New translation batch for cn (#26888)

* Add crowdin translations

* Run script/i18n/homogenize-frontmatter.js

* Run script/i18n/lint-translation-files.js --check rendering

* run script/i18n/reset-files-with-broken-liquid-tags.js --language=cn

* run script/i18n/reset-known-broken-translation-files.js

* Check in cn CSV report

Co-authored-by: Mike Surowiec <mikesurowiec@users.noreply.github.com>

translations/log/cn-resets.csv

@@ -26,7 +26,9 @@ translations/zh-CN/content/actions/using-workflows/storing-workflow-data-as-arti
 translations/zh-CN/content/actions/using-workflows/using-github-cli-in-workflows.md,broken liquid tags
 translations/zh-CN/content/admin/code-security/managing-github-advanced-security-for-your-enterprise/configuring-code-scanning-for-your-appliance.md,broken liquid tags
 translations/zh-CN/content/admin/code-security/managing-github-advanced-security-for-your-enterprise/configuring-secret-scanning-for-your-appliance.md,broken liquid tags
+translations/zh-CN/content/admin/code-security/managing-github-advanced-security-for-your-enterprise/deploying-github-advanced-security-in-your-enterprise.md,broken liquid tags
 translations/zh-CN/content/admin/code-security/managing-supply-chain-security-for-your-enterprise/about-supply-chain-security-for-your-enterprise.md,broken liquid tags
+translations/zh-CN/content/admin/code-security/managing-supply-chain-security-for-your-enterprise/viewing-the-vulnerability-data-for-your-enterprise.md,broken liquid tags
 translations/zh-CN/content/admin/configuration/configuring-github-connect/about-github-connect.md,rendering error
 translations/zh-CN/content/admin/configuration/configuring-github-connect/enabling-automatic-user-license-sync-for-your-enterprise.md,broken liquid tags
 translations/zh-CN/content/admin/configuration/configuring-github-connect/enabling-dependabot-for-your-enterprise.md,broken liquid tags
@@ -152,6 +154,8 @@ translations/zh-CN/content/code-security/getting-started/github-security-feature
 translations/zh-CN/content/code-security/getting-started/securing-your-organization.md,broken liquid tags
 translations/zh-CN/content/code-security/getting-started/securing-your-repository.md,broken liquid tags
 translations/zh-CN/content/code-security/secret-scanning/about-secret-scanning.md,broken liquid tags
+translations/zh-CN/content/code-security/secret-scanning/secret-scanning-patterns.md,broken liquid tags
+translations/zh-CN/content/code-security/supply-chain-security/end-to-end-supply-chain/securing-accounts.md,broken liquid tags
 translations/zh-CN/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security.md,broken liquid tags
 translations/zh-CN/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md,Listed in localization-support#489
 translations/zh-CN/content/code-security/supply-chain-security/understanding-your-software-supply-chain/troubleshooting-the-dependency-graph.md,broken liquid tags
@@ -194,6 +198,7 @@ translations/zh-CN/content/get-started/customizing-your-github-workflow/explorin
 translations/zh-CN/content/get-started/customizing-your-github-workflow/index.md,broken liquid tags
 translations/zh-CN/content/get-started/getting-started-with-git/about-remote-repositories.md,broken liquid tags
 translations/zh-CN/content/get-started/getting-started-with-git/updating-credentials-from-the-macos-keychain.md,broken liquid tags
+translations/zh-CN/content/get-started/importing-your-projects-to-github/importing-source-code-to-github/adding-locally-hosted-code-to-github.md,broken liquid tags
 translations/zh-CN/content/get-started/learning-about-github/about-github-advanced-security.md,broken liquid tags
 translations/zh-CN/content/get-started/learning-about-github/about-versions-of-github-docs.md,broken liquid tags
 translations/zh-CN/content/get-started/learning-about-github/githubs-products.md,rendering error
@@ -284,7 +289,6 @@ translations/zh-CN/data/reusables/code-scanning/enterprise-enable-code-scanning-
 translations/zh-CN/data/reusables/code-scanning/enterprise-enable-code-scanning.md,broken liquid tags
 translations/zh-CN/data/reusables/code-scanning/upload-sarif-ghas.md,broken liquid tags
 translations/zh-CN/data/reusables/dotcom_billing/downgrade-org-to-free.md,broken liquid tags
-translations/zh-CN/data/reusables/enterprise_installation/download-appliance.md,broken liquid tags
 translations/zh-CN/data/reusables/enterprise_installation/hardware-considerations-all-platforms.md,broken liquid tags
 translations/zh-CN/data/reusables/enterprise_installation/upgrade-hardware-requirements.md,broken liquid tags
 translations/zh-CN/data/reusables/enterprise_management_console/badge_indicator.md,broken liquid tags
@@ -303,7 +307,7 @@ translations/zh-CN/data/reusables/rest-reference/activity/events.md,broken liqui
 translations/zh-CN/data/reusables/rest-reference/apps/marketplace.md,broken liquid tags
 translations/zh-CN/data/reusables/rest-reference/packages/packages.md,broken liquid tags
 translations/zh-CN/data/reusables/saml/you-must-periodically-authenticate.md,Listed in localization-support#489
-translations/zh-CN/data/reusables/saml/you-must-periodically-authenticate.md,rendering error
+translations/zh-CN/data/reusables/saml/you-must-periodically-authenticate.md,broken liquid tags
 translations/zh-CN/data/reusables/scim/after-you-configure-saml.md,broken liquid tags
 translations/zh-CN/data/reusables/secret-scanning/enterprise-enable-secret-scanning.md,broken liquid tags
 translations/zh-CN/data/reusables/sponsors/feedback.md,broken liquid tags

translations/zh-CN/content/account-and-profile/setting-up-and-managing-your-github-user-account/managing-your-membership-in-organizations/viewing-peoples-roles-in-an-organization.md

@@ -35,7 +35,7 @@ shortTitle: 查看组织中的人员
 
 如果您的组织由企业帐户管理，则可以查看管理企业所有组织的帐单设置和策略的企业所有者。 有关企业帐户的详细信息，请参阅“[{% data variables.product.prodname_dotcom %} 帐户类型](/get-started/learning-about-github/types-of-github-accounts)”。
 
-您还可以查看企业所有者是否在组织中具有特定角色。 Enterprise owners can also be an organization member, any other organization role, or be un-affiliated with the organization.
+您还可以查看企业所有者是否在组织中具有特定角色。 企业所有者也可以是组织成员、任何其他组织角色或与组织无关。
 
 {% note %}
 
@@ -43,11 +43,11 @@ shortTitle: 查看组织中的人员
 
 {% endnote %}
 
-| **企业角色** | **组织角色**                                       | **组织访问或影响**                    |
-| -------- | ---------------------------------------------- | ------------------------------ |
-| 企业所有者    | Un-affiliated or no official organization role | 无法访问组织内容或存储库，但可管理影响组织的企业设置和策略。 |
-| 企业所有者    | 组织所有者                                          | 能够配置组织设置并通过团队等管理对组织资源的访问。      |
-| 企业所有者    | 组织成员                                           | 能够访问组织资源和内容（如存储库），而无需访问组织的设置。  |
+| **企业角色** | **组织角色**    | **组织访问或影响**                    |
+| -------- | ----------- | ------------------------------ |
+| 企业所有者    | 非附属或无官方组织角色 | 无法访问组织内容或存储库，但可管理影响组织的企业设置和策略。 |
+| 企业所有者    | 组织所有者       | 能够配置组织设置并通过团队等管理对组织资源的访问。      |
+| 企业所有者    | 组织成员        | 能够访问组织资源和内容（如存储库），而无需访问组织的设置。  |
 
 要查看组织中的所有角色，请参阅“[组织中的角色](/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization)”。 {% ifversion ghec %} 组织成员还可以具有特定存储库的自定义角色。 更多信息请参阅“[管理组织的自定义仓库角色](/organizations/managing-peoples-access-to-your-organization-with-roles/managing-custom-repository-roles-for-an-organization)”。{% endif %}
 

translations/zh-CN/content/actions/deployment/targeting-different-environments/using-environments-for-deployment.md

@@ -71,6 +71,14 @@ Environments are used to describe a general deployment target like `production`,
 
 {% data reusables.actions.permissions-statement-environment %}
 
+{% ifversion fpt or ghec %}
+{% note %}
+
+**注意：**要在私有存储库中创建环境，您的组织必须使用 {% data variables.product.prodname_ghe_cloud %}。 {% data reusables.enterprise.link-to-ghec-trial %}
+
+{% endnote %}
+{% endif %}
+
 {% data reusables.repositories.navigate-to-repo %}
 {% data reusables.repositories.sidebar-settings %}
 {% data reusables.actions.sidebar-environment %}
@@ -117,7 +125,7 @@ Environments are used to describe a general deployment target like `production`,
 1. 在要删除的环境旁边，单击 {% octicon "trash" aria-label="The trash icon" %}。
 2. 单击 **I understand, delete this environment（我了解，删除此环境）**。
 
-{% ifversion fpt or ghae or ghes > 3.1 or ghec %}您也可以通过 REST API 删除环境。 更多信息请参阅“[环境](/rest/reference/repos#environments)”。{% endif %}
+{% ifversion fpt or ghae or ghes > 3.1 or ghec %}您还可以通过 REST API 删除环境。 更多信息请参阅“[环境](/rest/reference/repos#environments)”。{% endif %}
 
 ## 环境与部署的关系
 

translations/zh-CN/content/actions/hosting-your-own-runners/autoscaling-with-self-hosted-runners.md

@@ -58,10 +58,10 @@ type: overview
 
 默认情况下，每当有新版本的运行器软件可用时，自托管运行器将自动执行软件更新。  如果在容器中使用临时运行器，则当发布新的运行器版本时，这可能会导致重复的软件更新。  关闭自动更新允许你按照自己的计划直接更新容器映像上的运行器版本。
 
-如果要关闭自动软件更新并自行安装软件更新，可以在启动运行器时指定 `--disableupdate` 参数。  例如：
+要关闭自动软件更新并自行安装软件更新，请在使用 `config.sh`注册运行器时指定 `--disableupdate` 标志。 例如：
 
 ```shell
-./run.sh --disableupdate
+./config.sh --url <em>https://github.com/octo-org</em> --token <em>example-token</em> --disableupdate
 ```
 
 如果禁用自动更新，您仍必须定期更新运行器版本。  {% data variables.product.prodname_actions %} 中的新功能需要更改 {% data variables.product.prodname_actions %} 服务_和_运行器软件 。  在没有软件更新的情况下，运行器可能无法正确处理利用 {% data variables.product.prodname_actions %} 新功能的作业。

translations/zh-CN/content/actions/hosting-your-own-runners/configuring-the-self-hosted-runner-application-as-a-service.md

@@ -81,7 +81,7 @@ shortTitle: 启动时运行运行器应用程序
 该命令采用可选的 `user` 参数，以其他用户身份安装服务。
 
 ```shell
-./svc.sh install --user <em>USERNAME</em>
+./svc.sh install <em>USERNAME</em>
 ```
 
 ## 启动服务

translations/zh-CN/content/actions/learn-github-actions/understanding-github-actions.md

@@ -192,7 +192,7 @@ _操作_是 {% data variables.product.prodname_actions %} 平台的自定义应
   ```
 </td>
 <td>
-<code>uses</code> 关键字指定此步骤将运行 <code>actions/checkout</code> 操作的 <code>v2</code>。  这是一个将存储库签出到运行器上的操作，允许您对代码（如生成和测试工具）运行脚本或其他操作。 每当工作流程将针对存储库的代码运行时，都应使用签出操作。
+The <code>uses</code> keyword specifies that this step will run <code>v3</code> of the <code>actions/checkout</code> action.  这是一个将存储库签出到运行器上的操作，允许您对代码（如生成和测试工具）运行脚本或其他操作。 每当工作流程将针对存储库的代码运行时，都应使用签出操作。
 </td>
 </tr>
 <tr>

translations/zh-CN/content/actions/security-guides/security-hardening-for-github-actions.md

@@ -48,6 +48,12 @@ To help prevent accidental disclosure, {% data variables.product.product_name %}
 - **Consider requiring review for access to secrets**
     - You can use required reviewers to protect environment secrets. A workflow job cannot access environment secrets until approval is granted by a reviewer. For more information about storing secrets in environments or requiring reviews for environments, see "[Encrypted secrets](/actions/reference/encrypted-secrets)" and "[Using environments for deployment](/actions/deployment/using-environments-for-deployment)."
 
+{% warning %}
+
+**Warning**: Any user with write access to your repository has read access to all secrets configured in your repository. Therefore, you should ensure that the credentials being used within workflows have the least privileges required.
+
+{% endwarning %}
+
 ## Using `CODEOWNERS` to monitor changes
 
 You can use the `CODEOWNERS` feature to control how changes are made to your workflow files. For example, if all your workflow files are stored in `.github/workflows`, you can add this directory to the code owners list, so that any proposed changes to these files will first require approval from a designated reviewer.
@@ -300,7 +306,7 @@ For example, you can use the audit log to track the `org.update_actions_secret`
   ![Audit log entries](/assets/images/help/repository/audit-log-entries.png)
 
 The following tables describe the {% data variables.product.prodname_actions %} events that you can find in the audit log. For more information on using the audit log, see
-"[Reviewing the audit log for your organization](/organizations/keeping-your-organization-secure/reviewing-the-audit-log-for-your-organization#searching-the-audit-log)."
+"[Reviewing the audit log for your organization](/organizations/keeping-your-organization-secure/reviewing-the-audit-log-for-your-organization#searching-the-audit-log)" and "[Reviewing audit logs for your enterprise](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise)."
 
 {% ifversion fpt or ghec %}
 ### Events for environments
@@ -318,6 +324,7 @@ The following tables describe the {% data variables.product.prodname_actions %}
 | Action | Description
 |------------------|-------------------
 | `repo.actions_enabled` | Triggered when {% data variables.product.prodname_actions %} is enabled for a repository. Can be viewed using the UI. This event is not visible when you access the audit log using the REST API. For more information, see "[Using the REST API](#using-the-rest-api)."
+| `repo.update_actions_access_settings` | Triggered when the setting to control how your repository is used by {% data variables.product.prodname_actions %} workflows in other repositories is changed.
 {% endif %}
 
 ### Events for secret management

translations/zh-CN/content/actions/using-containerized-services/about-service-containers.md

@@ -49,7 +49,7 @@ topics:
 
 您可以使用 `services` 关键字创建服务容器作为工作流程中作业的一部分。 更多信息请参阅 [`jobs.<job_id>.services`](/actions/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions#jobsjob_idservices)。
 
-本例在作业 `container-job` 中创建一个名为 `redis` 的服务。 本例中的 Docker 主机是 `node:10.18-jessie` 容器。
+本例在作业 `container-job` 中创建一个名为 `redis` 的服务。 本例中的 Docker 主机是 `node:16-bullseye` 容器。
 
 {% raw %}
 ```yaml{:copy}
@@ -62,7 +62,7 @@ jobs:
     # Containers must run in Linux based operating systems
     runs-on: ubuntu-latest
     # Docker Hub image that `container-job` executes in
-    container: node:10.18-jessie
+    container: node:16-bullseye
 
