outaidage
diff --git a/‎components/context/ProductLandingContext.tsx
-2 b/‎components/context/ProductLandingContext.tsx
-2
diff --git a/‎components/landing/CodeExampleCard.tsx
+4-1 b/‎components/landing/CodeExampleCard.tsx
+4-1
diff --git a/‎components/landing/FeaturedArticles.tsx
+5-9 b/‎components/landing/FeaturedArticles.tsx
+5-9
diff --git a/‎components/landing/ProductLanding.tsx
+1-1 b/‎components/landing/ProductLanding.tsx
+1-1
diff --git a/‎content/actions/index.md
+1-1 b/‎content/actions/index.md
+1-1
diff --git a/‎content/code-security/guides.md
+78 b/‎content/code-security/guides.md
+78
diff --git a/‎content/code-security/index.md
+48-2 b/‎content/code-security/index.md
+48-2
diff --git a/‎content/code-security/secure-coding/using-codeql-code-scanning-with-your-existing-ci-system/index.md
+1-1 b/‎content/code-security/secure-coding/using-codeql-code-scanning-with-your-existing-ci-system/index.md
+1-1
diff --git a/‎content/codespaces/index.md
+1 b/‎content/codespaces/index.md
+1
diff --git a/‎content/discussions/index.md
+1-1 b/‎content/discussions/index.md
+1-1
diff --git a/‎content/sponsors/index.md
+1 b/‎content/sponsors/index.md
+1
diff --git a/‎data/learning-tracks/README.md
+22 b/‎data/learning-tracks/README.md
+22
@@ -48,7 +48,6 @@ export type ProductLandingContextT = {
     viewAllHref?: string // If provided, adds a "View All ->" to the header
     articles: Array<FeaturedLink>
   }>
-  changelog: { label: string; prefix: string }
   changelogUrl?: string
   whatsNewChangelog?: Array<{ href: string; title: string; date: string }>
   tocItems: Array<TocItem>
@@ -85,7 +84,6 @@ export const getProductLandingContextFromRequest = (req: any): ProductLandingCon
       'beta_product',
       'intro',
       'product_video',
-      'changelog',
     ]),
     product: {
       href: productTree.href,
 
@@ -1,5 +1,6 @@
 import { RepoIcon } from '@primer/octicons-react'
 import { CodeExample } from 'components/context/ProductLandingContext'
+import { TruncateLines } from 'components/TruncateLines'
 
 type Props = {
   example: CodeExample
@@ -28,7 +29,9 @@ export const CodeExampleCard = ({ example }: Props) => {
       </div>
       <footer className="border-top p-4 color-text-secondary d-flex flex-items-center">
         <RepoIcon className="flex-shrink-0" />
-        <span className="ml-2 text-mono text-small color-text-link">{example.href}</span>
+        <TruncateLines as="span" maxLines={1} className="ml-2 text-mono text-small color-text-link line-break-anywhere">
+          {example.href}
+        </TruncateLines>
       </footer>
     </a>
   )
 
@@ -8,12 +8,8 @@ import { useTranslation } from 'components/hooks/useTranslation'
 import { TruncateLines } from 'components/TruncateLines'
 
 export const FeaturedArticles = () => {
-  const {
-    featuredArticles = [],
-    changelog,
-    whatsNewChangelog,
-    changelogUrl,
-  } = useProductLandingContext()
+  const { featuredArticles = [], whatsNewChangelog, changelogUrl } = useProductLandingContext()
+  const hasWhatsNewChangelog = whatsNewChangelog && whatsNewChangelog.length > 0
   const { t } = useTranslation('toc')
 
   return (
@@ -22,7 +18,7 @@ export const FeaturedArticles = () => {
         return (
           <div
             key={section.label + i}
-            className={cx('col-12 mb-4 mb-lg-0', changelog ? 'col-lg-4' : 'col-lg-6')}
+            className={cx('col-12 mb-4 mb-lg-0', hasWhatsNewChangelog ? 'col-lg-4' : 'col-lg-6')}
           >
             <ArticleList
               title={section.label}
@@ -33,8 +29,8 @@ export const FeaturedArticles = () => {
         )
       })}
 
-      {changelog && (
-        <div className={cx('col-12 mb-4 mb-lg-0', changelog ? 'col-lg-4' : 'col-lg-6')}>
+      {hasWhatsNewChangelog && (
+        <div className={cx('col-12 mb-4 mb-lg-0 col-lg-4')}>
           <ArticleList
             title={t('whats_new')}
             viewAllHref={changelogUrl}
 
