github · docs-bot · Jan 28, 2026 · Jan 28, 2026 · Jan 28, 2026 · Jan 28, 2026
diff --git a/...e-managed-users/configuring-saml-single-sign-on-for-enterprise-managed-users.md b/...e-managed-users/configuring-saml-single-sign-on-for-enterprise-managed-users.md
@@ -114,7 +114,7 @@ After the initial configuration of SAML SSO, the only setting you can update on
 1. Under **Public Certificate**, paste the certificate that you noted while configuring your IdP, to verify SAML responses.
 
    > [!NOTE]
-   > {% data variables.product.github %} does not enforce the expiration of this SAML IdP certificate. This means that even if this certificate expires, your SAML authentication will continue to work. However, if your IdP administrator regenerates the SAML certificate, and you don't update it on the {% data variables.product.github %} side, users will encounter a `digest mismatch` error during SAML authentication attempts due to the certificate mismatch. See [Error: Digest mismatch](/admin/managing-iam/using-saml-for-enterprise-iam/troubleshooting-saml-authentication#error-digest-mismatch).
+   > {% data variables.product.github %} does not enforce the expiration of this SAML IdP certificate. This means that even if this certificate expires, your SAML authentication will continue to work. However, {% data variables.product.github %}'s recommendation is to update the certificate before it expires. We will accept a SAML response signed with an expired certificate, but we cannot comment on how the certificate expiring will be handled at the identity provider level. If your IdP administrator regenerates the SAML certificate, and you don't update it on the {% data variables.product.github %} side, users will encounter a `digest mismatch` error during SAML authentication attempts due to the certificate mismatch. See [Error: Digest mismatch](/admin/managing-iam/using-saml-for-enterprise-iam/troubleshooting-saml-authentication#error-digest-mismatch).
 1. Under the same **Public Certificate** section, select the **Signature Method** and **Digest Method** dropdown menus, then click the hashing algorithm used by your SAML issuer.
 1. Before enabling SAML SSO for your enterprise, to ensure that the information you've entered is correct, click **Test SAML configuration**. {% data reusables.saml.test-must-succeed %}
 1. Click **Save SAML settings**.

diff --git a/...security/concepts/secret-security/about-delegated-bypass-for-push-protection.md b/...security/concepts/secret-security/about-delegated-bypass-for-push-protection.md
@@ -33,7 +33,7 @@ With delegated bypass for push protection, you can:
 
 To set up delegated bypass, organization owners or repository administrators create a list of users with bypass privileges. This designated list of users can then:
 * Bypass push protection, by specifying a reason for bypassing the block.
-* Manage (approve or deny) bypass requests coming from all other contributors. These requests are located in the "Push protection bypass" page in the **Security** tab of the repository, and will expire after 7 days.
+* Manage (approve or deny) bypass requests coming from all other contributors. These requests are located in the "Push protection bypass" page in the **Security** tab of the repository, and will expire after 7 days. For more information about bypass requests, see [AUTOTITLE](/code-security/concepts/secret-security/about-bypass-requests-for-push-protection).
 
 The following types of users can always bypass push protection without having to request bypass privileges:
 * Organization owners

diff --git a/...erage/filtering-repositories-in-your-organization-using-the-repository-table.md b/...erage/filtering-repositories-in-your-organization-using-the-repository-table.md
@@ -15,9 +15,7 @@ redirect_from:
 contentType: how-tos
 ---
 
-## About filtering repositories in your organization
-
-By default, when managing {% data variables.product.prodname_security_configurations %} for repositories in your organization, the repository table displays all repositories in your organization. You can filter the repository table to help you apply and detach {% data variables.product.prodname_security_configurations %}, as well as manage {% data variables.product.prodname_AS %} license usage in your organization.
+You can filter the repository table in your organization to quickly find and manage specific repositories when applying {% data variables.product.prodname_security_configurations %} or managing {% data variables.product.prodname_AS %} license usage in the organization. This article explains how to use filters in the repository table.
 
 ## Filtering the repository table with the search bar
 

diff --git a/...t/code-security/reference/supply-chain-security/dependabot-options-reference.md b/...t/code-security/reference/supply-chain-security/dependabot-options-reference.md
@@ -704,7 +704,7 @@ updates:
 
 ### `timezone`
 
-Specify a time zone for the `time` value.
+Specify a time zone for the `time` value. The default time zone is `UTC`.
 
 The time zone identifier must match a timezone in the database maintained by [iana](https://www.iana.org/time-zones), see [List of tz database time zones](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones).
 

diff --git a/content/copilot/reference/copilot-allowlist-reference.md b/content/copilot/reference/copilot-allowlist-reference.md
@@ -329,6 +329,7 @@ The allowlist allows access to the following hosts:
 * `playwright.azureedge.net`
 * `playwright-akamai.azureedge.net`
 * `playwright-verizon.azureedge.net`
+* `storage.googleapis.com/chrome-for-testing-public`
 
 ### Linux Package Managers: Ubuntu