     # Service containers to run with `container-job`
     services:

translations/zh-CN/content/actions/using-github-hosted-runners/monitoring-your-current-jobs.md

@@ -1,30 +1,30 @@
 ---
-title: Monitoring your current jobs
-intro: 'Monitor how {% data variables.product.prodname_dotcom %}-hosted runners are processing jobs in your organization or enterprise, and identify any related constraints.'
+title: 监控您当前的作业
+intro: '监控 {% data variables.product.prodname_dotcom %} 托管的运行器如何处理组织或企业中的作业，并了解任何相关约束。'
 versions:
   feature: github-runner-dashboard
-shortTitle: Monitoring your current jobs
+shortTitle: 监控您当前的作业
 ---
 
 {% data reusables.actions.enterprise-beta %}
 {% data reusables.actions.enterprise-github-hosted-runners %}
 
-## Viewing active jobs in your organization or enterprise
+## 查看组织或企业中的活动作业
 
-You can get a list of all jobs currently running on {% data variables.product.prodname_dotcom %}-hosted runners in your organization or enterprise.
+您可以获取当前在组织或企业中 {% data variables.product.prodname_dotcom %} 托管的运行器上运行的所有作业列表。
 
 {% data reusables.actions.github-hosted-runners-navigate-to-repo-org-enterprise %}
 {% data reusables.actions.github-hosted-runners-table-entry %}
-1. Review the "Active jobs" section, which contains a list of all jobs currently running on {% data variables.product.prodname_dotcom %}-hosted runners.
+1. 查看“Active jobs（活动作业）”部分，其中包含当前在 {% data variables.product.prodname_dotcom %} 托管的运行器上运行的所有作业列表。
 
-  ![Screenshot of the list of active jobs](/assets/images/help/settings/actions-runner-active-jobs.png)
+  ![活动作业列表的屏幕截图](/assets/images/help/settings/actions-runner-active-jobs.png)
 
-## Viewing queued jobs in your organization or enterprise
+## 查看组织或企业中排队的作业
 
-{% data variables.product.prodname_dotcom %}-hosted runners allow you to run jobs concurrently, and the maximum number of concurrent jobs will vary depending on your plan. If you reach the maximum number of concurrent jobs, any new jobs will start to enter a queue. To find out more about the number of concurrent jobs available to your plan, see "[Usage limits, billing, and administration](/actions/learn-github-actions/usage-limits-billing-and-administration)."
+{% data variables.product.prodname_dotcom %} 托管的运行器允许您并发运行作业，并且并发作业的最大数量将根据您的计划而有所不同。 如果达到最大并发作业数，则任何新作业都将开始进入队列。 若要了解有关计划可用的并发作业数的详细信息，请参阅“[使用限制、计费和管理](/actions/learn-github-actions/usage-limits-billing-and-administration)”。
 
-The following procedure demonstrates how to check the maximum number of concurrent jobs you can run.
+以下过程演示如何检查可以运行的最大并发作业数。
 
 {% data reusables.actions.github-hosted-runners-navigate-to-repo-org-enterprise %}
 {% data reusables.actions.github-hosted-runners-table-entry %}
-1. Review the "All jobs usage" section, which lists the number of active jobs and the maximum number of jobs you can run. In this example, `9` jobs are currently running out of a maximum of `180`. ![Screenshot of the maximum jobs for an account](/assets/images/help/settings/github-hosted-runners-max-jobs.png)
+1. 查看“All jobs usage（所有作业使用情况）”部分，其中列出了活动作业数和可以运行的最大作业数。 在此示例中， `9` 个作业正在运行，最大作业数为 `180`。 ![帐户的最大作业数屏幕截图](/assets/images/help/settings/github-hosted-runners-max-jobs.png)

translations/zh-CN/content/actions/using-workflows/caching-dependencies-to-speed-up-workflows.md

@@ -24,13 +24,13 @@ topics:
 
 要缓存作业的依赖项，您需要使用 {% data variables.product.prodname_dotcom %} 的 `cache` 操作。 该操作检索由唯一键标识的缓存。 更多信息请参阅 [`actions/cache`](https://github.com/actions/cache)。
 
-If you are caching the package managers listed below, consider using the respective setup-* actions, which require almost zero configuration and are easy to use.
+如果要缓存下面列出的包管理器，请考虑使用相应的 setup-* 操作，这些操作几乎不需要任何配置，并且易于使用。
 
 <table>
 <thead>
   <tr>
-    <th>Package managers</th>
-    <th>setup-* action for caching</th>
+    <th>包管理器</th>
+    <th>用于缓存的 setup-* 操作</th>
   </tr>
 </thead>
 <tbody>
@@ -89,7 +89,7 @@ If you are caching the package managers listed below, consider using the respect
 ### `cache` 操作的输入参数
 
 - `key`：**必要** 保存缓存时创建的键，以及用于搜索缓存的键。 可以是变量、上下文值、静态字符串和函数的任何组合。 密钥最大长度为 512 个字符，密钥长度超过最大长度将导致操作失败。
-- `path`：**必要** 运行器上缓存或还原的文件路径。 The path can be an absolute path or relative to the workspace directory.
+- `path`：**必要** 运行器上缓存或还原的文件路径。 路径可以是绝对路径或相对于工作区目录的路径。
   - 路径可以是目录或单个文件，并且支持 glob 模式。
   - 使用 `cache` 操作的 `v2`，可以指定单个路径，也可以在单独的行上添加多个路径。 例如：
 
@@ -102,7 +102,16 @@ If you are caching the package managers listed below, consider using the respect
           ~/.gradle/wrapper
     ```
   - 对于 `cache` 操作的 `v1`，仅支持单个路径，它必须是一个目录。 您不能缓存单个文件。
-- `restore-keys`：**可选** `key` 没有发生缓存命中时用于查找缓存的其他密钥顺序列表。
+- `restore-keys`：**可选** 包含备用恢复键的字符串，每个恢复键都放在新行上。 如果 `key` 未发生缓存命中，则按提供的查找和恢复缓存的顺序使用这些恢复密钥。 例如：
+
+  {% raw %}
+  ```yaml
+  restore-keys: |
+    npm-foobar-${{ hashFiles('package-lock.json') }}
+    npm-foobar-
+    npm-
+  ```
+  {% endraw %}
 
 ### `cache` 操作的输出参数
 
@@ -232,12 +241,12 @@ restore-keys: |
 
 ## 使用限制和收回政策
 
-{% data variables.product.prodname_dotcom %} 将删除 7 天内未被访问的任何缓存条目。 There is no limit on the number of caches you can store, but the total size of all caches in a repository is limited to 10 GB. If you exceed this limit, {% data variables.product.prodname_dotcom %} will save your cache but will begin evicting caches until the total size is less than 10 GB.
+{% data variables.product.prodname_dotcom %} 将删除 7 天内未被访问的任何缓存条目。 可以存储的缓存数没有限制，但存储库中所有缓存的总大小限制为 10 GB。 如果超过此限制，{% data variables.product.prodname_dotcom %} 将保存缓存，但会开始收回缓存，直到总大小小于 10 GB。
 
 {% if actions-cache-management %}
 
-## Managing caches
+## 管理缓存
 
-You can use the {% data variables.product.product_name %} REST API to manage your caches. At present, you can use the API to see your cache usage, with more functionality expected in future updates. For more information, see the "[Actions](/rest/reference/actions#cache)" REST API documentation.
+您可以使用 {% data variables.product.product_name %} REST API 来管理缓存。 目前，您可以使用 API 来查看缓存使用情况，并期望在未来的更新中提供更多功能。 更多信息请参阅 REST API 文档中的“[操作](/rest/reference/actions#cache)”。
 
 {% endif %}

translations/zh-CN/content/actions/using-workflows/events-that-trigger-workflows.md

@@ -899,7 +899,7 @@ on:
 
 jobs:
   if_merged:
-    if: github.event.pull_request_target.merged == true
+    if: github.event.pull_request.merged == true
     runs-on: ubuntu-latest
     steps:
     - run: |
@@ -1081,7 +1081,7 @@ on:
 
 {% note %}
 
-**Note:** The `event_type` value is limited to 100 characters.
+**注意：** `event_type` 值限制为 100 个字符。
 
 {% endnote %}
 

translations/zh-CN/content/admin/code-security/index.md

@@ -1,7 +1,7 @@
 ---
-title: Managing code security for your enterprise
-shortTitle: Manage code security
-intro: 'You can build security into your developers'' workflow with features that keep secrets and vulnerabilities out of your codebase, and that maintain your software supply chain.'
+title: 管理企业的代码安全性
+shortTitle: 管理代码安全性
+intro: 您可以使用将机密和漏洞排除在代码库之外并维护软件供应链的功能，将安全性构建到开发人员的工作流程中。
 versions:
   ghes: '*'
   ghec: '*'

translations/zh-CN/content/admin/code-security/managing-github-advanced-security-for-your-enterprise/deploying-github-advanced-security-in-your-enterprise.md

@@ -1,5 +1,5 @@
 ---
-title: 在企业中部署 GitHub Advanced Security
+title: Deploying GitHub Advanced Security in your enterprise
 intro: 'Learn how to plan, prepare, and implement a phased approach for rolling out {% data variables.product.prodname_GH_advanced_security %} (GHAS) in your enterprise.'
 product: '{% data reusables.gated-features.advanced-security %}'
 redirect_from:
@@ -82,10 +82,12 @@ We recommend you cover these topics in your internal kickoff meeting at your com
 
 - What are your business success metrics, how do you plan to measure and report on those measures?
   - If these have not been defined, please define them. If they have been defined, communicate them and talk about how you plan to provide data-driven progress updates.
-- Review of how GHAS works within the SDLC (Software Development Life cycle) and how this is expected to work for your company.
+- Review of how GHAS works within the SDLC (Software Development Life cycle) and how this is
+expected to work for your company.
 - Review of best practices if your company did not participate in the Proof of Concept exercise (or a refresher if your team finds value in this review)
   - How does this compare/contrast with your existing Application Security Program?
-- Discuss and agree how your internal team will work best together throughout rollout and implementation.
+- Discuss and agree how your internal team will work best together throughout rollout and
+implementation.
   - Align on your communications plans and frequency of meetings for your internal team
   - Review tasks for rollout and implementation completion, defining roles and responsibilities. We have outlined the majority of the tasks in this article, but there may be additional tasks your company requires we have not included.
   - Consider establishing a “Champions Program” for scaled enablement
@@ -106,7 +108,8 @@ If you’re working independently, this section outlines some things to ensure a
 Plans for process changes (if needed) and training for team members as needed:
   - Documented team assignments for roles and responsibilities. For more information on the permissions required for each feature, see "[Repository roles for an organization](/organizations/managing-access-to-your-organizations-repositories/repository-roles-for-an-organization#access-requirements-for-security-features)."
   - Documented plan of tasks and timelines/timeframes where possible. This should include infrastructure changes, process changes/training, and all subsequent phases of enablement of GHAS, allowing for timeframes for remediations and configuration adjustments as needed. For more information, see "[Phase 1: Pilot projects(s)](/admin/advanced-security/deploying-github-advanced-security-in-your-enterprise#--phase-1-pilot-projects)" below.
-  - Prioritized plan for which projects/teams will have GHAS enabled first, and subsequent plans for which projects/teams will come in following phases
+  - Prioritized plan for which projects/teams will have GHAS enabled first, and subsequent
+plans for which projects/teams will come in following phases
   - Success metrics based on business goals. This will be a crucial reference point following the Pilot Project(s) to gain buy-in for the full rollout.
 
