Replace 'whitelist' with inclusive 'allowlist' terminology

deploy/csp-configuration.mdx

@@ -1,25 +1,25 @@
 ---
 title: "Content Security Policy (CSP) configuration"
 sidebarTitle: "CSP configuration"
 description: "Configure CSP headers to allow Mintlify resources while maintaining security for reverse proxies, firewalls, and networks that enforce strict security policies."
 keywords: ["Content Security Policy", "CSP directives", "security headers", "XSS prevention"]
 ---
 
 Content Security Policy (CSP) is a security standard that helps prevent cross-site scripting (XSS) attacks by controlling which resources a web page can load. Mintlify serves a default CSP that protects most sites. If you host your documentation behind a reverse proxy or firewall, that overwrites the default CSP, you may need to configure CSP headers for features to function properly.
 
 ## CSP directives
 
 The following CSP directives are used to control which resources can be loaded:
 
 - `script-src`: Controls which scripts can be executed
 - `style-src`: Controls which stylesheets can be loaded
 - `font-src`: Controls which fonts can be loaded
 - `img-src`: Controls which images, icons, and logos can be loaded
 - `connect-src`: Controls which URLs can be connected to for API calls and WebSocket connections
 - `frame-src`: Controls which URLs can be embedded in frames or iframes
 - `default-src`: Fallback for other directives when not explicitly set
 
-## Domain whitelist
+## Domain allowlist
 
 | Domain | Purpose | CSP directive | Required |
 |:-------|:--------|:--------------|:-------|
@@ -35,7 +35,7 @@
 | `cdn.jsdelivr.net` | Emoji assets for OG images | `script-src`, `img-src` | Required |
 | `mintlify.s3.us-west-1.amazonaws.com` | S3-hosted images | `img-src` | Required |
 | `fonts.googleapis.com` | Google Fonts | `style-src`, `font-src` | Optional |
 | `www.googletagmanager.com` | Google Analytics/GTM | `script-src`, `connect-src` | Optional |
 | `cdn.segment.com` | Segment analytics | `script-src`, `connect-src` | Optional |
 | `plausible.io` | Plausible analytics | `script-src`, `connect-src` | Optional |
 | `us.posthog.com` | PostHog analytics | `connect-src` | Optional |
@@ -46,7 +46,7 @@
 | `browser.sentry-cdn.com` | Sentry error tracking | `script-src`, `connect-src` | Optional |
 | `js.sentry-cdn.com` | Sentry JavaScript SDK | `script-src` | Optional |
 
 ## Example CSP configuration
 
 <Note>
   Only include domains for services that you use. Remove any analytics domains that you have not configured for your documentation.

deploy/ghes.mdx

@@ -4,7 +4,7 @@
 keywords: ["GitHub Enterprise Server", "GHES", "GitHub Enterprise"]
 ---
 
 This guide walks you through setting up the Mintlify GitHub App on your GitHub Enterprise Server (GHES) installation. To connect a GHES instance to Mintlify, you must create a local version of our app within your self-hosted environment that communicates with our remote server.
 
 If you use a cloud-hosted GitHub instance, see the [GitHub](/deploy/github) page for setup instructions.
 
@@ -12,21 +12,21 @@
 
 - Admin privileges on your GitHub Enterprise Server organization where you want to install the app
 - Access to your organization's repositories where you want to install the app
 - Network connectivity to communicate with our external services (see [Network requirements](#network-requirements) section below)
 
 ### Network requirements
 
 #### Outbound connectivity
 
 Your GitHub Enterprise Server must be able to reach:
 - Mintlify's API endpoints (https://leaves.mintlify.com)
 - Webhook receivers (port 443)
 
 #### Firewall configuration
 
 The following outbound connections must be allowed:
 - Connections from Mintlify's static IP: `54.242.90.151`
 - HTTPS (port 443) to Mintlify's service domains
 - DNS resolution for Mintlify's service domains
 
 ## Step 1: Register the GitHub App
@@ -52,7 +52,7 @@
 - **GitHub App name:** `Mintlify`
 - **Description:** `Integration with Mintlify services`
 - **Homepage URL:** `https://mintlify.com`
 - **User authorization callback URL:** `https://your-github-server.com/` (replace with your actual GHES domain)
 
 </Step>
 </Steps>
@@ -61,7 +61,7 @@
 
 <Steps>
 <Step title="Set repository permissions">
 Set the following permissions for the app. No Organization, Account, or Enterprise permissions are required:
 
 - **Checks:** Read and write
 - **Contents:** Read and write
@@ -90,7 +90,7 @@
 <Step title="Create the app">
 Click **Create GitHub App**.
 
 You'll be redirected to the app's settings page.
 </Step>
 
 <Step title="Generate private key">
@@ -102,9 +102,9 @@
 <Step title="Note app credentials">
 Record the following:
 
 - **App ID** (visible at the top of the settings page)
 - **Client ID** (in the "About" section)
 - **Client Secret** (generate and record it securely)
 </Step>
 </Steps>
 
@@ -119,11 +119,11 @@
 <Step title="Choose installation scope">
 Select either:
 
 - **All repositories** (for organization-wide access)
 - **Only select repositories** (choose specific repositories)
 
 <Tip>
 We recommend selecting "Only select repositories" and limiting the app to only the repositories where your documentation is located.
 </Tip>
 </Step>
 
@@ -144,8 +144,8 @@
 <Step title="Set webhook URL">
 Configure the following:
 