@@ -68,7 +68,7 @@ export const ProductLanding = () => {
         </div>
       )}
 
-      <LandingSection sectionLink="all-docs" title={`All ${shortTitle} Docs`}>
+      <LandingSection sectionLink="all-docs" title={`All ${shortTitle} docs`}>
         <ProductArticlesList />
       </LandingSection>
     </DefaultLayout>
 
@@ -24,6 +24,7 @@ featuredLinks:
 changelog:
   label: actions
   prefix: 'GitHub Actions: '
+examples_source: data/product-examples/actions/code-examples.yml
 product_video: 'https://www.youtube-nocookie.com/embed/cP0I9w2coGU'
 redirect_from:
   - /articles/automating-your-workflow-with-github-actions/
@@ -47,4 +48,3 @@ children:
   - /hosting-your-own-runners
   - /reference
 ---
-
@@ -0,0 +1,78 @@
+---
+title: Guides for code security
+intro: 'Learn about the different ways that {% data variables.product.product_name %} can help you improve your code''s security.'
+allowTitleToDifferFromFilename: true
+layout: product-sublanding
+versions:
+  free-pro-team: '*'
+  enterprise-server: '>=3.0'
+  github-ae: '*'
+
+learningTracks:
+  - security_advisories
+  - dependabot_alerts
+  - dependabot_security_updates
+  - dependency_version_updates
+  - security_alerts
+  - secret_scanning
+  - code_security_actions
+  - code_security_ci
+  - code_security_integration
+
+includeGuides:
+  - /code-security/getting-started/adding-a-security-policy-to-your-repository
+  - /code-security/getting-started/github-security-features
+  - /code-security/getting-started/securing-your-organization
+  - /code-security/getting-started/securing-your-repository
+  - /code-security/secret-security/about-secret-scanning
+  - /code-security/secret-security/configuring-secret-scanning-for-your-repositories
+  - /code-security/secret-security/managing-alerts-from-secret-scanning
+  - /code-security/secure-coding/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning
+  - /code-security/secure-coding/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning
+  - /code-security/secure-coding/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-the-codeql-workflow-for-compiled-languages
+  - /code-security/secure-coding/automatically-scanning-your-code-for-vulnerabilities-and-errors/managing-code-scanning-alerts-for-your-repository
+  - /code-security/secure-coding/automatically-scanning-your-code-for-vulnerabilities-and-errors/running-codeql-code-scanning-in-a-container
+  - /code-security/secure-coding/automatically-scanning-your-code-for-vulnerabilities-and-errors/setting-up-code-scanning-for-a-repository
+  - /code-security/secure-coding/automatically-scanning-your-code-for-vulnerabilities-and-errors/triaging-code-scanning-alerts-in-pull-requests
+  - /code-security/secure-coding/automatically-scanning-your-code-for-vulnerabilities-and-errors/troubleshooting-the-codeql-workflow
+  - /code-security/secure-coding/integrating-with-code-scanning/about-integration-with-code-scanning
+  - /code-security/secure-coding/integrating-with-code-scanning/sarif-support-for-code-scanning
+  - /code-security/secure-coding/integrating-with-code-scanning/uploading-a-sarif-file-to-github
+  - /code-security/secure-coding/using-codeql-code-scanning-with-your-existing-ci-system/about-codeql-code-scanning-in-your-ci-system
+  - /code-security/secure-coding/using-codeql-code-scanning-with-your-existing-ci-system/configuring-codeql-runner-in-your-ci-system
+  - /code-security/secure-coding/using-codeql-code-scanning-with-your-existing-ci-system/running-codeql-cli-in-your-ci-system
+  - /code-security/secure-coding/using-codeql-code-scanning-with-your-existing-ci-system/running-codeql-runner-in-your-ci-system
+  - /code-security/secure-coding/using-codeql-code-scanning-with-your-existing-ci-system/troubleshooting-codeql-runner-in-your-ci-system
+  - /code-security/security-advisories/about-coordinated-disclosure-of-security-vulnerabilities
+  - /code-security/security-advisories/about-github-security-advisories
+  - /code-security/security-advisories/adding-a-collaborator-to-a-security-advisory
+  - /code-security/security-advisories/collaborating-in-a-temporary-private-fork-to-resolve-a-security-vulnerability
+  - /code-security/security-advisories/creating-a-security-advisory
+  - /code-security/security-advisories/editing-a-security-advisory
+  - /code-security/security-advisories/permission-levels-for-security-advisories
+  - /code-security/security-advisories/publishing-a-security-advisory
+  - /code-security/security-advisories/removing-a-collaborator-from-a-security-advisory
+  - /code-security/security-advisories/withdrawing-a-security-advisory
+  - /code-security/security-overview/exploring-security-alerts
+  - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/about-dependabot-version-updates
+  - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates
+  - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/customizing-dependency-updates
+  - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-version-updates
+  - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/keeping-your-actions-up-to-date-with-dependabot
+  - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/listing-dependencies-configured-for-version-updates
+  - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-encrypted-secrets-for-dependabot
+  - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-pull-requests-for-dependency-updates