 {% note %}
@@ -119,11 +122,11 @@ Plans for process changes (if needed) and training for team members as needed:
 
 For {% data variables.product.prodname_ghe_server %} customers, to help ensure your instance can support the rollout and implementation of GHAS, review the following:
 
-- While upgrading to GHES 3.0 is not required, you must upgrade to GHES 3.0 or higher to take advantage of feature combinations such as code scanning and {% data variables.product.prodname_actions %}. 更多信息请参阅“[升级 {% data variables.product.prodname_ghe_server %}](/admin/enterprise-management/updating-the-virtual-machine-and-physical-resources/upgrading-github-enterprise-server)。”
+- While upgrading to GHES 3.0 is not required, you must upgrade to GHES 3.0 or higher to take advantage of feature combinations such as code scanning and {% data variables.product.prodname_actions %}. For more information, see "[Upgrading {% data variables.product.prodname_ghe_server %}](/admin/enterprise-management/updating-the-virtual-machine-and-physical-resources/upgrading-github-enterprise-server)."
 
-- 在高性能配置中，完全冗余的次级 {% data variables.product.prodname_ghe_server %} 设备通过复制所有主要数据存储与主设备保持同步。 For more information on setting up high availability, see "[Configuring High Availability](/admin/enterprise-management/configuring-high-availability)."
+- In a high availability configuration, a fully redundant secondary {% data variables.product.prodname_ghe_server %} appliance is kept in sync with the primary appliance through replication of all major datastores. For more information on setting up high availability, see "[Configuring High Availability](/admin/enterprise-management/configuring-high-availability)."
 
-- To help support any discussions regarding potential changes to your company's set up, you can review the {% data variables.product.prodname_ghe_server %} system overview. 更多信息请参阅“[系统概述](/admin/overview/system-overview)”。
+- To help support any discussions regarding potential changes to your company's set up, you can review the {% data variables.product.prodname_ghe_server %} system overview. For more information, see "[System overview](/admin/overview/system-overview)."
 
 {% endif %}
 
@@ -131,10 +134,12 @@ For {% data variables.product.prodname_ghe_server %} customers, to help ensure y
 
 As your company prepares to begin your pilot project(s), it’s crucial to ensure that you have set a baseline for where your enterprise is today and have defined clear success metrics to measure your pilot project(s) progress against.
 
-There are likely key business goals your company has that will need to be measured against, but there are other metrics we can identify to help gauge your pilot’s success.
+There are likely key business goals your company has that will need to be measured
+against, but there are other metrics we can identify to help gauge your pilot’s success.
 
 As a starting point, some of these metrics might include:
-  - The mean time to remediation for GHAS vulnerabilities versus the previous tooling and practices the pilot project(s) / team(s) utilized.
+  - The mean time to remediation for GHAS vulnerabilities versus the previous tooling and
+practices the pilot project(s) / team(s) utilized.
   - The code scanning integration's findings for the top X most critical applications.
   - The number of applications that have SAST (Static application security testing) integrated versus before the engagement.
 
@@ -143,14 +148,20 @@ If you participated in the POC exercise prior to purchasing GHAS, these objectiv
   - Security / CISO (Chief Information Security Officer)
   - Application Development Teams
 
-If you’d like to take things a step further, you can look at utilizing OWASP’s DevSecOps Maturity Model (DSOMM) to work towards reaching a Level 1 maturity. There are four main evaluation criteria in DSOMM:
+If you’d like to take things a step further, you can look at utilizing OWASP’s DevSecOps
+Maturity Model (DSOMM) to work towards reaching a Level 1 maturity. There are four main
+evaluation criteria in DSOMM:
 
-- **Static depth:** How comprehensive is the static code scan that you’re performing within the AppSec CI pipeline
-- **Dynamic depth:** How comprehensive is the dynamic scan that is being run within the AppSec CI pipeline
+- **Static depth:** How comprehensive is the static code scan that you’re performing within
+the AppSec CI pipeline
+- **Dynamic depth:** How comprehensive is the dynamic scan that is being run within the
+AppSec CI pipeline
 - **Intensity:** Your schedule frequency for the security scans running in AppSec CI pipeline
-- **Consolidation:** Your remediation workflow for handling findings and process completeness
+- **Consolidation:** Your remediation workflow for handling findings and process
+completeness
 
-To learn more about this approach and how to implement it in GHAS, you can download our white paper "[Achieving DevSecOps Maturity with GitHub](https://resources.github.com/whitepapers/achieving-devsecops-maturity-github/)."
+To learn more about this approach and how to implement it in GHAS,
+you can download our white paper "[Achieving DevSecOps Maturity with GitHub](https://resources.github.com/whitepapers/achieving-devsecops-maturity-github/)."
 
 Based on your wider company’s goals and current levels of DevSecOps maturity, we can help you determine how to best measure your pilot’s progress and success.
 
@@ -162,7 +173,9 @@ Based on your wider company’s goals and current levels of DevSecOps maturity,
 
 {% endnote %}
 
-To begin enabling GHAS across your company, we recommend beginning with a few high-impact projects or teams to pilot an initial rollout. This will allow an initial group within your company to get familiar with GHAS and build a solid foundation on GHAS before rolling out to the remainder of your company.
+To begin enabling GHAS across your company, we recommend beginning with a few
+high-impact projects or teams to pilot an initial rollout. This will allow an initial
+group within your company to get familiar with GHAS and build a solid foundation on GHAS before rolling out to the remainder of your company.
 
 Before you start your pilot project(s), we recommend that you schedule some checkpoint meetings for your team(s), such as an initial meeting, midpoint review, and a wrap-up session when the pilot is complete. These checkpoint meetings will help you all make adjustments as needed and ensure your team(s) are prepared and supported to complete the pilot successfully.
 
@@ -182,7 +195,7 @@ You need to enable GHAS for each pilot project, either by enabling the GHAS feat
 
 The vast majority of GHAS set-up and installation is centered around enabling and configuring code scanning on your enterprise and in your repositories.
 
-Code scanning allows you to analyze code in a {% data variables.product.prodname_dotcom %} repository to find security vulnerabilities and coding errors. Code scanning can be used to find, triage, and prioritize fixes for existing problems in your code, as well as help prevent developers from introducing new problems that may otherwise reach production. 更多信息请参阅“[关于代码扫描](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning)”。
+Code scanning allows you to analyze code in a {% data variables.product.prodname_dotcom %} repository to find security vulnerabilities and coding errors. Code scanning can be used to find, triage, and prioritize fixes for existing problems in your code, as well as help prevent developers from introducing new problems that may otherwise reach production. For more information, see "[About code scanning](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning)."
 
 ### Step 2: Set up {% data variables.product.prodname_code_scanning_capc %}
 
@@ -198,23 +211,24 @@ To set up code scanning, you must decide whether you'll run code scanning with [
 
 {% ifversion ghes %}
 
-To set up code scanning with {% data variables.product.prodname_actions %} for {% data variables.product.prodname_ghe_server %}, you'll need to provision one or more self-hosted {% data variables.product.prodname_actions %} runners in your environment. For more information, see "[Setting up a self-hosted runner](/admin/advanced-security/configuring-code-scanning-for-your-appliance#running-code-scanning-using-github-actions)."
+To set up code scanning with {% data variables.product.prodname_actions %} for {% data variables.product.prodname_ghe_server %}, you'll need to provision one or more self-hosted {% data variables.product.prodname_actions %} runners in your
+environment. For more information, see "[Setting up a self-hosted runner](/admin/advanced-security/configuring-code-scanning-for-your-appliance#running-code-scanning-using-github-actions)."
 
 {% endif %}
 
-For {% data variables.product.prodname_ghe_cloud %}, you can start to create a {% data variables.product.prodname_actions %} workflow using the [CodeQL action](https://github.com/github/codeql-action/) to run code scanning on a repository. {% data variables.product.prodname_code_scanning_capc %} uses [GitHub-hosted runners](/actions/using-github-hosted-runners/about-github-hosted-runners) by default, but this can be customized if you plan to host your own runner with your own hardware specifications. 更多信息请参阅“[关于自托管运行器](/actions/hosting-your-own-runners)”。
+For {% data variables.product.prodname_ghe_cloud %}, you can start to create a {% data variables.product.prodname_actions %} workflow using the [CodeQL action](https://github.com/github/codeql-action/) to run code scanning on a repository. {% data variables.product.prodname_code_scanning_capc %} uses [GitHub-hosted runners](/actions/using-github-hosted-runners/about-github-hosted-runners) by default, but this can be customized if you plan to host your own runner with your own hardware specifications. For more information, see "[About self-hosted runners](/actions/hosting-your-own-runners)."
 
 For more information about {% data variables.product.prodname_actions %}, see:
   - "[Learn GitHub Actions](/actions/learn-github-actions)"
   - "[Understanding GitHub Actions](/actions/learn-github-actions/understanding-github-actions)"
-  - "[触发工作流程的事件](/actions/learn-github-actions/events-that-trigger-workflows)"
+  - "[Events that trigger workflows](/actions/learn-github-actions/events-that-trigger-workflows)"
   - "[Filter Pattern Cheat Sheet](/actions/learn-github-actions/workflow-syntax-for-github-actions#filter-pattern-cheat-sheet)"
 
 #### Using a third-party CI system with the CodeQL CLI for {% data variables.product.prodname_code_scanning %}
 
 If you’re not using {% data variables.product.prodname_actions %} and have your own continuous integration system, you can use the CodeQL CLI to perform CodeQL code scanning in a third-party CI system.
 
-更多信息请参阅：
+For more information, see:
   - "[About CodeQL code scanning in your CI system](/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/about-codeql-code-scanning-in-your-ci-system)"
 
 ### Step 3: Enable {% data variables.product.prodname_code_scanning_capc %} in repositories
@@ -227,19 +241,24 @@ For an example of a script that opens pull requests to add a {% data variables.p
 
 ### Step 4: Run code scans and review your results
 
-With code scanning enabled in the necessary repositories, you're ready to help your development team(s) understand how to run code scans and reports, view reports, and process results.
+With code scanning enabled in the necessary repositories, you're ready to help your
+development team(s) understand how to run code scans and reports, view reports, and process results.
 
 #### {% data variables.product.prodname_code_scanning_capc %}
 
-With code scanning, you can find vulnerabilities and errors in your project's code on GitHub, as well as view, triage, understand, and resolve the related {% data variables.product.prodname_code_scanning %} alerts.
+With code scanning, you can find vulnerabilities and errors in your project's code on GitHub,
+as well as view, triage, understand, and resolve the related {% data variables.product.prodname_code_scanning %} alerts.
 
-When code scanning identifies a problem in a pull request, you can review the highlighted code and resolve the alert. 更多信息请参阅“[对拉取请求中的 {% data variables.product.prodname_code_scanning %} 警报分类](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/triaging-code-scanning-alerts-in-pull-requests)”。
+When code scanning identifies a problem in a pull request, you can review the highlighted
+code and resolve the alert. For more information, see "[Triaging {% data variables.product.prodname_code_scanning %} alerts in pull requests](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/triaging-code-scanning-alerts-in-pull-requests)."
 
-If you have write permission to a repository you can manage code scanning alerts for that repository. With write permission to a repository, you can view, fix, dismiss, or delete alerts for potential vulnerabilities or errors in your repository's code. 更多信息请参阅“[管理仓库的代码扫描警报](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/managing-code-scanning-alerts-for-your-repository)”。
+If you have write permission to a repository you can manage code scanning alerts for that
+repository. With write permission to a repository, you can view, fix, dismiss, or delete alerts for potential
+vulnerabilities or errors in your repository's code. For more information, see "[Managing code scanning alerts for your repository](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/managing-code-scanning-alerts-for-your-repository)."
 
 #### Generate reports of {% data variables.product.prodname_code_scanning %} alerts
 
-If you’d like to create a report of your code scanning alerts, you can use the {% data variables.product.prodname_code_scanning_capc %} API. 更多信息请参阅“[{% data variables.product.prodname_code_scanning_capc %} API](/rest/reference/code-scanning)”。
+If you’d like to create a report of your code scanning alerts, you can use the {% data variables.product.prodname_code_scanning_capc %} API. For more information, see the "[{% data variables.product.prodname_code_scanning_capc %} API](/rest/reference/code-scanning)."
 
 For an example of how to use the {% data variables.product.prodname_code_scanning_capc %} API, see the [`get-code-scanning-alerts-in-org-sample`](https://github.com/jhutchings1/get-code-scanning-alerts-in-org-sample) repository.
 
@@ -247,7 +266,7 @@ For an example of how to use the {% data variables.product.prodname_code_scannin
 
 When running initial code scans, you may find that no results are found or that an unusual number of results are returned. You may want to adjust what is flagged in future scans.
 
-更多信息请参阅“[配置代码扫描](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning)”。
+For more information, see "[Configuring code scanning](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning)."
 
 If your company wants to use other third-party code analysis tools with GitHub code scanning, you can use actions to run those tools within GitHub. Alternatively, you can upload results, generated by third-party tools as SARIF files, to code scanning. For more information, see "[Integrating with code scanning](/code-security/code-scanning/integrating-with-code-scanning)."
 