 - **Webhook URL:** `https://leaves.mintlify.com/github-enterprise/:subdomain` (replace `:subdomain` with the URL that we provide you with)
 - **Webhook secret:** Generate a random string (32+ characters) and record it securely. Mintlify can also generate this and provide it to you.
 </Step>
 </Steps>
 
@@ -154,16 +154,16 @@
 
 ### Required credentials
 - GitHub Enterprise Server base URL: https://your-github-server.com
 - App ID: (from step 3)
 - App client ID: (from step 3)
 - App client secret: (from step 3)
 - Installation ID: (from step 4)
 - Private key: The entire contents of the `.pem` file (should be shared via secure file transfer)
 - Webhook secret: (from step 5)
 
 ### Optional credentials for troubleshooting
 - Organization name: Your GitHub organization name
 - Repository names: Specific repositories where the app is installed
 - GitHub Enterprise Server version: Found in your site admin dashboard
 
 ## Mintlify connection
@@ -172,7 +172,7 @@
 - Integrate your GHES environment with an existing Mintlify deployment.
 - Integrate your GHES environment with a new Mintlify deployment that we provision for you.
 
 After your GHES environment is integrated with a Mintlify deployment, you are ready to enable webhooks for your GitHub App.
 
 <Note>
 The webhook URL may change based on our configuration. We test the integration and provide you with the new URL.
@@ -194,7 +194,7 @@
 </Step>
 </Steps>
 
 ## FAQ and Troubleshooting
 
 <AccordionGroup>
 <Accordion title="The app installation is failing with permission errors.">
@@ -208,7 +208,7 @@
 <Accordion title="Webhooks aren't being delivered">
 - Verify the webhook URL is correct and accessible.
 - Ensure your firewall allows outbound HTTPS connections.
 - Check the webhook secret matches what was configured.
 - Review webhook delivery logs in the "Advanced" tab of your GitHub App settings.
 </Accordion>
 
@@ -219,8 +219,8 @@
 </Accordion>
 
 <Accordion title="The app installs, but doesn't respond to events.">
 - Ensure webhooks are being delivered and acknowledged by our server with response code 200.
 - Required permissions were granted during installation.
 </Accordion>
 
 <Accordion title="Can I limit which repositories the app accesses?">
@@ -230,15 +230,15 @@
 <Accordion title="How do I update app permissions later?">
 - Go to the app settings as a site admin.
 - Modify permissions as needed.
 - The app will need to be re-approved by organization owners.
 - Notify us of any permission changes as they may affect functionality.
 </Accordion>
 
 <Accordion title="Our GHES is behind a corporate firewall, nginx proxy, or similar setup.">
 You must:
 
-- Whitelist our service domains in your firewall.
+- Add our service domains to your firewall allowlist.
 - Ensure outbound HTTPS (port 443) connectivity.
 - If direct internet access is not allowed, set up a proxy.
 </Accordion>
 
@@ -252,7 +252,7 @@
 - Your GitHub Enterprise Server version.
 - Specific error messages.
 - Screenshots of any issues.
 - Network/firewall configuration details (if relevant).
 </Accordion>
 </AccordionGroup>
 

installation.mdx

@@ -21,7 +21,7 @@
 
 ## Prerequisites
 
 - [Node.js](https://nodejs.org/en) v20.17.0+ (LTS versions recommended) installed
 - [Git](https://git-scm.com/downloads) installed
 - Your documentation repository cloned locally
 
@@ -181,7 +181,7 @@
 mint broken-links
 ```
 
 The command ignores files matching [.mintignore](/organize/mintignore) patterns. Links that point to ignored files are reported as broken.
 
 To also check anchor links like `/path/to/page#anchor`, use the `--check-anchors` flag:
 
@@ -217,7 +217,7 @@
 
 Use flags to configure the validation command.
 
 - `--groups [groupname]`: Mock user groups for validation (useful when testing group-based access control)
 - `--disable-openapi`: Disable OpenAPI file generation during validation
 
 ### Check OpenAPI spec
@@ -228,7 +228,7 @@
 mint openapi-check <OpenAPI filename or URL>
 ```
 
 Pass a filename (for example, `./openapi.yaml`) or a URL (for example, `https://petstore3.swagger.io/api/v3/openapi.json`).
 
 ### Rename files
 
@@ -300,8 +300,8 @@
     ```
   </Accordion>
   <Accordion title="Client version shows 'none' after installation">
     If you run `mint version` and the client version displays as `none`, the CLI may be unable to download the client application due to a corporate firewall or VPN blocking the download.
 
-    **Solution:** Ask your IT administrator to whitelist `releases.mintlify.com` to enable local development with the CLI.
+    **Solution:** Ask your IT administrator to add `releases.mintlify.com` to your network allowlist to enable local development with the CLI.
   </Accordion>
 </AccordionGroup>

integrations/privacy/osano.mdx

@@ -33,7 +33,7 @@ Replace `OSANO_SCRIPT_URL` with your Osano script URL. Your script URL is the `s
 <Accordion
   title="Pages not loading with Strict compliance mode"
 >
-  If your documentation pages aren't loading properly when using Osano's **Strict** compliance mode, you'll need to whitelist Mintlify's domain to allow images and other assets to load.
+  If your documentation pages aren't loading properly when using Osano's **Strict** compliance mode, you'll need to add Mintlify's domain to your allowlist to allow images and other assets to load.
 
   <Steps>
     <Step title="Navigate to Managed Rules">