+  - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/upgrading-from-dependabotcom-to-github-native-dependabot
+  - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies
+  - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates
+  - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-managing-vulnerable-dependencies
+  - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/browsing-security-vulnerabilities-in-the-github-advisory-database
+  - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-dependabot-security-updates
+  - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-notifications-for-vulnerable-dependencies
+  - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-dependabot-errors
+  - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-the-detection-of-vulnerable-dependencies
+  - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/viewing-and-updating-vulnerable-dependencies-in-your-repository
+  - /code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review
+  - /code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph
+  - /code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository
+---
@@ -1,7 +1,52 @@
 ---
 title: Code security
 shortTitle: Code security
-intro: Learn how to keep the code stored in your repositories secure.
+intro: 'Build security into your {% data variables.product.prodname_dotcom %} workflow with features to keep secrets and vulnerabilities out of your codebase{% if currentVersion != "github-ae@latest" %}, and to maintain your software supply chain{% endif %}.'
+
+introLinks:
+  overview: /code-security/getting-started/github-security-features
+
+featuredLinks:
+  guides:
+    - /code-security/getting-started/securing-your-repository
+    - /code-security/getting-started/securing-your-organization
+    - '{% if currentVersion == "free-pro-team@latest" %}/code-security/security-advisories/creating-a-security-advisory{% endif %}'
+    - '{% if enterpriseServerVersions contains currentVersion or currentVersion == "github-ae@latest" %}/code-security/secure-coding/automatically-scanning-your-code-for-vulnerabilities-and-errors/setting-up-code-scanning-for-a-repository{% endif%}'
+
+  guideCards:
+    - '{% if currentVersion == "free-pro-team@latest" %}/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-dependabot-security-updates{% endif %}'
+    - '{% if currentVersion == "free-pro-team@latest" %}/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-version-updates{% endif %}'
+    - '{% if currentVersion == "free-pro-team@latest" %}/code-security/secure-coding/automatically-scanning-your-code-for-vulnerabilities-and-errors/setting-up-code-scanning-for-a-repository{% endif %}'
+
+    - '{% if enterpriseServerVersions contains currentVersion %}/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository{% endif %}'
+    - '{% if enterpriseServerVersions contains currentVersion %}/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-notifications-for-vulnerable-dependencies{% endif %}'
+
+    - '{% if enterpriseServerVersions contains currentVersion or currentVersion == "github-ae@latest" %}/code-security/secret-security/configuring-secret-scanning-for-your-repositories{% endif %}'
+    - '{% if currentVersion == "github-ae@latest" %}/code-security/secure-coding/integrating-with-code-scanning/uploading-a-sarif-file-to-github{% endif %}'
+    - '{% if currentVersion == "github-ae@latest" %}/code-security/secure-coding/using-codeql-code-scanning-with-your-existing-ci-system{% endif %}'
+
+  popular:
+    - '{% if enterpriseServerVersions contains currentVersion %}/admin/release-notes{% endif %}'
+    - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies
+    - /code-security/security-advisories/about-coordinated-disclosure-of-security-vulnerabilities
+    - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/keeping-your-actions-up-to-date-with-dependabot
+    - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates
+    - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-encrypted-secrets-for-dependabot
+    - '{% if currentVersion == "github-ae@latest" %}/code-security/secret-security/about-secret-scanning{% endif %}'
+    - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-the-detection-of-vulnerable-dependencies
+    - '{% if enterpriseServerVersions contains currentVersion or currentVersion == "github-ae@latest" %}/code-security/secure-coding/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-the-codeql-workflow-for-compiled-languages{% endif %}'
+    - '{% if enterpriseServerVersions contains currentVersion or currentVersion == "github-ae@latest" %}/code-security/secure-coding/automatically-scanning-your-code-for-vulnerabilities-and-errors/troubleshooting-the-codeql-workflow{% endif %}'
+    - '{% if enterpriseServerVersions contains currentVersion or currentVersion == "github-ae@latest" %}/code-security/secure-coding/automatically-scanning-your-code-for-vulnerabilities-and-errors/running-codeql-code-scanning-in-a-container{% endif %}'
+
+changelog:
+  label: 'security-and-compliance'
+  versions:
+    free-pro-team: '*'
+
+examples_source: data/product-examples/code-security/code-examples.yml
+
+layout: product-landing
+
 versions:
   free-pro-team: '*'
   enterprise-server: '>=3.0'
@@ -17,5 +62,6 @@ children:
   - /security-advisories
   - /supply-chain-security
   - /security-overview
----
+  - /guides
 
