From 1219d1c71e1da50461a911694b0d1ac6ba01cac2 Mon Sep 17 00:00:00 2001
From: Henry Mercer <henrymercer@github.com>
Date: Tue, 2 Apr 2024 15:20:35 +0100
Subject: [PATCH 1/2] Code scanning: Fix multiple build modes example (#49918)

---
 .../codeql-code-scanning-for-compiled-languages.md            | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/content/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages.md b/content/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages.md
index 9ba3456444bd..cc0f51daa0af 100644
--- a/content/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages.md
+++ b/content/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages.md
@@ -110,8 +110,8 @@ steps:
     - name: Initialize CodeQL
       uses: {% data reusables.actions.action-codeql-action-init %}
       with:
-        languages: ${{ matrix.language }}
-    - if: ${{ matrix.build-mode == 'manual' }}
+        languages: {% raw %}${{ matrix.language }}{% endraw %}
+    - if: {% raw %}${{ matrix.build-mode == 'manual' }}{% endraw %}
       name: Build C and C++ code
       run: |
         echo 'If you are using a "manual" build mode for one or more of the' \

From 2efa02f42330067b06ed37ae027efaa31579ad84 Mon Sep 17 00:00:00 2001
From: Marco Gario <marcogario@github.com>
Date: Tue, 2 Apr 2024 16:43:31 +0200
Subject: [PATCH 2/2] GHES 3.13: Code Scanning Default Setup does not restrict
 on repo inactivity (#49953)

Co-authored-by: Felicity Chapman <felicitymay@github.com>
---
 .../configuring-default-setup-for-code-scanning.md          | 2 ++
 .../code-scanning-default-setup-exclude-dormant-repos.yml   | 6 ++++++
 2 files changed, 8 insertions(+)
 create mode 100644 data/features/code-scanning-default-setup-exclude-dormant-repos.yml

diff --git a/content/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning.md b/content/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning.md
index 8fa3d050828e..1ca8daeda65e 100644
--- a/content/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning.md
+++ b/content/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning.md
@@ -31,12 +31,14 @@ Default setup for {% data variables.product.prodname_code_scanning %} is the qui
 - When creating or committing to a pull request based against the repository's default branch, or any protected branch.{% ifversion default-setup-scan-on-schedule %}
 - On a weekly schedule.
 
+{% ifversion code-scanning-default-setup-exclude-dormant-repos %}
 {% note %}
 
 **Note:** If no pushes and pull requests have occurred in a repository with default setup enabled for 6 months, the weekly schedule will be disabled to save your {% data variables.product.prodname_actions %} minutes.
 
 {% endnote %}
 {% endif %}
+{% endif %}
 
 {% ifversion org-enable-code-scanning %}You can also enable default setup for multiple or all repositories in an organization at the same time. For information on bulk enablement, see "[AUTOTITLE](/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning-at-scale)."{% endif %}
 
diff --git a/data/features/code-scanning-default-setup-exclude-dormant-repos.yml b/data/features/code-scanning-default-setup-exclude-dormant-repos.yml
new file mode 100644
index 000000000000..7b542dde8a69
--- /dev/null
+++ b/data/features/code-scanning-default-setup-exclude-dormant-repos.yml
@@ -0,0 +1,6 @@
+# Exclude "dormant repos" from running scheduled runs via default setup
+# See code-scanning ref:13220
+versions:
+  fpt: '*'
+  ghec: '*'
+  ghes: '<3.13'