github · docs-bot · Jul 15, 2025 · Jul 15, 2025 · Jul 15, 2025 · Jul 15, 2025
diff --git a/...tication/keeping-your-account-and-data-secure/about-authentication-to-github.md b/...tication/keeping-your-account-and-data-secure/about-authentication-to-github.md
@@ -20,7 +20,7 @@ To keep your account secure, you must authenticate before you can access certain
 You can access your resources in {% data variables.product.github %} in a variety of ways: in the browser, via {% data variables.product.prodname_desktop %} or another desktop application, with the API, or via the command line. Each way of accessing {% data variables.product.github %} supports different modes of authentication.
 {%- ifversion not fpt %}
 * Your identity provider (IdP){% endif %}
-* Username and password with two-factor authentication, or a passkey
+* Username and password (or social login) with two-factor authentication, or a passkey ({% data variables.product.prodname_free_user %}, and {% data variables.product.prodname_ghe_cloud %} only)
 * {% data variables.product.pat_generic_caps %}
 * SSH key
 
@@ -46,9 +46,13 @@ If you need to use multiple accounts on {% data variables.location.product_locat
 
 * **Username and password only**
   * You'll create a password when you create your account on {% data variables.product.github %}. We recommend that you use a password manager to generate a random and unique password. For more information, see [AUTOTITLE](/authentication/keeping-your-account-and-data-secure/creating-a-strong-password).{% ifversion fpt or ghec %}
-  * If you have not enabled 2FA, {% data variables.product.github %} may ask for additional verification when you first sign in from a new or unrecognized device, such as a new browser profile, a browser where the cookies have been deleted, or a new computer. For more information, see [AUTOTITLE](/authentication/keeping-your-account-and-data-secure/verifying-new-devices-when-signing-in).{% endif %}
+  * If you have not enabled 2FA, {% data variables.product.github %} may ask for additional verification when you first sign in from a new or unrecognized device, such as a new browser profile, a browser where the cookies have been deleted, or a new computer. For more information, see [AUTOTITLE](/authentication/keeping-your-account-and-data-secure/verifying-new-devices-when-signing-in).{% endif %} {% ifversion fpt or ghec %}
+* **Social login**
+  * You'll authenticate with one of the supported social login providers (currently only Google is supported) when you create your account on {% data variables.product.github %}. We recommend that you also configure 2FA and add a passkey or a password as an additional account recovery mechanism.
+  * If you have an existing account created with a password, you can add your social login email to the account. This allows you to use your social login identity as a first-factor (password) replacement when you sign in to {% data variables.product.github %}.
+  * You can unlink your social login identities from your {% data variables.product.github %} email settings page. For more information, see [AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-personal-account/unlinking-your-email-address-from-a-locked-account) {% endif %}
 * **Two-factor authentication (2FA)** (recommended)
-  * If you enable 2FA, after you successfully enter your username and password, we'll also prompt you to provide a code that's generated by a time-based one time password (TOTP) application on your mobile device{% ifversion fpt or ghec %} or sent as a text message (SMS).{% endif %}{% ifversion 2fa-check-up-period %}
+  * If you enable two-factor authentication (2FA), after you sign in with social login or your username and password, you'll be prompted to enter a code from a time-based one-time password (TOTP) application on your mobile device{% ifversion fpt or ghec %} or sent as a text message (SMS).{% endif %}{% ifversion 2fa-check-up-period %}
   * After you configure 2FA, your account enters a check up period for 28 days. You can leave the check up period by successfully performing 2FA within those 28 days. If you don't perform 2FA in that timespan, you'll then be asked to perform 2FA inside one of your existing {% data variables.product.prodname_dotcom %} sessions.
   * If you cannot perform 2FA to pass the 28th day checkup, you will be provided a shortcut that lets you reconfigure your 2FA settings. You must reconfigure your settings before you can access the rest of {% data variables.product.prodname_dotcom %}{% endif %}. For more information, see [AUTOTITLE](/authentication/securing-your-account-with-two-factor-authentication-2fa/accessing-github-using-two-factor-authentication#providing-a-2fa-code-when-signing-in-to-the-website){% ifversion 2fa-check-up-period %} and [AUTOTITLE](/authentication/securing-your-account-with-two-factor-authentication-2fa/configuring-two-factor-authentication){% endif %}.
   * In addition to authentication with a TOTP application{% ifversion fpt or ghec %} or a text message{% endif %}, you can optionally add an alternative method of authentication with {% ifversion fpt or ghec %}{% data variables.product.prodname_mobile %} or{% endif %} a security key using WebAuthn. See {% ifversion fpt or ghec %}[Configuring two-factor authentication using {% data variables.product.prodname_mobile %}](/authentication/securing-your-account-with-two-factor-authentication-2fa/configuring-two-factor-authentication#configuring-two-factor-authentication-using-github-mobile) or {% endif %}[Configuring two-factor authentication using a security key](/authentication/securing-your-account-with-two-factor-authentication-2fa/configuring-two-factor-authentication#configuring-two-factor-authentication-using-a-security-key).

