Enterprise bug fixes for the week of March 20, 2023 (#35878)

Co-authored-by: Laura Coursen <lecoursen@github.com>
2026-01-05 12:07:35 -05:00 · 2023-03-27 16:35:16 -07:00
parent 46a8b52117
commit 24f5b3b6a6
5 changed files with 16 additions and 0 deletions
--- a/content/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-code-security-and-analysis-for-your-enterprise.md
+++ b/content/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-code-security-and-analysis-for-your-enterprise.md
@@ -39,6 +39,8 @@ You can enforce policies to manage the use of code security and analysis feature

 Across all organizations owned by your enterprise, you can allow members with admin permissions for repositories to enable or disable {% data variables.product.prodname_dependabot_alerts %} and change {% data variables.product.prodname_dependabot_alerts %} settings.

+{% data reusables.enterprise.role-permission-hierarchy %}
+
 {% data reusables.enterprise-accounts.access-enterprise %}
 {% data reusables.enterprise-accounts.policies-tab %}
 {% data reusables.enterprise-accounts.code-security-and-analysis-policies %}
@@ -52,6 +54,8 @@ Across all organizations owned by your enterprise, you can allow members with ad

 {% data reusables.advanced-security.about-ghas-organization-policy %}

+{% data reusables.enterprise.role-permission-hierarchy %}
+
 {% data reusables.enterprise-accounts.access-enterprise %}
 {% data reusables.enterprise-accounts.policies-tab %}{% ifversion security-feature-enablement-policies %}
 {% data reusables.enterprise-accounts.code-security-and-analysis-policies %}{% else %}
@@ -79,6 +83,8 @@ Across all of your enterprise's organizations, you can allow or disallow people

 Across all of your enterprise's organizations, you can allow or disallow people with admin access to repositories to manage and configure {% data variables.product.prodname_secret_scanning %} for the repositories. {% data reusables.advanced-security.ghas-must-be-enabled %}

+{% data reusables.enterprise.role-permission-hierarchy %}
+
 {% data reusables.enterprise-accounts.access-enterprise %}
 {% data reusables.enterprise-accounts.policies-tab %}
 {% data reusables.enterprise-accounts.code-security-and-analysis-policies %}
--- a/content/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise.md
+++ b/content/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise.md
@@ -80,6 +80,8 @@ You can use a SSH certificate authorities (CA) to allow members of any organizat

 If you require SSH certificates for your enterprise, enterprise members should use a special URL for Git operations over SSH. For more information, see "[AUTOTITLE](/organizations/managing-git-access-to-your-organizations-repositories/about-ssh-certificate-authorities#about-ssh-urls-with-ssh-certificates)."

+ {% data reusables.enterprise.certificate-authority-usage %}
+
 {% data reusables.enterprise-accounts.access-enterprise %}
 {% data reusables.enterprise-accounts.settings-tab %}
 {% data reusables.enterprise-accounts.security-tab %}
--- a/content/organizations/managing-git-access-to-your-organizations-repositories/managing-your-organizations-ssh-certificate-authorities.md
+++ b/content/organizations/managing-git-access-to-your-organizations-repositories/managing-your-organizations-ssh-certificate-authorities.md
@@ -25,6 +25,8 @@ You can allow members to access your organization's repositories using SSH certi

 If you require SSH certificates for your enterprise, enterprise members should use a special URL for Git operations over SSH. For more information, see "[AUTOTITLE](/organizations/managing-git-access-to-your-organizations-repositories/about-ssh-certificate-authorities#about-ssh-urls-with-ssh-certificates)."

+{% data reusables.enterprise.certificate-authority-usage %}
+
 {% data reusables.profile.access_org %}
 {% data reusables.profile.org_settings %}
 {% data reusables.organizations.security %}
--- a/data/reusables/enterprise/certificate-authority-usage.md
+++ b/data/reusables/enterprise/certificate-authority-usage.md
@@ -0,0 +1 @@
+Each certificate authority can only be uploaded to one account on {% data variables.product.prodname_dotcom_the_website %}. If an SSH certificate authority has been added to an organization or enterprise account, you cannot add the same certificate authority to another organization or enterprise account on {% data variables.product.prodname_dotcom_the_website %}.
--- a/data/reusables/enterprise/role-permission-hierarchy.md
+++ b/data/reusables/enterprise/role-permission-hierarchy.md
@@ -0,0 +1,5 @@
+{% note %}
+
+**Note:** This policy only impacts repository administrators, specifically. Organization owners and security managers can always enable security features, regardless of how you set this policy. For more information, see "[AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization)."
+
+{% endnote %}
				`@@ -0,0 +1 @@`
				`Each certificate authority can only be uploaded to one account on {% data variables.product.prodname_dotcom_the_website %}. If an SSH certificate authority has been added to an organization or enterprise account, you cannot add the same certificate authority to another organization or enterprise account on {% data variables.product.prodname_dotcom_the_website %}.`