL table, populates
+    # the table with data, and then retrieves the data.
     run: node client.js
     # Environment variable used by the `client.js` script to create
     # a new PostgreSQL client.
@@ -204,11 +204,11 @@ jobs:
         run: npm ci
 
       - name: Connect to PostgreSQL
-        # Runs a script that creates a PostgreSQL client, populates
-        # the client with data, and retrieves data
+        # Runs a script that creates a PostgreSQL table, populates
+        # the table with data, and then retrieves the data
         run: node client.js
-        # Environment variable used by the `client.js` script to create
-        # a new PostgreSQL client.
+        # Environment variables used by the `client.js` script to create
+        # a new PostgreSQL table.
         env:
           # The hostname used to communicate with the PostgreSQL service container
           POSTGRES_HOST: localhost
@@ -268,11 +268,11 @@ steps:
     run: npm ci
 
   - name: Connect to PostgreSQL
-    # Runs a script that creates a PostgreSQL client, populates
-    # the client with data, and retrieves data
+    # Runs a script that creates a PostgreSQL table, populates
+    # the table with data, and then retrieves the data
     run: node client.js
-    # Environment variable used by the `client.js` script to create
-    # a new PostgreSQL client.
+    # Environment variables used by the `client.js` script to create
+    # a new PostgreSQL table.
     env:
       # The hostname used to communicate with the PostgreSQL service container
       POSTGRES_HOST: localhost
@@ -286,9 +286,9 @@ steps:
 
 ### Testing the PostgreSQL service container
 
-You can test your workflow using the following script, which creates a PostgreSQL client and adds a new table with some placeholder data. The script then prints the values stored in the PostgreSQL client to the terminal. Your script can use any language you'd like, but this example uses Node.js and the `pg` npm module. For more information, see the [npm pg module](https://www.npmjs.com/package/pg).
+You can test your workflow using the following script, which connects to the PostgreSQL service and adds a new table with some placeholder data. The script then prints the values stored in the PostgreSQL table to the terminal. Your script can use any language you'd like, but this example uses Node.js and the `pg` npm module. For more information, see the [npm pg module](https://www.npmjs.com/package/pg).
 
-You can modify *client.js* to include any PostgreSQL operations needed by your workflow. In this example, the script creates the PostgreSQL client instance, creates a table, adds placeholder data, then retrieves the data.
+You can modify *client.js* to include any PostgreSQL operations needed by your workflow. In this example, the script connects to the PostgreSQL service, adds a table to the `postgres` database, inserts some placeholder data, and then retrieves the data.
 
 {% data reusables.github-actions.service-container-add-script %}
 
@@ -324,11 +324,11 @@ pgclient.query('SELECT * FROM student', (err, res) => {
 });
 ```
 
-The script creates a new PostgreSQL `Client`, which accepts a `host` and `port` parameter. The script uses the `POSTGRES_HOST` and `POSTGRES_PORT` environment variables to set the client's IP address and port. If `host` and `port` are not defined, the default host is `localhost` and the default port is 5432.
+The script creates a new connection to the PostgreSQL service, and uses the `POSTGRES_HOST` and `POSTGRES_PORT` environment variables to specify the PostgreSQL service IP address and port. If `host` and `port` are not defined, the default host is `localhost` and the default port is 5432.
 
-The script creates a table and populates it with placeholder data. To test that the PostgreSQL database contains the data, the script prints the contents of the table to the console log.
+The script creates a table and populates it with placeholder data. To test that the `postgres` database contains the data, the script prints the contents of the table to the console log.
 
-When you run this workflow, you should see the following output in the "Connect to PostgreSQL" step confirming you created the PostgreSQL client and added data:
+When you run this workflow, you should see the following output in the "Connect to PostgreSQL" step, which confirms that you successfully created the PostgreSQL table and added data:
 
 ```
 null [ { id: 1,
 
@@ -38,10 +38,13 @@ Use the {% data variables.product.prodname_codeql_cli %} to analyze:
 
 For more information, see "[Running {% data variables.product.prodname_codeql_cli %} in your CI system](/code-security/secure-coding/running-codeql-cli-in-your-ci-system)."
 
+{% if currentVersion == "free-pro-team@latest" %}
+If you need to set up the CI system to orchestrate compiler invocations as well as running {% data variables.product.prodname_codeql %} analysis, you must use the {% data variables.product.prodname_codeql_runner %}.
+{% else %}
 You will need to use the {% data variables.product.prodname_codeql_runner %} if you need to:
-
 - Set up the CI system to orchestrate compiler invocations as well as running {% data variables.product.prodname_codeql %} analysis.
 - Analyze more than one language in a repository.
+{% endif %}
 
 {% data reusables.code-scanning.beta-codeql-runner %}
 
@@ -57,4 +60,3 @@ You add the {% data variables.product.prodname_codeql_runner %} to your third-pa
 
 To set up code scanning in your CI system, see "[Running {% data variables.product.prodname_codeql_runner %} in your CI system](/code-security/secure-coding/running-codeql-runner-in-your-ci-system)."
 {% endif %}
-
 