diff --git a/content/authentication/keeping-your-account-and-data-secure/sudo-mode.md b/content/authentication/keeping-your-account-and-data-secure/sudo-mode.md
@@ -52,6 +52,7 @@ To confirm access for sudo mode, you can authenticate with your password. Option
 {%- endif %}
 * [Confirming access using a 2FA code](#confirming-access-using-a-2fa-code)
 * [Confirming access using your password](#confirming-access-using-your-password)
+* [Confirming access using your social login email](#confirming-access-using-your-social-login-email)
 
 ### Confirming access using a passkey
 
@@ -87,3 +88,9 @@ When prompted to authenticate for sudo mode, type the authentication code from y
 ### Confirming access using your password
 
 When prompted to authenticate for sudo mode, type your password, then click **Confirm**.
+
+### Confirming access using your social login email
+
+Before you can access sudo mode, you must first configure social login. For more information, see [AUTOTITLE](/authentication/keeping-your-account-and-data-secure/about-authentication-to-github).
+
+When prompted to authenticate for sudo mode, type the authentication code sent to your social login email account, then click **Verify**.
diff --git a/content/get-started/start-your-journey/creating-an-account-on-github.md b/content/get-started/start-your-journey/creating-an-account-on-github.md
@@ -22,6 +22,8 @@ topics:
 
 To get started with {% data variables.product.prodname_dotcom %}, you'll need to create a free personal account and verify your email address.
 
+You can also authenticate with the supported social login providers (currently only Google is supported) when you create your account on {% data variables.product.prodname_dotcom %}.
+
 {% data reusables.accounts.your-personal-account %}
 
 Later, you can explore the different types of accounts that {% data variables.product.prodname_dotcom %} offers, and decide if you need a billing plan. For more information, see [AUTOTITLE](/get-started/learning-about-github/types-of-github-accounts) and [AUTOTITLE](/get-started/learning-about-github/githubs-plans).
@@ -32,6 +34,7 @@ Note that the steps in this article don't apply to {% data variables.product.pro
 
 1. Navigate to https://github.com/.
 1. Click **Sign up**.
+1. Alternatively, click on **Continue with Google** to sign up using social login.
 1. Follow the prompts to create your personal account.
 
 During sign up, you'll be asked to verify your email address. Without a verified email address, you won't be able to complete some basic {% data variables.product.prodname_dotcom %} tasks, such as creating a repository.

diff --git a/content/get-started/using-github/github-mobile.md b/content/get-started/using-github/github-mobile.md
@@ -52,6 +52,18 @@ You can be simultaneously signed into mobile with multiple accounts on {% data v
 
 {% data variables.product.prodname_mobile %} may not work with your enterprise if you're required to access your enterprise over VPN.
 
