Skip to content

Repo sync #43658

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
docs-bot merged 3 commits into from
Apr 3, 2026
+24 −4
Merged

Repo sync #43658

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
2540901
Clarify requirement of SSH CA extentions on GHE.com (#60635)
catto Apr 3, 2026
a9d355b
Add LLM instructions for how to use the logger (#60632)
Ebonsignori Apr 3, 2026
31fa9b7
Increase AI search timeout from 4s to 9s (#60618)
PickHub Apr 3, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
24 changes: 22 additions & 2 deletions .github/instructions/code.instructions.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -94,13 +94,33 @@ Run the following commands to validate your changes:
8. Validate that any new or changed tests pass. See "Tests".
9. Validate that these changes meet our guidelines. See "Guidelines".
10. If you are running in agentic mode, _stop_ at this point and request review before continuing. Suggest how the human should review the changes.
11. If a branch and pull request already exist, commit and push, then _concisely_ comment on the pull request that you are GitHub Copilot and what changes you made and why.
11. If a branch and pull request already exist, commit and push, then _concisely_ comment on the pull request that you are GitHub Copilot and what changes you made and why.
12. If this is new work and no pull request exists yet, make a pull request:
- label "llm-generated"
- draft mode
- include "fixes owner/repo#issue" or "towards owner/repo#issue" as appropriate
13. If you are in agentic mode, offer to wait for CI to run and check that it passes. If the human agrees, verify in CI: `sleep 240 && gh pr checks $number`. Address all failures, don't assume they're flakes.
14. If you are in agentic mode, offer to do any or all of:
- mark the pull request as ready,
- assign the issue to the human if it is not already assigned,
- assign the issue to the human if it is not already assigned,
- _concisely_ comment on the issue explaining the change, indicating you are GitHub Copilot.

## Logger

Use `createLogger` from `@/observability/logger` instead of `console.log` in server-side code.

```typescript
import { createLogger } from "@/observability/logger";

const logger = createLogger(import.meta.url);

logger.debug("Detailed tracing");
logger.info("Normal event", { userId });
logger.warn("Recoverable issue");
logger.error("Failure", { error });
```

- Pass a plain object as the second argument to add structured context (emitted as logfmt in production).
- Never log secrets, tokens, or PII.
- Create loggers once at module scope, not inside functions.
- Do not use the logger in scripts (locally-run code); `console.log` is fine there.
2 changes: 1 addition & 1 deletion ...-access-to-your-organizations-repositories/about-ssh-certificate-authorities.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -77,7 +77,7 @@ If you have legacy CAs that are exempt from the expiration requirement, you can
If you use a username as the login extension, {% data variables.product.company_short %} validates that the named user has not been renamed since the certificate was issued. This prevents a rename attack, where a certificate issued for a username is valid even if the underlying user account changes. To enforce this, the certificate must include the `valid_after` claim, which tells us when the certificate was issued. This field is often missing if an expiration is not required for the certificate, which is why expirations are now required.
{% endif %}

To issue a certificate for someone who uses SSH to access multiple {% data variables.product.company_short %} products, you can include two login extensions to specify the username for each product. For example, the following command would issue a certificate for USERNAME-1 for the user's account for {% data variables.product.prodname_ghe_cloud %}, and USERNAME-2 for the user's account on {% data variables.product.prodname_ghe_server %} at HOSTNAME.
To issue a certificate for someone who uses SSH to access multiple {% data variables.product.company_short %} products, you can include two login extensions to specify the username for each product. For example, the following command would issue a certificate for USERNAME-1 for the user's account for {% data variables.product.prodname_ghe_cloud %}, and USERNAME-2 for the user's account on {% data variables.product.prodname_ghe_server %} or {% data variables.enterprise.data_residency %} at HOSTNAME.

```shell
ssh-keygen -s ./ca-key -V '+1d' -I KEY-IDENTITY -O extension:login@github.com=USERNAME-1 extension:login@HOSTNAME=USERNAME-2 ./user-key.pub
Expand Down
2 changes: 1 addition & 1 deletion src/search/lib/ai-search-proxy.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ import { handleExternalSearchAnalytics } from '@/search/lib/helpers/external-sea
// Maximum time (ms) to wait for the initial response from the upstream
// AI search service. Streaming may take longer once the connection is
// established, but the connect + first-byte must complete within this window.
const AI_SEARCH_TIMEOUT_MS = 4_000
const AI_SEARCH_TIMEOUT_MS = 9_000

export const aiSearchProxy = async (req: ExtendedRequest, res: Response) => {
const { query, version } = req.body ?? {}
Expand Down
Loading