@@ -223,6 +223,35 @@ jobs:
 ```
 {% endif %}
 
+{% if currentVersion == "free-pro-team@latest" %}
+### Configuring a category for the analysis
+
+Use `category` to distinguish between multiple analyses for the same tool and commit, but performed on different languages or different parts of the code. The category you specify in your workflow will be included in the SARIF results file. 
+
+This parameter is particularly useful if you work with monorepos and have multiple SARIF files for different components of the monorepo.
+
+{% raw %}
+``` yaml
+   - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze
+      with:
+      # Optional. Specify a category to distinguish between multiple analyses
+      # for the same tool and ref. If you don't use `category` in your workflow, 
+      # GitHub will generate a default category name for you
+       category: "my_category"
+```
+{% endraw %}
+
+If you don't specify a `category` parameter in your workflow, {% data variables.product.prodname_dotcom %} will generate a category name for you, based on the name of the workflow file triggering the action, the action name, and any matrix variables. For example:
+- The `.github/workflows/codeql-analysis.yml` workflow and the `analyze` action will produce the category `.github/workflows/codeql.yml:analyze`.
+- The `.github/workflows/codeql-analysis.yml` workflow, the `analyze` action, and the `{language: javascript, os: linux}` matrix variables will produce the category `.github/workflows/codeql-analysis.yml:analyze/language:javascript/os:linux`.
+
+The `category` value will appear as the `<run>.automationDetails.id` property in SARIF v2.1.0. For more information, see "[SARIF support for {% data variables.product.prodname_code_scanning %}](/code-security/secure-coding/sarif-support-for-code-scanning#runautomationdetails-object)." 
+
+Your specified category will not overwrite the details of the `runAutomationDetails` object in the SARIF file, if included.
+
+{% endif %}
+
 ### Running additional queries
 
 {% data reusables.code-scanning.run-additional-queries %}
 
@@ -174,7 +174,8 @@ Analyzes the code in the {% data variables.product.prodname_codeql %} databases
 | `--no-upload` | | None. Stops the {% data variables.product.prodname_codeql_runner %} from uploading the results to {% data variables.product.product_name %}. |
 | `--output-dir` | | Directory where the output SARIF files are stored. The default is in the directory of temporary files. |
 | `--ram` | | Amount of memory to use when running queries. The default is to use all available memory. |
-| <nobr>`--no-add-snippets`</nobr> | | None. Excludes code snippets from the SARIF output. |
+| <nobr>`--no-add-snippets`</nobr> | | None. Excludes code snippets from the SARIF output. |{% if currentVersion == "free-pro-team@latest" %}
+| <nobr>`--category`<nobr> | | Category to include in the SARIF results file for this analysis. A category can be used to distinguish multiple analyses for the same tool and commit, but performed on different languages or different parts of the code. This value will appear in the `<run>.automationDetails.id` property in SARIF v2.1.0. |{% endif %}
 | `--threads` | | Number of threads to use when running queries. The default is to use all available cores. |
 | `--temp-dir` | | Directory where temporary files are stored. The default is `./codeql-runner`. |
 | `--debug` | | None. Prints more verbose output. |
 
@@ -150,7 +150,8 @@ For more information and examples, see [Creating {% data variables.product.prodn
 | `<database>` | {% octicon "check-circle-fill" aria-label="Required" %} | Specify the path for the directory that contains the {% data variables.product.prodname_codeql %} database to analyze. |
 | `<queries>` | {% octicon "check-circle-fill" aria-label="Required" %} | Specify the queries to run. To run the standard queries used for {% data variables.product.prodname_code_scanning %}, use: `<language>-code-scanning.qls` where `<language>` is the short code for the language of the database. To see the other query suites included in the {% data variables.product.prodname_codeql_cli %} bundle look in `/extraction-root/codeql/qlpacks/codeql-<language>/codeql-suites`. For information about creating your own query suite, see [Creating CodeQL query suites](https://codeql.github.com/docs/codeql-cli/creating-codeql-query-suites/) in the documentation for the {% data variables.product.prodname_codeql_cli %}.
 | <nobr>`--format`</nobr> | {% octicon "check-circle-fill" aria-label="Required" %} | Specify the format for the results file generated by the command. For upload to {% data variables.product.company_short %} this should be: {% if currentVersion == "free-pro-team@latest" %}`sarif-latest`{% else %}`sarifv2.1.0`{% endif %}. For more information, see "[SARIF support for {% data variables.product.prodname_code_scanning %}](/code-security/secure-coding/sarif-support-for-code-scanning)."
-| <nobr>`--output`</nobr> | {% octicon "check-circle-fill" aria-label="Required" %} | Specify where to save the SARIF results file.
+| <nobr>`--output`</nobr> | {% octicon "check-circle-fill" aria-label="Required" %} | Specify where to save the SARIF results file.{% if currentVersion == "free-pro-team@latest" %}
+| <nobr>`--sarif-category`<nobr> | | Optional. Specify a category to include in the SARIF results  file for this analysis. A category can be used to distinguish multiple analyses for the same tool and commit, but performed on different languages or different parts of the code. This value will appear in the `<run>.automationId` property in SARIF v1, the `<run>.automationLogicalId` property in SARIF v2, and the `<run>.automationDetails.id` property in SARIF v2.1.0. |{% endif %}
 | <nobr>`--threads`</nobr> | | Optional. Use if you want to use more than one thread to run queries. The default value is `1`. You can specify more threads to speed up query execution. To set the number of threads to the number of logical processors, specify `0`.
 
 For more information, see [Analyzing databases with the {% data variables.product.prodname_codeql_cli %}](https://codeql.github.com/docs/codeql-cli/analyzing-databases-with-the-codeql-cli/) in the documentation for the {% data variables.product.prodname_codeql_cli %}.