@@ -269,13 +288,13 @@ To learn how to view and close alerts for secrets checked into your repository,
 
 GitHub helps you avoid using third-party software that contains known vulnerabilities. We provide the following tools for removing and avoiding vulnerable dependencies.
 
-| Dependency Management Tool                     | 描述                                                                                                                                                                                                                                                                                                                                                                                             |
-| ---------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-| Dependabot Alerts                              | You can track your repository's dependencies and receive Dependabot alerts when your enterprise detects vulnerable dependencies. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies)."                          |
-| Dependency Graph                               | 依赖项图是存储在仓库中的清单和锁定文件的摘要。 它显示您的代码库所依赖的生态系统和软件包（其依赖项）以及依赖于您的项目的仓库和包（其从属项）。 更多信息请参阅“[关于依赖关系图](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph)”。 |{% ifversion ghes > 3.1 or ghec %}
-| Dependency Review                              | 如果拉取请求包含对依赖项的更改，您可以查看已更改内容摘要以及任何依赖项中是否存在已知漏洞。 For more information, see "[About dependency review](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review)" or  "[Reviewing Dependency Changes in a Pull Request](/github/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-dependency-changes-in-a-pull-request)." |{% endif %} {% ifversion ghec or ghes > 3.2 %}
-| Dependabot Security Updates                    | Dependabot can fix vulnerable dependencies for you by raising pull requests with security updates. For more information, see "[About Dependabot security updates](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates)."                                                                                             |
-| Dependabot Version Updates                     | Dependabot can be used to keep the packages you use updated to the latest versions. 更多信息请参阅“[关于 Dependabot 版本更新](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/about-dependabot-version-updates)”。 | {% endif %}
+| Dependency Management Tool | Description |
+|----|----|
+| Dependabot Alerts | You can track your repository's dependencies and receive Dependabot alerts when your enterprise detects vulnerable dependencies. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies)." |
+| Dependency Graph | The dependency graph is a summary of the manifest and lock files stored in a repository. It shows you the ecosystems and packages your codebase depends on (its dependencies) and the repositories and packages that depend on your project (its dependents). For more information, see "[About the dependency graph](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph)." |{% ifversion ghes > 3.1 or ghec %}
+| Dependency Review | If a pull request contains changes to dependencies, you can view a summary of what has changed and whether there are known vulnerabilities in any of the dependencies. For more information, see "[About dependency review](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review)" or  "[Reviewing Dependency Changes in a Pull Request](/github/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-dependency-changes-in-a-pull-request)." | {% endif %} {% ifversion ghec or ghes > 3.2 %}
+| Dependabot Security Updates | Dependabot can fix vulnerable dependencies for you by raising pull requests with security updates. For more information, see "[About Dependabot security updates](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates)." |
+| Dependabot Version Updates | Dependabot can be used to keep the packages you use updated to the latest versions. For more information, see "[About Dependabot version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/about-dependabot-version-updates)." | {% endif %}
 
 {% data reusables.dependabot.beta-security-and-version-updates-onboarding %}
 
@@ -301,7 +320,8 @@ You can learn more about [CodeQL queries](https://codeql.github.com/docs/writing
 
 All throughout the pilot phase, it’s essential to create and maintain high-quality internal documentation of the infrastructure and process changes made within your company, as well as learnings from the pilot process and configuration changes made as your team(s) progress throughout the rollout and implementation process.
 
-Having thorough and complete documentation helps make the remaining phases of your rollout more of a repeatable process. Good documentation also ensures that new teams can be onboarded consistently throughout the rollout process and as new team members join your team(s).
+Having thorough and complete documentation helps make the remaining phases of your rollout more of a repeatable process.
+Good documentation also ensures that new teams can be onboarded consistently throughout the rollout process and as new team members join your team(s).
 
 Good documentation doesn’t end when rollout and implementation are complete. The most helpful documentation is actively updated and evolves as your teams expand their experience using GHAS and as their needs grow.
 
@@ -356,7 +376,8 @@ Based on what you learned from your pilot project(s), update the rollout plan yo
 {% note %}
 
 {% octicon "clock" aria-label="Clock" %} **Estimated timing:** We estimate that phase 3 may
-last anywhere from 2 weeks to multiple months. This range can vary largely depending on your company’s size, number of repositories/teams, level of change the GHAS rollout will be for your company, etc.
+last anywhere from 2 weeks to multiple months. This range can vary largely depending on
+your company’s size, number of repositories/teams, level of change the GHAS rollout will be for your company, etc.
 
 {% endnote %}
 
@@ -381,11 +402,11 @@ To help support your teams, here's a recap of relevant GitHub documentation.
 
 For documentation on how to enable GHAS, see:
   - "[Enabling Advanced Security features](/get-started/learning-about-github/about-github-advanced-security)"
-  - “[管理组织的安全性和分析设置](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization)”
-  - "[管理仓库的安全和分析设置](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository)"
+  - "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization)"
+  - "[Managing security and analysis settings for your repository](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository)"
 
 For documentation on how to migrate to GitHub, see:
-  - “[将源代码导入到 GitHub](/github/importing-your-projects-to-github/importing-source-code-to-github)”
+  - "[Importing source code to GitHub](/github/importing-your-projects-to-github/importing-source-code-to-github)"
 
 For documentation on getting started with GitHub, see:
   - "[Get started](/get-started)"

translations/zh-CN/content/admin/code-security/managing-github-advanced-security-for-your-enterprise/overview-of-github-advanced-security-deployment.md

@@ -1,7 +1,7 @@
 ---
-title: Overview of GitHub Advanced Security deployment
-intro: 'Help your company successfully prepare to adopt {% data variables.product.prodname_GH_advanced_security %} (GHAS) by reviewing and understanding these best practices, rollout examples, and our enterprise-tested phased approach.'
-product: '{% data variables.product.prodname_GH_advanced_security %} is a set of security features designed to make enterprise code more secure. It is available for {% data variables.product.prodname_ghe_server %} 3.0 or higher, {% data variables.product.prodname_ghe_cloud %}, and open source repositories. To learn more about the features, included in {% data variables.product.prodname_GH_advanced_security %}, see "[About GitHub Advanced Security](/get-started/learning-about-github/about-github-advanced-security)."'
+title: GitHub Advanced Security 部署概述
+intro: '通过查看和理解这些最佳实践、部署示例以及我们经过企业测试的分阶段方法，帮助您的公司成功准备采用 {% data variables.product.prodname_GH_advanced_security %} (GHAS)。'
+product: '{% data variables.product.prodname_GH_advanced_security %} is a set of security features designed to make enterprise code more secure. It is available for {% data variables.product.prodname_ghe_server %} 3.0 or higher, {% data variables.product.prodname_ghe_cloud %}, and open source repositories. 要了解有关 {% data variables.product.prodname_GH_advanced_security %} 中包含的功能的更多信息，请参阅“[关于GitHub Advanced Security](/get-started/learning-about-github/about-github-advanced-security)”。'
 redirect_from:
   - /admin/advanced-security/overview-of-github-advanced-security-deployment
 miniTocMaxHeadingLevel: 3
@@ -16,191 +16,191 @@ topics:
   - Security
 ---
 
-{% data variables.product.prodname_GH_advanced_security %} (GHAS) helps teams build more secure code faster using integrated tooling such as CodeQL, the world’s most advanced semantic code analysis engine. GHAS is a suite of tools that requires active participation from developers across your enterprise. To realize the best return on your investment, you must learn how to use, apply, and maintain GHAS to truly protect your code.
+{% data variables.product.prodname_GH_advanced_security %} (GHAS) 可帮助团队使用集成工具（如 CodeQL，世界上最先进的语义代码分析引擎）更快地构建更安全的代码。 GHAS 是一套工具，需要整个企业的开发人员积极参与。 为了实现最佳的投资回报，您必须学习如何使用、应用和维护 GHAS，以真正保护您的代码。
 
-One of the biggest challenges in tackling new software for an company can be the rollout and implementation process, as well as bringing about the cultural change to drive the organizational buy-in needed to make the rollout successful.
+为公司处理新软件的最大挑战之一可能是部署和实施过程，以及发生文化变革以获得部署成功所需的组织支持。
 
-To help your company better understand and prepare for this process with GHAS, this overview is aimed at:
-  - Giving you an overview of what a GHAS rollout might look like for your company.
-  - Helping you prepare your company for a rollout.
-  - Sharing key best practices to help increase your company’s rollout success.
+为帮助贵公司更好地了解和准备使用 GHAS 的这一过程，本概述旨在：
+  - 概述 GHAS 部署对您的公司来说可能是什么样子。
+  - 帮助您的公司为部署做好准备。
+  - 分享关键最佳实践，以帮助提高公司部署的成功率。
 
-To understand the security features available through {% data variables.product.prodname_GH_advanced_security %}, see "[{% data variables.product.prodname_dotcom %} security features](/code-security/getting-started/github-security-features)."
+要了解 {% data variables.product.prodname_GH_advanced_security %} 提供的安全功能，请参阅“[{% data variables.product.prodname_dotcom %} 安全功能](/code-security/getting-started/github-security-features)”。
 
-## Recommended phased approach for GHAS rollouts
+## 推荐用于 GHAS 部署的分阶段方法
 
-We’ve created a phased approach to GHAS rollouts developed from industry and GitHub best practices. You can utilize this approach for your rollout, either in partnership with {% data variables.product.prodname_professional_services %} or independently.
+我们创建了一种分阶段的 GHAS 部署方法，该方法根据行业和 GitHub 最佳实践开发。 You can utilize this approach for your rollout, either in partnership with {% data variables.product.prodname_professional_services %} or independently.
 
-While the phased approach is recommended, adjustments can be made based on the needs of your company. We also suggest creating and adhering to a timeline for your rollout and implementation. As you begin your planning, we can work together to identify the ideal approach and timeline that works best for your company.
+虽然建议采用分阶段方法，但可以根据公司的需求进行调整。 We also suggest creating and adhering to a timeline for your rollout and implementation. 当您开始规划时，我们可以一起确定最适合您公司的理想方法和时间表。
 
 ![Diagram showing the three phases of GitHub Advanced Security rollout and deployment, including Phase 0: Planning & Kickoff, Phase 1: Pilot projects, Phase 2: Org Buy-in and Rollout for early adopters, and Phase 3: Full org rollout & change management](/assets/images/enterprise/security/advanced-security-phased-approach-diagram.png)
 
 
-Based on our experience helping customers with a successful deployment of {% data variables.product.prodname_GH_advanced_security %}, we expect most customers will want to follow these phases. Depending on the needs of your company, you may need to modify this approach and alter or remove some phases or steps.
+根据我们帮助客户成功部署 {% data variables.product.prodname_GH_advanced_security %} 的经验，我们预计大多数客户都希望遵循这些阶段。 根据贵公司的需要，您可能需要修改此方法并更改或删除某些阶段或步骤。
 
-For a detailed guide on implementing each of these phases, see "[Deploying {% data variables.product.prodname_GH_advanced_security %} in your enterprise](/admin/advanced-security/deploying-github-advanced-security-in-your-enterprise)." The next section gives you a high-level summary of each of these phases.
+关于执行每个阶段的详细指南，请参阅“[在企业中部署 {% data variables.product.prodname_GH_advanced_security %}](/admin/advanced-security/deploying-github-advanced-security-in-your-enterprise)”。 下一节将为您提供其中每个阶段的高级摘要。
 
-### {% octicon "milestone" aria-label="The milestone icon" %} Phase 0: Planning & kickoff
+### {% octicon "milestone" aria-label="The milestone icon" %} 第 0 阶段：规划和启动
 
-During this phase, the overall goal is to plan and prepare for your rollout, ensuring that you have your people, processes, and technologies in place and ready for your rollout. You should also consider what success criteria will be used to measure GHAS adoption and usage across your teams.
+在此阶段，总体目标是为部署进行规划和准备，确保您拥有适当的人员、流程和技术，并为部署做好准备。 您还应该考虑将使用哪些成功标准来衡量整个团队的 GHAS 采用和使用情况。
 
-### {% octicon "milestone" aria-label="The milestone icon" %}  Phase 1: Pilot project(s)
+### {% octicon "milestone" aria-label="The milestone icon" %}  第 1 阶段：试点项目
 
-To begin implementing GHAS, we recommend beginning with a few high-impact projects/teams with which to pilot an initial rollout. This will allow an initial group within your company to get familiar with GHAS, learn how to enable and configure GHAS, and build a solid foundation on GHAS before rolling out to the remainder of your company.
+要开始实施 GHAS，我们建议从几个影响力大的项目/团队开始，以便进行初始部署的试点。 这将允许您公司内的初始小组熟悉 GHAS，学习如何启用和配置 GHAS，并在部署到公司的其他部门之前在 GHAS 上建立坚实的基础。
 
-### {% octicon "milestone" aria-label="The milestone icon" %}  Phase 2: Organizational buy-in & rollout preparation
+### {% octicon "milestone" aria-label="The milestone icon" %}  第 2 阶段：组织支持和部署准备
 