+### Signing in with social login
+
+> [!NOTE]
+> Social login is only available for {% data variables.product.prodname_free_user %} and {% data variables.product.prodname_ghe_cloud %} users
+
+You can sign in to {% data variables.product.prodname_mobile %} using a supported social login provider. Currently, only Google is supported for social login on the {% data variables.product.prodname_mobile %} for Android. To use this option, make sure you originally created your {% data variables.product.github %} account using Google.
+
+For iOS users, social login with Google is not supported in {% data variables.product.prodname_mobile %}. Follow the steps below to sign in to {% data variables.product.prodname_mobile %} on iOS using an account that was created with Google:
+1. Open the native web browser Safari and sign in to your {% data variables.product.github %} account.
+1. Authorize {% data variables.product.prodname_mobile %} in your browser when prompted.
+1. If you are unable to sign in through your browser, you can set a password or passkey for your {% data variables.product.github %} account on {% data variables.product.github %}. After setting a password or passkey, use your username and password with two-factor authentication, or a passkey, to sign in to {% data variables.product.prodname_mobile %}.
+
 ### Prerequisites for {% data variables.enterprise.data_residency_site %} accounts
 
 To access accounts on {% data variables.enterprise.data_residency %} using {% data variables.product.prodname_mobile %}, you need to install {% data variables.product.prodname_mobile %} with at least version iOS 1.182.0 or Android 1.178.0.
@@ -105,5 +117,5 @@ You can submit feature requests or other feedback for {% data variables.product.
 If you're testing a {% data variables.release-phases.public_preview %} release of {% data variables.product.prodname_mobile %} for iOS using TestFlight, you can leave the {% data variables.release-phases.public_preview %} at any time.
 
 1. On your iOS device, open the TestFlight app.
-1. Under "Apps", tap **{% data variables.product.prodname_dotcom %}**.
+1. Under "Apps," tap **{% data variables.product.prodname_dotcom %}**.
 1. At the bottom of the page, tap **Stop Testing**.
diff --git a/src/graphql/scripts/build-changelog.js b/src/graphql/scripts/build-changelog.js
@@ -273,6 +273,7 @@ const CHANGES_TO_REPORT = [
   ChangeType.SchemaQueryTypeChanged,
   ChangeType.SchemaMutationTypeChanged,
   ChangeType.SchemaSubscriptionTypeChanged,
+  ChangeType.DirectiveUsageFieldDefinitionRemoved,
 ]
 
