Merge branch 'master' into ALA-789-doc-update-the-coverage-release-no…

…te-to-reflect-the-new-diff-page-data-source

.github/workflows/mkdocs.yml

@@ -43,7 +43,7 @@ jobs:
           mkdocs -v build
 
       - name: Upload meta descriptions artifact
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
         with:
           name: meta-descriptions
           path: ./site/meta-descriptions.csv

docs/coverage-reporter/uploading-coverage-in-advanced-scenarios.md

@@ -26,6 +26,9 @@ bash <(curl -Ls https://coverage.codacy.com/get.sh) report \
 
 You can also upload all your reports dynamically using the command `find`. For example:
 
+!!! note
+    This example works only on systems that use GNU `find` with support for the `-printf` action, such as Linux.
+
 ```bash
 bash <(curl -Ls https://coverage.codacy.com/get.sh) report \
     -l Java $(find . -name 'jacoco*.xml' -printf '-r %p ')

docs/faq/troubleshooting/why-did-codacy-stop-commenting-on-pull-requests.md

@@ -1,6 +1,16 @@
 # Why did Codacy stop commenting on pull requests?
 
-!!! info "This page applies only to GitLab and Bitbucket"
+## Outdated app permissions
+
+!!! info "This section applies to Codacy Coverage on GitHub"
+
+Coverage information is currently sent to GitHub by a new version of the Codacy Coverage engine, which depends on updated app permissions.
+
+If you stopped receiving coverage summaries on your pull requests, please [review and accept the updated Codacy app permissions on GitHub](https://docs.github.com/en/enterprise-cloud@latest/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#reviewing-permissions). For more information on the rollout of the new Coverage engine, [see the relevant release note](../../release-notes/cloud/cloud-2023-11-23-new-coverage-engine-status-checks.md).
+
+## Outdated permissions or invalid SSH key
+
+!!! info "This section applies to GitLab and Bitbucket"
 
 Different reasons can cause Codacy to stop analyzing and commenting on pull requests, but the most common is that the user who initially enabled the GitLab or Bitbucket integration no longer has permissions on the repository or that the SSH key is no longer valid.
 

docs/organizations/managing-security-and-risk.md

@@ -26,7 +26,7 @@ Each panel shows the total count of matching items and contains a **Review** but
 When viewing the dashboard, you can:
 
 -   Limit the total counts in each panel to a specific set of severities or repositories by clicking the **Severity** or **Repository** drop-downs above the main area.
--   Export a list of items as a CSV file by clicking the **Export CSV** button in the top right-hand corner of the page. The exported list always includes all items, ignoring any applied filters.
+
 -   Review the [severity assignment rules](#item-severities-and-deadlines) by clicking the **See rules** button in the top right-hand corner of the page.
 
 ![Security and risk management dashboard](images/security-risk-management-dashboard.png)
@@ -40,12 +40,19 @@ To access the item list, access the [dashboard](#dashboard) and click the **Revi
 When viewing the item list, you can:
 
 -   Update the filtering criteria by clicking the **Severity**, **Status**, or **Repository** drop-downs above the list.
+
 -   Find out more about an item by clicking its **Details** column to navigate to the item of interest on the source platform.
--   Export a list of items as a CSV file by clicking the **Export CSV** button in the top right-hand corner of the page. The exported list always includes all items, ignoring any applied filters.
+
 -   Review the [severity assignment rules](#item-severities-and-deadlines) by clicking the **See rules** button in the top right-hand corner of the page.
 
 ![Security and risk management items](images/security-risk-management-item-list.png)
 
+## Exporting the security item list
+
+!!! info "This feature is available only to organization admins and organization managers"
+
+To export a list of security items as a CSV file, click the **Export CSV** button in the top right-hand corner of the page. The exported list always includes all items, ignoring any applied filters.