-Phase 2 is a recap of previous phases and preparing for a larger rollout across the remainder of the company. In this phase, organizational buy-in can refer to your company’s decision to move forward after the pilot project(s) or the company’s use and adoption of GHAS over time (this is most common). If your company decides to adopt GHAS over time, then phase 2 can continue into phase 3 and beyond.
+第 2 阶段是对前几阶段的回顾，并为在公司其余部分进行更大规模的部署做准备。 在此阶段，组织支持是指公司决定在试点项目后继续推进，还是在公司再使用 GHAS 一段时间（这是最常见的）。 如果您的公司决定再使用 GHAS 一段时间，则第 2 阶段可以继续进入第 3 阶段及以后。
 
-### {% octicon "milestone" aria-label="The milestone icon" %}  Phase 3: Full organizational rollout & change management
+### {% octicon "milestone" aria-label="The milestone icon" %}  第 3 阶段：部署和变更管理的全面组织部署
 
-Once your company is in alignment, you can begin rolling GHAS out to the remainder of the company based on your rollout plan. During this phase, it’s crucial to ensure that a plan has been made for any organizational changes that may need to be made during your rollout of GHAS and ensuring teams understand the need, value, and impact of the change on current workflows.
+在公司达成一致后，您就可以根据部署计划开始将 GHAS 推广到公司的其他部门。 在此阶段，请务必确保为部署 GHAS 期间可能需要进行的任何组织更改制定计划，并确保团队了解更改对当前工作流程的需求、价值和影响。
 
-## Best practices for a successful GHAS rollout
+## 成功部署 GHAS 的最佳实践
 
-We’ve found that companies that have completed successful GHAS rollouts have several similar characteristics that help drive their success. To help your company increase the success of your GHAS rollout, review these best practices.
+我们发现，已经成功完成 GHAS 部署的公司具有几个类似的特征，这些特征有助于推动其成功。 为了帮助您的公司提高 GHAS 部署的成功率，请查看这些最佳实践。
 
-### {% octicon "checklist" aria-label="The checklist icon" %} Set clear goals for your company’s rollout
+### {% octicon "checklist" aria-label="The checklist icon" %} 为公司的部署设定明确的目标
 
-Setting goals may seem obvious, but we do see some companies that begin GHAS rollouts with no clear goals in mind. It’s more difficult for these companies to gain the true organizational buy-in that’s needed to complete the rollout process and realize the value of GHAS within their company.
+设定目标似乎是显而易见的，但我们确实看到一些公司在开始部署 GHAS 时没有明确的目标。 对于这些公司来说，要获得完成部署并在公司内部实现 GHAS 价值所需的真正组织支持，就会更加困难。
 
-As you begin planning for your rollout and implementation, begin outlining goals for GHAS within your company and ensure these are communicated to your team. Your goals can be highly detailed or something simple, as long as there is a starting point and alignment. This will help build a foundation for the direction of your company’s rollout and can help you build a plan to get there. If you need assistance with your goals, {% data variables.product.prodname_professional_services %} can help with recommendations based on our experience with your company and prior engagements with other customers.
+当您开始规划部署和实施时，请先概述公司内部 GHAS 的目标，并确保将这些目标传达给您的团队。 目标可以是非常详细，也可以很简单，但必须有起点并达成一致。 这将有助于为公司的部署方向奠定基础，并帮助您制定实现目标的计划。 如果您在实现目标方面需要帮助， {% data variables.product.prodname_professional_services %} 可以根据我们在贵公司的经验以及之前与其他客户的合作情况，为您提供建议。
 
-Here are some high-level examples of what your goals for rolling out GHAS might look like:
-  - **Reducing the number of vulnerabilities:** This may be in general, or because your  company was recently impacted by a significant vulnerability that you believe could  have been prevented by a tool like GHAS.
-  - **Identifying high-risk repositories:** Some companies may simply want to target repositories that contain the most risk, ready to begin remediating vulnerabilities and reducing risk.
-  -  **Increasing remediation rates:** This can be accomplished by driving developer adoption of findings and ensuring these vulnerabilities are remediated in a timely manner, preventing  the accumulation of security debt.
-  - **Meeting compliance requirements:** This can be as simple as creating new compliance  requirements or something more specific. We find many healthcare companies use GHAS to prevent the exposure of PHI (Personal Health Information).
-  - **Preventing secrets leakage:** This is often a goal of companies that have had (or want to  prevent) critical information leaked such as software keys, customer or financial data, etc.
-  - **Dependency management:** This is often a goal for companies that may have fallen  victim due to hacks from unpatched dependencies, or those seeking to prevent these  types of attacks by updating vulnerable dependencies.
+以下是一些简要示例，说明部署 GHAS 的目标可能是什么样子：
+  - **减少漏洞数量：** 这可能是一般目标，或者因为您的公司最近受到重大漏洞的影响，您认为可以通过 GHAS 等工具阻止这些漏洞。
+  - **识别高风险存储库：** 一些公司可能只想找到包含最大风险的存储库，以便开始修复漏洞并降低风险。
+  -  **提高修复率：** 这可以通过推动开发人员采用调查结果并确保及时修复这些漏洞，防止安全问题累积来实现。
+  - **满足合规性要求：** 这可以像创建新的合规性要求或更具体的内容一样简单。 我们发现许多医疗保健公司使用 GHAS 来防止 PHI（个人健康信息）的暴露。
+  - **防止机密泄露：** 这通常是已经（或希望防止）关键信息泄露（如软件密钥，客户或财务数据等）的公司的目标。
+  - **依赖项管理：** 对于可能由于未修补的依赖项的黑客攻击而成为受害者的公司，或者那些试图通过更新易受攻击的依赖项来防止这类攻击的公司来说，这通常是一个目标。
 
-### {% octicon "checklist" aria-label="The checklist icon" %} Establish clear communication and alignment between your teams
+### {% octicon "checklist" aria-label="The checklist icon" %} 在团队之间建立清晰的沟通和一致性
 
-Clear communication and alignment are critical to the success of any project, and the rollout of GHAS is no different. We’ve found that companies that have clear communication and alignment between their security and development groups, as well as their executive sponsor (either CISO or VP) from the purchase of GHAS through rollout, often have more success with their rollouts.
+清晰的沟通和一致性对于任何项目的成功都至关重要，GHAS 的部署也不例外。 我们发现，从购买 GHAS 到部署期间，其安全和开发团队以及其执行发起人（CISO 或 VP）之间具有明确沟通和一致性的公司，部署通常会取得更大的成功。
 
-In addition to ensuring these groups are aligned throughout your GHAS rollout, there are a few specific areas we recommend focusing on.
+除了确保这些组在整个 GHAS 部署过程中保持一致之外，我们还建议关注一些特定领域。
 
-#### Rollout planning
+#### 部署规划
 
-How will you roll out GHAS to your company? There will likely be many ideas and opinions. Here are some questions you should consider answering and aligning on before moving  forward:
-  - What teams will be included in the pilot?
-  - What projects are focused on in the pilot?
-  - How should projects be prioritized for rollout?
-  - How do you plan to measure success in the pilot and beyond?
-  - What is the level of daily change your teams will be taking on? How will that be  communicated?
-  - How will your rollout plans be communicated across the company?
-  - How do you plan to train your teams?
-  - How do you plan to manage scan results initially? (For more information, see the next section on "Processing results")
+如何将 GHAS 推广到您的公司？ 可能会有很多想法和意见。 以下是在继续推进之前应考虑回答和调整的一些问题：
+  - 哪些团队将包含在试点中？
+  - 试点项目重点关注哪些项目？
+  - 应如何确定项目部署的优先级？
+  - 您计划如何衡量试点及以后的成功？
+  - 您的团队将会进行的日常改变程度如何？ 如何沟通这些？
+  - 您的部署计划将如何在整个公司内传达？
+  - 您计划如何培训您的团队？
+  - 您最初计划如何管理扫描结果？ （有关详细信息，请参阅下一节“处理结果”）
 
-#### Processing results
+#### 处理结果
 
-Before GHAS is rolled out to your teams, there should be clear alignment on how results  should be managed over time. We recommend initially looking at results as more informative  and non-blocking. It’s likely your company has a full CI/CD pipeline, so we recommend this  approach to avoid blocking your company’s process. As you get used to processing these  results, then you can incrementally increase the level of restriction to a point that feels more  accurate for your company.
+在向团队推出 GHAS 之前，应明确协调如何随着时间的推移管理结果。 我们建议最初将结果视为信息量更大且非阻塞的结果。 公司可能具有完整的 CI/CD 管道，因此我们建议使用此方法以避免阻止公司的流程。 当您习惯于处理这些结果时，可以逐步将限制级别提高到对您的公司来说更准确的程度。
 
-### {% octicon "checklist" aria-label="The checklist icon" %}  Lead your rollout with both your security and development groups
+### {% octicon "checklist" aria-label="The checklist icon" %}  通过安全和开发团队领导您的部署
 
-Many companies lead their GHAS rollout efforts with their security group. Often, development teams aren’t included in the rollout process until the pilot has concluded. However, we’ve found that companies that lead their rollouts with both their security and development teams tend to have more success with their GHAS rollout.
+许多公司通过其安全小组领导其 GHAS 部署工作。 通常，在试点结束之前，开发团队不会参与部署过程。 但是，我们发现，通过安全和开发团队领导其部署的公司往往在部署 GHAS 方面取得更大的成功。
 
-为什么？ GHAS takes a developer-centered approach to software security by integrating seamlessly into the developer workflow. Not having key representation from your development group early in the process increases the risk of your rollout and creates an uphill path towards organizational buy-in.
+为什么？ GHAS 采用以开发人员为中心的软件安全方法，无缝集成到开发人员工作流程中。 在流程的早期没有来自开发团队的关键代表会增大部署风险，获得组织支持也会更难。
 
-When development groups are involved earlier (ideally from purchase), security and development groups can achieve alignment early in the process. This helps to remove silos  between the two groups, builds and strengthens their working relationships, and helps shift the  groups away from a common mentality of “throwing things over the wall.” All of these things help support the overall goal to help companies shift and begin  utilizing GHAS to address security concerns earlier in the development process.
+当开发组更早参与时（最好是从购买开始），安全和开发组可以在流程的早期达成一致。 这有助于消除两个群体之间的隔离，建立和加强他们的工作关系，有助于团队摆脱“事不关己，高高挂起”的常见心态。 所有这些事情都有助于支持总体目标，即帮助公司转变并开始利用 GHAS 在开发过程的早期解决安全问题。
 
-#### {% octicon "people" aria-label="The people icon" %} Recommended key roles for your rollout team
+#### {% octicon "people" aria-label="The people icon" %} 建议的部署团队关键角色
 
-We recommend a few key roles to have on your team to ensure that your groups are well represented throughout the planning and execution of your rollout and implementation.
+我们建议您的团队设置几个关键角色，以确保您的团队在部署和实施的整个规划和执行过程中都能合适地代表公司。
 
-We highly recommend your rollout team include these roles:
-- **Executive Sponsor:** This is often the CISO, CIO, VP of Security, or VP of Engineering.
-- **Technical Security Lead:** The technical security lead provides technical support on behalf of the security team throughout the implementation process.
-- **Technical Development Lead:** The technical development lead provides technical support and will likely lead the implementation effort with the development team.
+我们强烈建议您的部署团队包括以下角色：
+- **执行发起人：** 这通常是 CISO、CIO、安全副总裁或工程副总裁。
+- **技术安全主管：** 技术安全主管在整个实施过程中代表安全团队提供技术支持。
+- **技术开发主管：** 技术开发主管提供技术支持，并可能与开发团队一起领导实施工作。
 
-We also recommend your rollout team include these roles:
-- **Project Manager:** We’ve found that the earlier a project manager can be introduced into the rollout process the higher the likelihood of success.
-- **Quality Assurance Engineer:** Including a member of your company’s Quality Assurance team helps ensure process changes are taken into account for the QA team.
+我们还建议您的部署团队包括以下角色：
+- **项目经理：** 我们发现，部署过程越早引入项目经理，成功的可能性就越高。
+- **质量保证工程师：** 公司质量保证团队的成员加入有助于确保 QA 团队考虑流程更改。
 
-### {% octicon "checklist" aria-label="The checklist icon" %} Understand key GHAS facts to prevent common misconceptions
+### {% octicon "checklist" aria-label="The checklist icon" %} 了解 GHAS 的关键事实，防止常见的误解
 
-Going into a GHAS implementation, it’s important to understand some key basic facts about what GHAS is and can do, to prevent many common misconceptions companies have going into their GHAS rollouts.
+进入 GHAS 实施，重要的是要了解 GHAS 是什么以及可以做什么等一些关键的基本事实，以防止公司在部署 GHAS 时出现许多常见的误解。
 
 {% note %}
 
-**Note:** If you’re interested in furthering your GHAS education, {% data variables.product.prodname_professional_services %} provides a variety of options for additional education and training, including topics that your company needs to prepare for GHAS. These offerings may take the form of workshops, demonstrations, and bootcamps. Topics can range from deploying GHAS and basic usage of GHAS to more advanced topics to continue to build your team’s skills. For more information on working with the {% data variables.product.prodname_professional_services_team %} team, see "[{% data variables.product.prodname_professional_services %}](#github-professional-services)."
+**注意：** 如果您有兴趣继续接受 GHAS 教育，{% data variables.product.prodname_professional_services %} 提供了多种额外的教育和培训选择，包括您的公司需要为 GHAS 做准备的主题。 这些产品可能采取研讨会、演示和训练营的形式。 主题范围可以从部署 GHAS 和 GHAS 的基本用法到更高级的主题，以继续培养团队的技能。 有关与 {% data variables.product.prodname_professional_services_team %} 团队合作的详细信息，请参阅“[{% data variables.product.prodname_professional_services %}](#github-professional-services)”。
 
