Actions has permissions, not Scopes (#51614)

content/actions/using-jobs/assigning-permissions-to-jobs.md

@@ -14,7 +14,7 @@ versions:
 
 {% data reusables.actions.jobs.section-assigning-permissions-to-jobs %}
 
-## Defining access for the `GITHUB_TOKEN` scopes
+## Defining access for the `GITHUB_TOKEN` permissions
 
 {% data reusables.actions.github-token-available-permissions %}
 

data/reusables/actions/github-token-available-permissions.md

@@ -1,4 +1,4 @@
-You can define the access that the `GITHUB_TOKEN` will permit by specifying `read`, `write`, or `none` as the value of the available scopes within the `permissions` key.
+You can define the access that the `GITHUB_TOKEN` will permit by specifying `read`, `write`, or `none` as the value of the available permissions within the `permissions` key.
 
 ```yaml
 permissions:
@@ -17,9 +17,9 @@ permissions:
   statuses: read|write|none
 ```
 
-If you specify the access for any of these scopes, all of those that are not specified are set to `none`.
+If you specify the access for any of these permissions, all of those that are not specified are set to `none`.
 
-You can use the following syntax to define one of `read-all` or `write-all` access for all of the available scopes:
+You can use the following syntax to define one of `read-all` or `write-all` access for all of the available permissions:
 
 ```yaml
 permissions: read-all
@@ -29,7 +29,7 @@ permissions: read-all
 permissions: write-all
 ```
 
-You can use the following syntax to disable permissions for all of the available scopes:
+You can use the following syntax to disable permissions for all of the available permissions:
 
 ```yaml
 permissions: {}

data/reusables/actions/github-token-permissions.md

@@ -1 +1 @@
-The `GITHUB_TOKEN` secret is set to an access token for the repository each time a job in a workflow begins. You should set the permissions for this access token in the workflow file to grant read access for the `contents` scope and write access for the `packages` scope. For more information, see "[AUTOTITLE](/actions/security-guides/automatic-token-authentication)."
+The `GITHUB_TOKEN` secret is set to an access token for the repository each time a job in a workflow begins. You should set the permissions for this access token in the workflow file to grant read access for the `contents` permission and write access for the `packages` permission. For more information, see "[AUTOTITLE](/actions/security-guides/automatic-token-authentication)."

data/reusables/actions/github-token-scope-descriptions.md

@@ -1,8 +1,8 @@
-For each of the available scopes, shown in the table below, you can assign one of the permissions: `read`, `write`, or `none`. If you specify the access for any of these scopes, all of those that are not specified are set to `none`.
+For each of the available permissions, shown in the table below, you can assign one of the access levels: `read`, `write`, or `none`. `write` includes `read`. If you specify the access for any of these permissions, all of those that are not specified are set to `none`.
 
-Available scopes and details of what each allows an action to do:
+Available permissions and details of what each allows an action to do:
 
-| Scope | Allows an action using `GITHUB_TOKEN` to |
+| Permission | Allows an action using `GITHUB_TOKEN` to |
 | --- | --- |
 |  `actions` | Work with GitHub Actions. For example, `actions: write` permits an action to cancel a workflow run. For more information, see "[AUTOTITLE](/rest/overview/permissions-required-for-github-apps?apiVersion=2022-11-28#repository-permissions-for-actions)." |
 {% ifversion artifact-attestations %}|  `attestations` | Work with artifact attestations. For example, `attestations: write` permits an action to generate an artifact attestation for a build. For more information, see "[AUTOTITLE](/actions/security-guides/using-artifact-attestations-to-establish-provenance-for-builds)" |{% endif %}

data/reusables/actions/jobs/setting-permissions-specific-jobs-example.md

@@ -1,4 +1,4 @@
-This example shows permissions being set for the `GITHUB_TOKEN` that will only apply to the job named `stale`. Write access is granted for the `issues` and `pull-requests` scopes. All other scopes will have no access.
+This example shows permissions being set for the `GITHUB_TOKEN` that will only apply to the job named `stale`. Write access is granted for the `issues` and `pull-requests` permissions. All other permissions will have no access.
 
 ```yaml
 jobs:

data/reusables/actions/workflows/github-token-access.md

@@ -1 +1 @@
-1. Under "Workflow permissions", choose whether you want the `GITHUB_TOKEN` to have read and write access for all scopes (the permissive setting), or just read access for the `contents` {% ifversion actions-default-workflow-permissions-restrictive %}and `packages` scopes{% else %}scope{% endif %} (the restricted setting).
+1. Under "Workflow permissions", choose whether you want the `GITHUB_TOKEN` to have read and write access for all permissions (the permissive setting), or just read access for the `contents` {% ifversion actions-default-workflow-permissions-restrictive %}and `packages` permissions{% else %}permission{% endif %} (the restricted setting).