+
 ## How Codacy manages security items {: id="opening-and-closing-items"}
 
 !!! important

docs/organizations/roles-and-permissions-for-organizations.md

@@ -64,6 +64,15 @@ The table below maps the GitHub Cloud and GitHub Enterprise roles to the corresp
       <td class="yes">Yes</td>
       <td class="yes">Yes</td>
     </tr>
+    <tr>
+      <td>Access Security and risk management</td>
+      <td class="no">No</td>
+      <td colspan="2" class="yes">Yes<sup>3</sup></td>
+      <td colspan="2" class="yes">Yes<sup>3</sup></td>
+      <td class="yes">Yes<sup>3</sup></td>
+      <td class="yes">Yes</td>
+      <td class="yes">Yes</td>
+    </tr>
     <tr>
       <td>Ignore issues and files,<br/>configure code patterns and file extensions,<br/>manage branches,<br/>reanalyze branches and pull requests</td>
       <td class="no">No</td>
@@ -96,7 +105,7 @@ The table below maps the GitHub Cloud and GitHub Enterprise roles to the corresp
       <td class="no">No</td>
       <td colspan="2" class="no">No</td>
       <td colspan="2" class="no">No</td>
-      <td class="yes">Yes<sup>3</sup></td>
+      <td class="yes">Yes<sup>4</sup></td>
       <td class="maybe">Inherits original permission</td>
       <td class="yes">Yes</td>
     </tr>
@@ -118,15 +127,6 @@ The table below maps the GitHub Cloud and GitHub Enterprise roles to the corresp
       <td class="yes">Yes</td>
       <td class="yes">Yes</td>
     </tr>
-    <tr>
-      <td>Access Security and risk management</td>
-      <td class="no">No</td>
-      <td colspan="2" class="no">No</td>
-      <td colspan="2" class="no">No</td>
-      <td class="no">No</td>
-      <td class="yes">Yes</td>
-      <td class="yes">Yes</td>
-    </tr>
     <tr>
       <td>Invite and accept members,<br/>modify billing</td>
       <td class="no">No</td>
@@ -150,7 +150,8 @@ The table below maps the GitHub Cloud and GitHub Enterprise roles to the corresp
 
 <sup>1</sup>: Outside collaborators aren't supported as members of organizations on Codacy. You can still [add outside collaborators to Codacy](managing-people.md#adding-people) so that Codacy analyzes their commits to private repositories, but they won't be able to join your Codacy organization.  
 <sup>2</sup>: Joining an organization may need an approval depending on your setting for [accepting new people](changing-your-plan-and-billing.md#allowing-new-people-to-join-your-organization).  
-<sup>3</sup>: Requires that an organization owner has given the Codacy GitHub App access to the repositories to add or remove.
+<sup>3</sup>: These users can only see security items originating from Codacy repositories that they follow.  
+<sup>4</sup>: Requires that an organization owner has given the Codacy GitHub App access to the repositories to add or remove.
 
 ## Permissions for GitLab
 
@@ -199,6 +200,15 @@ The table below maps the GitLab Cloud and GitLab Enterprise roles to the corresp
       <td class="yes">Yes</td>
       <td colspan="2" class="yes">Yes</td>
     </tr>
+    <tr>
+      <td>Access Security and risk management</td>
+      <td class="no">No</td>
+      <td colspan="2" class="yes">Yes<sup>3</sup></td>
+      <td class="yes">Yes<sup>3</sup></td>
+      <td colspan="2" class="yes">Yes<sup>3</sup></td>
+      <td class="yes">Yes</td>
+      <td colspan="2" class="yes">Yes</td>
+    </tr>
     <tr>
       <td>Ignore issues and files,<br/>configure code patterns and file extensions,<br/>manage branches,<br/>reanalyze branches and pull requests</td>
       <td class="no">No</td>
@@ -253,15 +263,6 @@ The table below maps the GitLab Cloud and GitLab Enterprise roles to the corresp
       <td class="yes">Yes</td>
       <td colspan="2" class="yes">Yes</td>
     </tr>
-    <tr>
-      <td>Access Security and risk management</td>
-      <td class="no">No</td>
-      <td colspan="2" class="no">No</td>
-      <td class="no">No</td>
-      <td colspan="2" class="no">No</td>
-      <td class="yes">Yes</td>
-      <td colspan="2" class="yes">Yes</td>
-    </tr>
     <tr>