 {% endnote %}
 
 
-#### Fact 1: GHAS is a suite of security tools that require action to protect your code.
+#### 事实 1：GHAS 是一套安全工具，需要采取措施来保护您的代码。
 
-It’s not security software that is installed and forgotten—just having GHAS on its own does not protect your code. GHAS is a suite of tools that increases with value when configured, maintained, used in daily  workflows, and in combination with other tools.
+它不是安装并被遗忘的安全软件 - 仅仅拥有 GHAS 本身并不能保护您的代码。 GHAS 是一套工具，在配置、维护、日常工作流程中使用以及与其他工具结合使用时，其价值会随之增加。
 
-#### Fact 2: GHAS will require adjustment out of the box.
+#### 事实 2：GHAS 需要开箱即用的调整。
 
-Once GHAS is set up on your repositories, there are additional steps that need to be taken to ensure it works for your company’s needs. Code scanning in particular requires further configuration to fine-tune your results, for example, customizing what is flagged by the scans to adjust what is picked up in future scans. Many customers find that initial scans either pick up no results or results that are not relevant based on the application's threat model and need to be adjusted to their company’s needs.
+在存储库上设置 GHAS 后，需要采取其他步骤来确保它符合您公司的需求。 代码扫描尤其需要进一步的配置来微调结果，例如，自定义扫描标记的内容以调整在将来的扫描中提取的内容。 许多客户发现，初始扫描要么没有发现任何结果，要么根据应用程序的威胁模型不相关，需要根据公司的需求进行调整。
 
-#### Fact 3: GHAS tools are most effective when used together, but the most effective AppSec programs involve the use of additional tools/activities.
+#### 事实 3：GHAS 工具在一起使用时最有效，但最有效的 AppSec 程序涉及使用其他工具/活动。
 
-GHAS is most effective when all of the tools are used together. When companies integrate GHAS with other tools and activities, such as penetration testing and dynamic scans, it further improves the effectiveness of the AppSec program. We recommend always utilizing multiple layers of protection.
+当所有工具一起使用时，GHAS 最有效。 当公司将 GHAS 与其他工具和活动（例如渗透测试和动态扫描）集成时，会进一步提高 AppSec 程序的有效性。 我们建议始终使用多层保护。
 
-#### Fact 4: Not all companies will use/need custom {% data variables.product.prodname_codeql %} queries, but they can  help you customize/target scan results.
+#### 事实 4：并非所有公司都会使用/需要自定义 {% data variables.product.prodname_codeql %} 查询，但它们可以帮助您自定义/定位扫描结果。
 
-Code scanning is powered by {% data variables.product.prodname_codeql %}—the world’s most powerful code analysis engine. While  many companies are excited at the prospect of being able to write custom queries, for a  large portion of our customers the base query set and additional queries available in the  community are typically more than sufficient. However, many companies may find the need  for custom {% data variables.product.prodname_codeql %} queries to help reduce false positives rates in results or crafting new  queries to target results your company may need.
+代码扫描由 {% data variables.product.prodname_codeql %} 提供支持，是世界上最强大的代码分析引擎。 虽然许多公司对能够编写自定义查询的前景感到兴奋，但对于我们的大部分客户来说，社区提供的基本查询集和其他查询通常绰绰有余。 但是，许多公司可能会发现需要自定义 {% data variables.product.prodname_codeql %} 查询，以帮助降低结果中的误报率，或者精心创建新查询以找到公司可能需要的结果。
 
-However, if your company is interested in writing custom {% data variables.product.prodname_codeql %} queries, we recommend  you complete your rollout and implementation of GHAS before exploring custom queries.
+但是，如果您的公司有兴趣编写自定义 {% data variables.product.prodname_codeql %} 查询，我们建议您在探索自定义查询之前完成 GHAS 的部署和实施。
 
 {% note %}
 
-**Note:** It’s crucial for your company to have a solid foundation on GHAS before diving deeper into deeper security  practices.
+**注意：** 在深入研究更深层次的安全实践之前，您的公司在GHAS上打下坚实的基础至关重要。
 
 {% endnote %}
 
-When your company is ready, our Customer Success team can help you navigate the requirements that need to be met and can help ensure your company has good use  cases for custom queries.
+当您的公司准备就绪时，我们的客户成功团队可以帮助您了解需要满足的要求，并有助于确保您的公司具有良好的自定义查询用例。
 
-#### Fact 5: {% data variables.product.prodname_codeql %} scans the whole code base, not just the changes made in a pull request.
+#### 事实 5： {% data variables.product.prodname_codeql %} 会扫描整个代码库，而不仅仅是在拉取请求中所做的更改。
 
-When code scanning is run from a pull request, the scan will include the full codebase and not just the changes made in the pull request. While this may seem unnecessary at times, this is an important step to ensure the change has been reviewed all against all interactions in the codebase.
+当从拉取请求运行代码扫描时，扫描将包括完整的代码库，而不仅仅是在拉取请求中所做的更改。 虽然这有时似乎没有必要，但这是确保更改已针对代码库中的所有交互进行审查的重要步骤。
 
-## Examples of successful {% data variables.product.prodname_GH_advanced_security %} rollouts
+## 成功部署 {% data variables.product.prodname_GH_advanced_security %} 的示例
 
-Now that you have a better understanding of some of the keys to a successful GHAS rollout  and implementation, here are some examples of how our customers made their rollouts successful. Even if your company is in a different place, {% data variables.product.prodname_dotcom %} can help you with building a customized path that suits the needs of your rollout.
+现在，您已经更好地了解了成功部署和实施 GHAS 的一些关键因素，以下是我们的客户如何成功部署的一些示例。 即使您的公司位于不同的地方，{% data variables.product.prodname_dotcom %} 也可以帮助您构建适合您的部署需求的自定义路径。
 
-### Example rollout for a mid-sized healthcare technology company
+### 中型医疗保健技术公司的部署示例
 
-A mid-sized healthcare technology company based out of San Francisco completed a successful GHAS rollout process. While they may not have  had a large number of repositories that needed to be enabled, this company’s keys to success included having a well-organized and aligned team for the rollout, with a clearly established key contact to work with {% data variables.product.prodname_dotcom %} to troubleshoot any issues during the process. This allowed them to complete their rollout within two months.
+一家位于旧金山的中型医疗保健技术公司成功完成了 GHAS 的部署过程。 虽然他们可能没有大量需要启用的存储库，但该公司成功的关键包括拥有一个组织良好且协调一致的部署团队，并有明确的关键联系人，可以与 {% data variables.product.prodname_dotcom %} 合作，以解决过程中的任何问题。 这使他们能够在两个月内完成部署。
 
-In addition, having an engaged development team allowed the company to have teams using code scanning at the pull request level following the completion of their rollout.
+此外，拥有一个敬业的开发团队可团队完成部署后在拉取请求级别使用代码扫描。
 
-### Example rollout for a mid-sized data platform company
+### 中型数据平台公司的部署示例
 
-A global data platform company has had great success with GHAS to  date. They’ve completed their initial implementation and are currently progressing through the rollout process. This company is mature in their security posture and tooling, and are well-aligned as an company. This allows them to operate very self-sufficiently and has enabled them to move quickly and smoothly through their rollout.
+时至今天，一家全球性数据平台公司使用 GHAS 取得了巨大成功。 他们已经完成了最初的实施，目前正在通过推进部署过程。 该公司在安全态势和工具方面很成熟，作为一家公司很好地达成了一致。 这使他们能够完全自主运行，并且快速、顺利地完成部署。
 
-This company's strong alignment, efficient operations, and security tooling maturity allowed them to implement GHAS quickly and build a good foundation for {% data variables.product.prodname_codeql %}. Since their implementation, they can now automatically enable {% data variables.product.prodname_codeql %} across different repositories.
+该公司强大的一致性、高效的运营和安全工具的成熟度，使他们能够快速实施 GHAS，为 {% data variables.product.prodname_codeql %} 奠定良好的基础。 自实施后，他们现在可以自动启用跨不同存储库的 {% data variables.product.prodname_codeql %}。
 
-In addition to their security and technical maturity, another critical key to this company’s success is having a project owner and single point of contact from their team to drive the project forward. Not only is having this key contact crucial, but they are incredibly resourceful and skilled, and directly contribute to the success of the rollout.
+除了安全性和技术成熟度之外，该公司成功的另一个关键是拥有项目所有者和团队的单一联系人来推动项目向前发展。 不仅拥有这样一个关键联系人，而且他们非常足智多谋和熟练，直接为部署的成功做出贡献。
 
-## Prerequisites for your company before rolling out GHAS
+## 公司在部署 GHAS 之前需满足的先决条件
 
-{% data variables.product.prodname_professional_services %} can help to provide additional support to help your company break down and understand these prerequisites and help you get prepared for the GHAS implementation process.
+{% data variables.product.prodname_professional_services %} 可以帮助提供额外的支持，帮助您的公司细分和了解这些先决条件，并帮助您为 GHAS 实施过程做好准备。
 
- ### CI/CD systems and process
+ ### CI/CD 系统和流程
 
-If your company has not yet invested in or implemented continuous integration or continuous delivery (CI/CD) systems and processes, we recommend taking this step in conjunction with moving forward with GHAS. This may be a significant shift for your company—we can work with you to provide recommendations and guidance for implementing a CI/CD system, as well as supporting any training that might be needed.
+如果您的公司尚未投资或实施持续集成或持续交付 (CI/CD) 系统和流程，我们建议您在继续使用 GHAS 的同时采取此步骤。 这对贵公司来说可能是一个重大转变 - 我们可以与您合作，为实施 CI/CD 系统提供建议和指导，并支持可能需要的任何培训。
 
-### Requirements to install {% data variables.product.prodname_GH_advanced_security %}
+### 安装 {% data variables.product.prodname_GH_advanced_security %} 的要求
 
-There are a few different paths that can be taken for your GHAS installation based on what combinations of technologies your company uses. This section outlines a quick breakdown of the different paths your company may need to take.
+根据贵公司使用的技术组合，可以采用几种不同的路径进行 GHAS 安装。 本节概述了贵公司可能需要采取的不同路径的快速细分。
 
 {% ifversion ghes %}
 
 #### {% data variables.product.prodname_ghe_server %}
 
-It’s important that you’re utilizing a version of {% data variables.product.prodname_ghe_server %} (GHES) that will support your company’s needs.
+重要的是，您使用的是支持公司需求的 {% data variables.product.prodname_ghe_server %} (GHES) 版本。
 
-If you’re using an earlier version of GHES (prior to 3.0) and would like to upgrade, there are some requirements that you’ll need to meet before moving forward with the upgrade. 更多信息请参阅：
-  - "[Upgrading {% data variables.product.prodname_ghe_server %}](/enterprise-server@2.22/admin/enterprise-management/updating-the-virtual-machine-and-physical-resources/upgrading-github-enterprise-server)"
-  - "[Upgrade requirements](/enterprise-server@2.20/admin/enterprise-management/upgrade-requirements)"
+如果您使用的是早期版本（3.0 之前）的 GHES 并希望升级，则在升级之前，您需要满足一些要求。 更多信息请参阅：
+  - “[升级 {% data variables.product.prodname_ghe_server %}](/enterprise-server@2.22/admin/enterprise-management/updating-the-virtual-machine-and-physical-resources/upgrading-github-enterprise-server)”
+  - “[升级要求](/enterprise-server@2.20/admin/enterprise-management/upgrade-requirements)”
 
-If you’re using a third-party CI/CD system and want to use {% data variables.product.prodname_code_scanning %}, make sure you have downloaded the {% data variables.product.prodname_codeql_cli %}. For more information, see "[About CodeQL code scanning in your CI system](/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/about-codeql-code-scanning-in-your-ci-system)."
+如果您使用的是第三方 CI/CD 系统，并且想要使用 {% data variables.product.prodname_code_scanning %}，请确保已下载 {% data variables.product.prodname_codeql_cli %}。 For more information, see "[About CodeQL code scanning in your CI system](/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/about-codeql-code-scanning-in-your-ci-system)."
 