+---
@@ -1,7 +1,7 @@
 ---
 title: Using CodeQL code scanning with your existing CI system
 shortTitle: CodeQL CI system support
-intro: 'The {% data variables.product.prodname_codeql_runner %} allows you to use your existing CI system to run {% data variables.product.prodname_codeql %} {% data variables.product.prodname_code_scanning %}.'
+intro: 'You can run {% data variables.product.prodname_codeql %} analysis in your existing CI system and upload the results to {% data variables.product.product_name %} for display as {% data variables.product.prodname_code_scanning %} alerts.'
 product: '{% data reusables.gated-features.code-scanning %}'
 redirect_from:
   - /github/finding-security-vulnerabilities-and-errors-in-your-code/using-codeql-code-scanning-with-your-existing-ci-system
 
@@ -28,6 +28,7 @@ redirect_from:
   - /github/developing-online-with-github-codespaces
   - /github/developing-online-with-codespaces
 layout: product-landing
+examples_source: data/product-examples/codespaces/code-examples.yml
 versions:
   free-pro-team: '*'
 children:
 
@@ -24,6 +24,7 @@ featuredLinks:
     - /discussions/managing-discussions-for-your-community/managing-categories-for-discussions-in-your-repository
 changelog:
   label: discussions
+examples_source: data/product-examples/discussions/community-examples.yml
 product_video: 'https://www.youtube-nocookie.com/embed/IpBw2SJkFyk'
 layout: product-landing
 versions:
@@ -34,4 +35,3 @@ children:
   - /collaborating-with-your-community-using-discussions
   - /managing-discussions-for-your-community
 ---
-
@@ -9,6 +9,7 @@ redirect_from:
   - /github/supporting-the-open-source-community-with-github-sponsors
 changelog:
   label: sponsors
+examples_source: data/product-examples/sponsors/user-examples.yml
 featuredLinks:
   guides:
     - /sponsors/sponsoring-open-source-contributors/managing-your-sponsorship
 
@@ -2,6 +2,8 @@
 
 Learning tracks are a collection of articles that help you master a particular subject. Learning tracks are defined on a per-product basis. For example, see https://docs.github.com/en/actions/guides.
 
+## How it works
+
 Learning track data for a product is defined in two places:
 
 1. A simple array of learning track names is defined in the product sublanding index page frontmatter.
@@ -25,6 +27,26 @@ Learning track data for a product is defined in two places:
 
     The `featured_track` property can be a simple boolean (i.e., `featured_track: true`) or it can be a string that includes versioning statements (e.g., `featured_track: '{% if currentVersion == "free-pro-team@latest" %}true{% else %}false{% endif %}'`). If you use versioning, you'll have multiple `featured_track`s per YML file, but make sure that only one will render in each currently supported version. A test will fail if there are more or less than one featured link for each version.
 
+## Versioning
+
 Versioning for learning tracks is processed at page render time. The code lives in [`lib/learning-tracks.js`](lib/learning-tracks.js), which is called by `page.render()`. The processed learning tracks are then rendered by `layouts/product-sublanding.html`.
 
+Liquid conditionals do **not** have to be used for versioning in the YAML file for guides. Only the learning track guides that apply to the current version will be rendered automatically. If there aren't any tracks with guides that belong to the current version, the learning tracks section will not render at all.
+
+Explicit versioning within a product's learning tracks YML data is supported as well. For example:
+```
+learning_track_name:
+  title: 'Learning track title'
+  description: 'Learning track description'
+  featured_track: true
+  versions:
+    enterprise-server: '>=3.0'
+  guides:
+   - /path/to/guide1
+   - /path/to/guide2
+```
+If the `versions` property is not included, it's assumed the track is available in all versions.
+
+## Schema enforcement
+
 The schema for validating the learning track YAML lives in [`tests/helpers/schemas/learning-tracks-schema.js`](tests/helpers/schemas/learning-tracks-schema.js) and is exercised by [`tests/content/lint-files.js`](tests/content/lint-files.js).