 const CHANGES_TO_IGNORE = [

diff --git a/src/secret-scanning/data/public-docs.yml b/src/secret-scanning/data/public-docs.yml
@@ -530,6 +530,17 @@
   hasPushProtection: true
   hasValidityCheck: false
   isduplicate: false
+- provider: Azure
+  supportedSecret: Azure Fluid Relay Key
+  secretType: azure_fluid_relay_key
+  versions:
+    fpt: '*'
+    ghec: '*'
+  isPublic: true
+  isPrivateWithGhas: true
+  hasPushProtection: true
+  hasValidityCheck: false
+  isduplicate: false
 - provider: Azure
   supportedSecret: Azure Function Key
   secretType: azure_function_key
@@ -637,6 +648,17 @@
   hasPushProtection: true
   hasValidityCheck: false
   isduplicate: false
+- provider: Azure
+  supportedSecret: Azure Mixed Reality Key
+  secretType: azure_mixed_reality_key
+  versions:
+    fpt: '*'
+    ghec: '*'
+  isPublic: true
+  isPrivateWithGhas: true
+  hasPushProtection: true
+  hasValidityCheck: false
+  isduplicate: false
 - provider: Azure
   supportedSecret: Azure ML Inference Key
   secretType: azure_ml_inference_identifiable_key
@@ -755,6 +777,17 @@
   hasPushProtection: false
   hasValidityCheck: false
   isduplicate: false
+- provider: Azure
+  supportedSecret: Azure SignalR Key
+  secretType: azure_signalr_key
+  versions:
+    fpt: '*'
+    ghec: '*'
+  isPublic: true
+  isPrivateWithGhas: true
+  hasPushProtection: true
+  hasValidityCheck: false
+  isduplicate: true
 - provider: Azure
   supportedSecret: Azure SQL Connection String
   secretType: azure_sql_connection_string
@@ -767,6 +800,17 @@
   hasPushProtection: false
   hasValidityCheck: false
   isduplicate: false
+- provider: Azure
+  supportedSecret: Azure SQL Internal Default CloudSA Key
+  secretType: azure_sql_internal_default_cloudsa_key
+  versions:
+    fpt: '*'
+    ghec: '*'
+  isPublic: true
+  isPrivateWithGhas: false
+  hasPushProtection: false
+  hasValidityCheck: false
+  isduplicate: false
 - provider: Azure
   supportedSecret: Azure SQL password
   secretType: azure_sql_password
@@ -945,6 +989,105 @@
   hasPushProtection: true
   hasValidityCheck: false
   isduplicate: false
+- provider: Buildkite
+  supportedSecret: Buildkite Agent Access Token
+  secretType: buildkite_agent_access_token
+  versions:
+    fpt: '*'
+    ghec: '*'
+  isPublic: true
+  isPrivateWithGhas: true
+  hasPushProtection: false
+  hasValidityCheck: false
+  isduplicate: false
+- provider: Buildkite
+  supportedSecret: Buildkite Agent Job Token
+  secretType: buildkite_agent_job_token
+  versions:
+    fpt: '*'
+    ghec: '*'
+  isPublic: true
+  isPrivateWithGhas: true
+  hasPushProtection: false
+  hasValidityCheck: false
+  isduplicate: false
+- provider: Buildkite
+  supportedSecret: Buildkite Agent Registration Token
+  secretType: buildkite_agent_registration_token
+  versions:
+    fpt: '*'
+    ghec: '*'
+  isPublic: true
+  isPrivateWithGhas: true
+  hasPushProtection: false
+  hasValidityCheck: false
+  isduplicate: false
+- provider: Buildkite
+  supportedSecret: Buildkite Cluster Queue Token
+  secretType: buildkite_cluster_queue_token
+  versions:
+    fpt: '*'
+    ghec: '*'
+  isPublic: true
+  isPrivateWithGhas: true
+  hasPushProtection: false
+  hasValidityCheck: false
+  isduplicate: false
+- provider: Buildkite
+  supportedSecret: Buildkite Cluster Token
+  secretType: buildkite_cluster_token
+  versions:
+    fpt: '*'
+    ghec: '*'
+  isPublic: true
+  isPrivateWithGhas: true
+  hasPushProtection: false
+  hasValidityCheck: false
+  isduplicate: false
+- provider: Buildkite
+  supportedSecret: Buildkite Packages Registry Token
+  secretType: buildkite_packages_registry_token
+  versions:
+    fpt: '*'
+    ghec: '*'
+  isPublic: true
+  isPrivateWithGhas: true
+  hasPushProtection: false
+  hasValidityCheck: false
+  isduplicate: false
+- provider: Buildkite
+  supportedSecret: Buildkite Packages Temporary Token
+  secretType: buildkite_packages_temporary_token
+  versions:
+    fpt: '*'
+    ghec: '*'
+  isPublic: true
+  isPrivateWithGhas: true
+  hasPushProtection: false
+  hasValidityCheck: false
+  isduplicate: false
+- provider: Buildkite
+  supportedSecret: Buildkite Portal Secret
+  secretType: buildkite_portal_secret
+  versions:
+    fpt: '*'
+    ghec: '*'
+  isPublic: true
+  isPrivateWithGhas: true
+  hasPushProtection: false
+  hasValidityCheck: false
+  isduplicate: false
+- provider: Buildkite
+  supportedSecret: Buildkite Portal Token
+  secretType: buildkite_portal_token
+  versions:
+    fpt: '*'
+    ghec: '*'
+  isPublic: true
+  isPrivateWithGhas: true
+  hasPushProtection: false
+  hasValidityCheck: false
+  isduplicate: false
 - provider: Buildkite
   supportedSecret: Buildkite User Access Token
   secretType: buildkite_user_access_token

diff --git a/src/secret-scanning/lib/config.json b/src/secret-scanning/lib/config.json
@@ -1,5 +1,5 @@
 {
-  "sha": "aac09ec57fa0c6167e20c7d9895d56caa97f4f5f",
-  "blob-sha": "9d7b8f2eaea28aab49e0f9d4190b9cd16cfcbc1f",
+  "sha": "4ee8d2a67d1b6fb5cd0b70eda806cae6d5090507",
+  "blob-sha": "8dddddad0d62725930bd1d5c4e3108d413220b88",
   "targetFilename": "code-security/secret-scanning/introduction/supported-secret-scanning-patterns"
 }