-If you're working with {% data variables.product.prodname_professional_services %} for your GHAS rollout, please be prepared to discuss these items at length in your kickoff meeting.
+如果您与 {% data variables.product.prodname_professional_services %} 合作部署 GHAS ，请准备好在启动会议中详细讨论这些项目。
 
 {% endif %}
 
@@ -208,60 +208,60 @@ If you're working with {% data variables.product.prodname_professional_services
 
 #### {% data variables.product.prodname_ghe_cloud %}
 
-If you’re a {% data variables.product.prodname_ghe_cloud %} (GHEC) customer there are prerequisites that you’ll need to meet depending on what CI/CD you plan to utilize.
+如果您是 {% data variables.product.prodname_ghe_cloud %} (GHEC) 客户，则需要满足一些先决条件，具体取决于您计划使用的 CI/CD。
 
-Using {% data variables.product.prodname_actions %} for your CI/CD:
-- To ensure {% data variables.product.prodname_code_scanning %} can be integrated and utilized properly, you should have a basic understanding of {% data variables.product.prodname_actions %} before proceeding with your installation.
+对 CI/CD 使用 {% data variables.product.prodname_actions %} ：
+- 为确保可以正确集成和利用 {% data variables.product.prodname_code_scanning %} ，在继续安装之前，您应该对 {% data variables.product.prodname_actions %} 有基本的了解。
 
-Using a third-party tool for CI/CD:
-- To integrate the {% data variables.product.prodname_codeql_cli %}, you should have a basic understanding of the CI/CD system, as well as *nix and Windows—in particular how commands are executed and how success/failure is signaled. For more information about how to integrate a third-party tool, see "[Using CodeQL code scanning with your existing CI system ](/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system)."
+对 CI/CD 使用第三方工具：
+- 要集成 {% data variables.product.prodname_codeql_cli %}，您应该对 CI/CD 系统以及 *nix 和 Windows 有基本的了解，特别是命令的执行方式以及成功/失败的信号。 有关如何集成第三方工具的更多信息，请参阅“[将 CodeQL 代码扫描与现有 CI 系统结合使用](/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system)”。
 
 {% endif %}
 
-## Partnering with GitHub for your rollout
+## 与 GitHub 合作进行部署
 
-As you prepare for your GHAS implementation, it’s important to  consider what will be required from your company to make this  project successful. Our most successful implementations of GHAS  rely on shared responsibilities between both GitHub and our customers throughout the process with a clearly identified stakeholder from the customer owning the project.
+在为实施 GHAS 做准备时，请务必考虑贵公司需要做些什么才能使该项目取得成功。 我们最成功的 GHAS 实施依赖于 GitHub 和客户在整个过程中，与拥有该项目的客户明确确定的利益相关者共同承担责任。
 
-#### Success model for customer and GitHub responsibilities
+#### 客户和 GitHub 责任的成功模型
 
-**Customer responsibilities**
-- Completing infrastructure and process prerequisites
-- Managing rollout and implementation, including planning and execution
-- Internal training
-- (Optional) Contributing {% data variables.product.prodname_codeql %} queries to the GitHub Community
+**客户责任**
+- 完成基础架构和流程先决条件
+- 管理部署和实施，包括规划和执行
+- 内部培训
+- （可选）向 GitHub 社区提供 {% data variables.product.prodname_codeql %} 查询
 
-**GitHub responsibilities**
+**GitHub 责任**
 
-- Maintenance and enhancements for features, such as {% ifversion ghes %}{% data variables.product.prodname_ghe_server %}{% endif %}, {% data variables.product.prodname_actions %}, {% data variables.product.prodname_GH_advanced_security %}
-- Providing, maintaining, and delivering the following services: {% data variables.product.prodname_dotcom %} Docs, {% data variables.product.prodname_dotcom %} Community, {% data variables.product.prodname_dotcom %} Support
+- 功能的维护和增强，如 {% ifversion ghes %}{% data variables.product.prodname_ghe_server %}{% endif %}、{% data variables.product.prodname_actions %}、{% data variables.product.prodname_GH_advanced_security %}
+- 提供、维护和交付以下服务： {% data variables.product.prodname_dotcom %} 文档、{% data variables.product.prodname_dotcom %} 社区、{% data variables.product.prodname_dotcom %} 支持
 
 {% note %}
 
-**Note:**  {% data variables.product.prodname_professional_services %} can help support many of the customer responsibilities. To learn more, see "[GitHub services and support](#github-services-and-support)."
+**注意：** {% data variables.product.prodname_professional_services %} 有助于支持履行许多客户职责。 要了解更多信息，请参阅“[GitHub 服务和支持](#github-services-and-support)”。
 
 {% endnote %}
 
-## {% data variables.product.prodname_dotcom %} services and support
+## {% data variables.product.prodname_dotcom %} 服务和支持
 
-### {% data variables.product.prodname_dotcom %} Support
+### {% data variables.product.prodname_dotcom %} 支持
 
-If you run into any issues during your implementation, you can search our deep documentation for solutions or engage with {% data variables.product.prodname_dotcom %} Support, a team of highly technical engineers that can support you as issues arise. For more information, see "[GitHub Enterprise Support](https://enterprise.github.com/support).
+如果您在实施过程中遇到任何问题，可以搜索我们的深入文档以获取解决方案，或与 {% data variables.product.prodname_dotcom %} 支持部门合作，这是一个由高技术工程师组成的团队，可以在出现问题时为您提供支持。 更多信息请参阅“[GitHub Enterprise 支持](https://enterprise.github.com/support)”。
 
-In addition, you can also try our [ {% data variables.product.prodname_gcf %}](https://github.community/).
+此外，您还可以尝试我们的 [ {% data variables.product.prodname_gcf %}](https://github.community/)。
 
-If you purchased a Premium Support plan, you can submit your ticket in the [Premium Support Portal](https://enterprise.github.com/support). If you’re unsure of which Support plan you purchased, you can reach out to your sales representative or review the plan options.
+如果您购买了高级支持计划，则可以在[高级支持门户](https://enterprise.github.com/support)提交事件单。 如果您不确定购买了哪个支持计划，可以联系您的销售代表或查看计划选项。
 
-For more information the Premium support plan options, see:
-  - "[Premium Support](https://github.com/premium-support)" {% ifversion ghec %}
-  - "[About GitHub Premium Support for {% data variables.product.prodname_ghe_cloud %}](/github/working-with-github-support/about-github-premium-support-for-github-enterprise-cloud)"{% endif %}{% ifversion ghes %}
-  - "[About GitHub Premium Support for {% data variables.product.prodname_ghe_server %}](/admin/enterprise-support/overview/about-github-premium-support-for-github-enterprise-server)"{% endif %}
+有关高级支持计划选项的详细信息，请参阅：
+  - “[高级支持](https://github.com/premium-support)” {% ifversion ghec %}
+  - “[关于 {% data variables.product.prodname_ghe_cloud %} 的 GitHub 高级支持](/github/working-with-github-support/about-github-premium-support-for-github-enterprise-cloud)”{% endif %}{% ifversion ghes %}
+  - “[关于 {% data variables.product.prodname_ghe_server %} 的 GitHub 高级支持](/admin/enterprise-support/overview/about-github-premium-support-for-github-enterprise-server)”{% endif %}
 
 ### {% data variables.product.prodname_professional_services %}
 
-Our {% data variables.product.prodname_professional_services_team %} team can partner with you for a successful rollout and implementation of {% data variables.product.prodname_GH_advanced_security %}. We offer a variety of options for the type of guidance and support you expect to need for your implementation. We also have training and bootcamps available to help your company to optimize the value of GHAS.
+我们的 {% data variables.product.prodname_professional_services_team %} 团队可以与您合作，成功部署和实施 {% data variables.product.prodname_GH_advanced_security %}。 我们针对您的实施所需的指导和支持类型提供了多种选项。 我们还提供培训和训练营，帮助您的公司优化 GHAS 的价值。
 
-If you’d like to work with our {% data variables.product.prodname_professional_services_team %} team for your implementation, we recommend you begin thinking about your system design and infrastructure, as well as the number of repositories that you want to set up with GHAS, to begin these conversations. In addition, begin thinking about goals for what you would like to achieve with this rollout.
+如果您想与我们的 {% data variables.product.prodname_professional_services_team %} 团队合作进行部署，我们建议您开始考虑您的系统设计和基础架构，以及您希望使用 GHAS 设置的存储库数量，以开始这些对话。 此外，开始考虑您希望通过此部署实现的目标。
 
-Implementation is just one step in a successful security-driven journey where you’ll learn how to use GHAS. Once you’ve completed your implementation, there will be more to learn with the rollout throughout your infrastructure and codebases. Speak with your sales representative for more information about all the {% data variables.product.prodname_professional_services_team %} options available.
+实施只是学习如何使用 GHAS 的安全驱动型成功旅程中的一步。 完成实施后，您将进一步了解整个基础架构和代码库中的部署。 请与您的销售代表联系，以获取有关所有可用 {% data variables.product.prodname_professional_services_team %} 选项的更多信息。
 
-If you initially opted out of additional services, but find that additional support is  needed as you begin your implementation, please reach out to your sales representative to discuss what services options may be needed to support your implementation.
+如果您最初选择退出其他服务，但在开始实施时发现需要其他支持，请联系您的销售代表，讨论可能需要哪些服务选项来支持您的实施。

translations/zh-CN/content/admin/code-security/managing-supply-chain-security-for-your-enterprise/enabling-the-dependency-graph-for-your-enterprise.md

@@ -1,7 +1,7 @@
 ---
-title: Enabling the dependency graph for your enterprise
-intro: You can allow users to identify their projects' dependencies by enabling the dependency graph.
-shortTitle: Enable dependency graph
+title: 为企业启用依赖关系图
+intro: 您可以通过启用依赖项关系图来允许用户标识其项目的依赖项。
+shortTitle: 启用依赖关系图
 permissions: Site administrators can enable the dependency graph.
 versions:
   ghes: '*'
@@ -14,16 +14,16 @@ topics:
 
 ## 关于依赖项图
 
-{% data reusables.dependabot.about-the-dependency-graph %} For more information, see "[About the dependency graph](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph)"
+{% data reusables.dependabot.about-the-dependency-graph %}更多信息请参阅“[关于依赖关系图](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph)”。
 
-After you enable the dependency graph for your enterprise, you can enable {% data variables.product.prodname_dependabot %} to detect vulnerable dependencies in your repository{% ifversion ghes > 3.2 %} and automatically fix the vulnerabilities{% endif %}. 更多信息请参阅“[为企业启用 {% data variables.product.prodname_dependabot %}](/admin/configuration/configuring-github-connect/enabling-dependabot-for-your-enterprise)”。
+为企业启用依赖关系图后，可以启用 {% data variables.product.prodname_dependabot %} 以检测存储库中易受攻击的依赖项{% ifversion ghes > 3.2 %}，并自动修复漏洞{% endif %}。 更多信息请参阅“[为企业启用 {% data variables.product.prodname_dependabot %}](/admin/configuration/configuring-github-connect/enabling-dependabot-for-your-enterprise)”。
 
 {% ifversion ghes > 3.1 %}
-您可以通过 {% data variables.enterprise.management_console %} 或管理 shell 启用依赖关系图。 We recommend using the {% data variables.enterprise.management_console %} unless {% data variables.product.product_location %} uses clustering.
+您可以通过 {% data variables.enterprise.management_console %} 或管理 shell 启用依赖关系图。 我们建议您使用 {% data variables.enterprise.management_console %}，除非 {% data variables.product.product_location %} 使用集群。
 
 ## 通过 {% data variables.enterprise.management_console %} 启用依赖关系图
 
-If your {% data variables.product.product_location %} uses clustering, you cannot enable the dependency graph with the {% data variables.enterprise.management_console %} and must use the administrative shell instead. For more information, see "[Enabling the dependency graph via the administrative shell](#enabling-the-dependency-graph-via-the-administrative-shell)."
+如果您的 {% data variables.product.product_location %} 使用群集，则无法使用 {% data variables.enterprise.management_console %} 启用依赖关系图，而必须改用管理 shell。 更多信息请参阅“[通过管理 shell 启用依赖关系图](#enabling-the-dependency-graph-via-the-administrative-shell)”。
 
 {% data reusables.enterprise_site_admin_settings.sign-in %}
 {% data reusables.enterprise_site_admin_settings.access-settings %}

translations/zh-CN/content/admin/code-security/managing-supply-chain-security-for-your-enterprise/viewing-the-vulnerability-data-for-your-enterprise.md

@@ -17,9 +17,11 @@ If {% data variables.product.prodname_dependabot_alerts %} are enabled for your
 
 You can manually sync vulnerability data from {% data variables.product.prodname_dotcom_the_website %} to update the list.
 
-Before you can view vulnerability data, you must enable {% data variables.product.prodname_dependabot_alerts %}. 更多信息请参阅“[为企业启用 {% data variables.product.prodname_dependabot %}](/admin/configuration/configuring-github-connect/enabling-dependabot-for-your-enterprise)”。
+Before you can view vulnerability data, you must enable {% data variables.product.prodname_dependabot_alerts %}. For more information, see "[Enabling {% data variables.product.prodname_dependabot %} for your enterprise](/admin/configuration/configuring-github-connect/enabling-dependabot-for-your-enterprise)."
 