       <td>Invite and accept members,<br/>modify billing</td>
       <td class="no">No</td>
@@ -284,7 +285,8 @@ The table below maps the GitLab Cloud and GitLab Enterprise roles to the corresp
 </table>
 
 <sup>1</sup>: External users aren't supported as members of organizations on Codacy. You can still [add external users to Codacy](managing-people.md#adding-people) so that Codacy analyzes their commits to private repositories, but they won't be able to join your Codacy organization.  
-<sup>2</sup>: Joining an organization may need an approval depending on your setting for [accepting new people](changing-your-plan-and-billing.md#allowing-new-people-to-join-your-organization).
+<sup>2</sup>: Joining an organization may need an approval depending on your setting for [accepting new people](changing-your-plan-and-billing.md#allowing-new-people-to-join-your-organization).  
+<sup>3</sup>: These users can only see security items originating from Codacy repositories that they follow.  
 
 ## Permissions for Bitbucket
 
@@ -319,6 +321,12 @@ The table below maps the Bitbucket Cloud and Bitbucket Server roles to the corre
       <td class="yes">Yes</td>
       <td class="yes">Yes</td>
     </tr>
+    <tr>
+      <td>Access Security and risk management</td>
+      <td colspan="2" class="yes">Yes<sup>3</sup></td>
+      <td class="yes">Yes</td>
+      <td class="yes">Yes</td>
+    </tr>
     <tr>
       <td>Ignore issues and files,<br/>configure code patterns and file extensions,<br/>manage branches,<br/>reanalyze branches and pull requests</td>
       <td colspan="2" class="maybe"><a href="#change-analysis-configuration">Configurable</a></td>
@@ -355,12 +363,6 @@ The table below maps the Bitbucket Cloud and Bitbucket Server roles to the corre
       <td class="yes">Yes</td>
       <td class="yes">Yes</td>
     </tr>
-    <tr>
-      <td>Access Security and risk management</td>
-      <td colspan="2" class="no">No</td>
-      <td class="yes">Yes</td>
-      <td class="yes">Yes</td>
-    </tr>
     <tr>
       <td>Invite and accept members,<br/>modify billing</td>
       <td colspan="2" class="no">No</td>
@@ -377,7 +379,8 @@ The table below maps the Bitbucket Cloud and Bitbucket Server roles to the corre
 </table>
 
 <sup>1</sup>: Codacy can't distinguish the Bitbucket roles Read and Write because of a limitation on the Bitbucket API.  
-<sup>2</sup>: Joining an organization may need an approval depending on your setting for [accepting new people](changing-your-plan-and-billing.md#allowing-new-people-to-join-your-organization).
+<sup>2</sup>: Joining an organization may need an approval depending on your setting for [accepting new people](changing-your-plan-and-billing.md#allowing-new-people-to-join-your-organization).  
+<sup>3</sup>: These users can only see security items originating from Codacy repositories that they follow.
 
 ## The organization manager role
 

docs/release-notes/cloud/cloud-2023-11-23-new-coverage-engine-status-checks.md

@@ -121,7 +121,7 @@ If you are using the old status check to block merging pull requests on GitHub,
 
 !!! info "This section applies to the repositories for which you set Codacy to post [coverage summaries](../../repositories-configure/integrations/github-integration.md#coverage-summaries) to your GitHub pull requests"
 
-On December 7th 2023 we set the new Coverage engine to post coverage summaries to GitHub, replacing the old Coverage engine. No further action is required on your part.
+On December 7th 2023 we set the new Coverage engine to post coverage summaries to GitHub, replacing the old Coverage engine. If you haven't done so yet, please [review and accept the updated Codacy app permissions](https://docs.github.com/en/enterprise-cloud@latest/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#reviewing-permissions).
 
 ## Codacy app UI diff tabs from the new Coverage engine {: id="diff-tabs"}
 

requirements.txt

@@ -17,4 +17,4 @@ mkdocs-macros-plugin==1.0.5
 mkdocs-meta-descriptions-plugin==3.0.0
 mkdocs-monorepo-plugin==1.0.5
 mkdocs-redirects==1.2.1
-mkdocs-rss-plugin==1.9.0
+mkdocs-rss-plugin==1.10.0