 {% data reusables.enterprise_site_admin_settings.access-settings %}
-2. 在左侧边栏中，单击 **Vulnerabilities**。 ![站点管理员边栏中的 Vulnerabilities 选项卡](/assets/images/enterprise/business-accounts/vulnerabilities-tab.png)
-3. 要同步漏洞数据，请单击 **Sync Vulnerabilities now**。 ![Sync vulnerabilities now 按钮](/assets/images/enterprise/site-admin-settings/sync-vulnerabilities-button.png)
+2. In the left sidebar, click **Vulnerabilities**.
+  ![Vulnerabilities tab in the site admin sidebar](/assets/images/enterprise/business-accounts/vulnerabilities-tab.png)
+3. To sync vulnerability data, click **Sync Vulnerabilities now**.
+  ![Sync vulnerabilities now button](/assets/images/enterprise/site-admin-settings/sync-vulnerabilities-button.png)
 

translations/zh-CN/content/admin/configuration/configuring-your-enterprise/command-line-utilities.md

@@ -114,7 +114,7 @@ Allows you to find the universally unique identifier (UUID) of your node in `clu
 ```
 
 {% ifversion ghes %}
-Allows you to exempt a list of users from API rate limits. A hard limit of 120,000 requests will still apply to these users. For more information, see "[Resources in the REST API](/rest/overview/resources-in-the-rest-api#rate-limiting)."
+Allows you to exempt a list of users from REST API rate limits. A hard limit of 120,000 requests will still apply to these users. For more information, see "[Resources in the REST API](/rest/overview/resources-in-the-rest-api#rate-limiting)."
 
 ``` shell
 $ ghe-config app.github.rate-limiting-exempt-users "<em>hubot</em> <em>github-actions</em>"

translations/zh-CN/content/admin/configuration/configuring-your-enterprise/enabling-and-scheduling-maintenance-mode.md

@@ -35,7 +35,7 @@ shortTitle: 配置维护模式
 
 ![关于已排定维护的最终用户横幅](/assets/images/enterprise/maintenance/maintenance-scheduled.png)
 
-在实例进入维护模式后，所有正常 HTTP 和 Git 访问都会遭到拒绝。 Git 提取、克隆和推送操作也会被拒绝，并显示一条错误消息，指示站点暂时不可用。 GitHub Actions 作业不会执行。 在浏览器中访问该站点会显示维护页面。
+在实例进入维护模式后，所有正常 HTTP 和 Git 访问都会遭到拒绝。 Git 提取、克隆和推送操作也会被拒绝，并显示一条错误消息，指示站点暂时不可用。 在高可用性配置中，Git 复制将暂停。 GitHub Actions 作业不会执行。 在浏览器中访问该站点会显示维护页面。
 
 ![维护模式启动屏幕](/assets/images/enterprise/maintenance/maintenance-mode-maintenance-page.png)
 

translations/zh-CN/content/admin/configuration/configuring-your-enterprise/site-admin-dashboard.md

@@ -45,9 +45,9 @@ Data for GitHub's [trending page][] is calculated into daily, weekly, and monthl
 
 {% data variables.product.product_name %} keeps a running log of audited actions that you can query.
 
-By default, the audit log shows you a list of all audited actions in reverse chronological order. You can filter this list by entering key-value pairs in the **Query** text box and then clicking **Search**, as explained in "[Searching the audit log](/enterprise/{{ currentVersion }}/admin/guides/installation/searching-the-audit-log)."
+By default, the audit log shows you a list of all audited actions in reverse chronological order. You can filter this list by entering key-value pairs in the **Query** text box and then clicking **Search**, as explained in "[Searching the audit log for your enterprise](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/searching-the-audit-log-for-your-enterprise)."
 
-For more information on audit logging in general, see "[Audit logging](/enterprise/{{ currentVersion }}/admin/guides/installation/audit-logging)." For a full list of audited actions, see "[Audited actions](/enterprise/{{ currentVersion }}/admin/guides/installation/audited-actions)."
+For more information on audit logging in general, see "[About the audit log for your enterprise](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/about-the-audit-log-for-your-enterprise)." For a full list of audited actions, see "[Audit log events for your enterprise](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/audit-log-events-for-your-enterprise)."
 
 ## Reports
 

translations/zh-CN/content/admin/enterprise-management/index.md

@@ -13,6 +13,6 @@ children:
   - /configuring-clustering
   - /configuring-high-availability
   - /caching-repositories
-shortTitle: 监控、管理和更新
+shortTitle: 监控、管理和更新您的设备
 ---
 

translations/zh-CN/content/admin/enterprise-management/monitoring-your-appliance/about-system-logs.md

@@ -0,0 +1,62 @@
+---
+title: About system logs
+intro: '{% data variables.product.product_name %} keeps error and message logs for system events. Logs are useful for identifying user, application and system-level actions and exceptions.'
+versions:
+  ghes: '*'
+type: overview
+topics:
+  - Auditing
+  - Enterprise
+  - Logging
+  - Security
+---
+
+## System logs
+
+By default, system logs for {% data variables.product.product_name %} are automatically rotated every 24 hours and are retained for seven days. System logs include system-level events, application logs, and Git events data. As log files are often being written to and can be large in size, it may be beneficial to extract and parse relevant log entries on a host separate to your {% data variables.product.prodname_ghe_server %} instance.
+
+You can forward system logs to a third-party system or server for longer retention. 更多信息请参阅“[日志转发](/admin/monitoring-activity-in-your-enterprise/exploring-user-activity/log-forwarding)。”
+
+In addition to reviewing your system logs, you can monitor activity in your enterprise in other ways, such as viewing audit logs, push logs and managing global webhooks. 更多信息请参阅“[监控企业中的活动](/admin/monitoring-activity-in-your-enterprise)”。
+
+## Types of logs
+
+Listed below are the main logs used by the {% data variables.product.product_name %} appliance and their functions:
+
+| 路径                               | 描述​                                                                           |
+| -------------------------------- | ----------------------------------------------------------------------------- |
+| `/var/log/github/audit.log`      | Audited user, repository and system events.                                   |
+| `/var/log/github/unicorn.log`    | API and web interface traffic.                                                |
+| `/var/log/github/exceptions.log` | Application-level errors.                                                     |
+| `/var/log/haproxy.log`           | All IP traffic reaching the appliance.                                        |
+| `/var/log/hookshot/resqued.log`  | Webhook delivery and failures.                                                |
+| `/var/log/github/auth.log`       | Authentication requests, whether through built in, LDAP, CAS or SAML methods. |
+| `/var/log/github/gitauth.log`    | All Git authentication requests.                                              |
+
+Git activity and authentication requests are processed by the `babeld` service.
+
+Several {% data variables.product.product_name %} services, such as the `babeld` service, are containerized. Containerized logs are written to the `systemd journal`, and can be queried at any time using the `journalctl` command.
+
+## Audited system events
+
+All entries from the `audit.log` file use and can be filtered with the `github_audit` keyword.
+
+例如，此条目显示已创建的新仓库。
+
+```
+Oct 26 01:42:08 github-ent github_audit: {:created_at=>1351215728326, :actor_ip=>"10.0.0.51", :data=>{}, :user=>"some-user", :repo=>"some-user/some-repository", :actor=>"some-user", :actor_id=>2, :user_id=>2, :action=>"repo.create", :repo_id=>1, :from=>"repositories#create"}
+```
+
+此示例显示提交已推送到仓库。
+
+```
+Oct 26 02:19:31 github-ent github_audit: { "pid":22860, "ppid":22859, "program":"receive-pack", "git_dir":"/data/repositories/some-user/some-repository.git", "hostname":"github-ent", "pusher":"some-user", "real_ip":"10.0.0.51", "user_agent":"git/1.7.10.4", "repo_id":1, "repo_name":"some-user/some-repository", "transaction_id":"b031b7dc7043c87323a75f7a92092ef1456e5fbaef995c68", "frontend_ppid":1, "repo_public":true, "user_name":"some-user", "user_login":"some-user", "frontend_pid":18238, "frontend":"github-ent", "user_email":"some-user@github.example.com", "user_id":2, "pgroup":"github-ent_22860", "status":"post_receive_hook", "features":" report-status side-band-64k", "received_objects":3, "receive_pack_size":243, "non_fast_forward":false, "current_ref":"refs/heads/main" }
+```
+
+## 支持包
+
+The support bundle includes system logs and all audit information is logged to the `audit.log` file in the `github-logs` directory. For more information, see "[Providing data to {% data variables.product.prodname_dotcom %} Support](/support/contacting-github-support/providing-data-to-github-support)."
+
+## 延伸阅读
+
+- [Linux man page for the `journalctl` command](http://man7.org/linux/man-pages/man1/journalctl.1.html)

translations/zh-CN/content/admin/enterprise-management/monitoring-your-appliance/generating-a-health-check-for-your-enterprise.md

@@ -1,6 +1,6 @@
 ---
-title: Generating a Health Check for your enterprise
-intro: 'You can gain insight into the general health and Git and API requests of {% data variables.product.product_location %} by generating a Health Check.'
+title: 为您的企业生成运行状况检查
+intro: '您可以通过生成运行状况检查来深入了解 {% data variables.product.product_location %} 的常规运行状况以及 Git 和 API 请求。'
 versions:
   ghes: '*'
 type: how_to
@@ -15,42 +15,42 @@ product: '{% data reusables.gated-features.generated-health-checks %}'
 
 {% note %}
 
-**Note:** Generating a Health Check is currently in beta for {% data variables.product.prodname_ghe_server %} and subject to change.
+**注意：** 生成运行状况检查目前正测试用于 {% data variables.product.prodname_ghe_server %}，可能会有所变化。
 
 {% endnote %}
 
-## About generated Health Checks
+## 关于生成的运行状况检查
 
-You can create a support bundle for {% data variables.product.product_location %} that contains a lot of data, such as diagnostics and log files. To help analyze and interpret this data, you can generate a Health Check. For more information about support bundles, see "[Providing data to {% data variables.contact.github_support %}](/support/contacting-github-support/providing-data-to-github-support#creating-and-sharing-support-bundles)."
+您可以为包含大量数据（如诊断和日志文件）的 {% data variables.product.product_location %} 创建支持包。 为了帮助分析和解释此数据，您可以生成运行状况检查。 有关支持包的详细信息，请参阅“[向 {% data variables.contact.github_support %} 提供数据](/support/contacting-github-support/providing-data-to-github-support#creating-and-sharing-support-bundles)”。
 
-A Health Check provides the following information about {% data variables.product.product_location %}.
-- Insights into the general health of {% data variables.product.product_location %}, such as upgrade status, storage, and license seat consumption
-- A security section, which focuses on subdomain isolation and user authentication
-- Analysis of Git requests, with details about the busiest repositories and Git users
-- Analysis of API requests, including the busiest times, most frequently requested endpoints, and most active callers
+运行状况检查提供有关 {% data variables.product.product_location %} 的以下信息。
+- 深入了解 {% data variables.product.product_location %} 的一般运行状况，例如升级状态、存储和许可证席位消耗
+- 安全部分，重点介绍子域隔离和用户身份验证
+- Git 请求分析，以及有关最繁忙的存储库和 Git 用户的详细信息
+- API 请求分析，包括最繁忙的时间、最常请求的终端节点和最活跃的调用方
 
-## Generating a Health Check
+## 生成运行状况检查
 
-Before you can generate a Health Check, you must create a support bundle. 更多信息请参阅“[将数据提供给 {% data variables.contact.github_support %}](/support/contacting-github-support/providing-data-to-github-support#creating-and-sharing-support-bundles)”。
+在生成运行状况检查之前，您必须创建支持包。 更多信息请参阅“[将数据提供给 {% data variables.contact.github_support %}](/support/contacting-github-support/providing-data-to-github-support#creating-and-sharing-support-bundles)”。
 
-1. Navigate to the [{% data variables.contact.support_portal %}](https://support.github.com/).
-2. In the upper-right corner of the page, click **Premium**.
+1. 导航到 [{% data variables.contact.support_portal %}](https://support.github.com/)。
+2. 在页面的右上角，单击 **Premium（高级）**。
 
-   ![Screenshot of the "Premium" link in the GitHub Support Portal header.](/assets/images/enterprise/support/support-portal-header-premium.png)
+   ![GitHub 支持门户标头中"高级"链接的屏幕截图。](/assets/images/enterprise/support/support-portal-header-premium.png)
 
-3. To the right of **Health Checks**, click **Request Health Check**.
+3. 在 **Health Checks（运行状况检查）**右侧，单击 **Request Health Check（请求运行状况检查）**。
 
-   ![Screenshot of the "Request Health Check" button.](/assets/images/enterprise/support/support-portal-request-health-check.png)
+   !["请求运行状况检查" 按钮的屏幕截图。](/assets/images/enterprise/support/support-portal-request-health-check.png)
 
-4. Under "Select an enterprise account", select the dropdown menu and click an enterprise account.
+4. 在“Select an enterprise account（选择企业帐户）”下，选择下拉菜单，然后单击企业帐户。
 
-   ![Screenshot of the "enterprise account" dropdown menu.](/assets/images/enterprise/support/health-check-dialog-ea.png)
+   !["企业帐户" 下拉菜单的屏幕截图。](/assets/images/enterprise/support/health-check-dialog-ea.png)
 
-5. Under "Upload a support bundle", click **Chose File** and choose a file to upload. Then, click **Request Health Check**.
+5. 在“Upload a support bundle（上传支持包）”下，点击 **Chose File（选择文件）** ，然后选择要上传的文件。 然后，单击 **Request Health Check（请求运行状况检查）**。
 
-   ![Screenshot of the "Choose file" and "Request Health Check" buttons.](/assets/images/enterprise/support/health-check-dialog-choose-file.png)
+   !["选择文件" 和 "请求运行状况检查" 按钮的屏幕截图。](/assets/images/enterprise/support/health-check-dialog-choose-file.png)
 
 
-After you request a Health Check, a job is scheduled to generate the Health Check. After several hours to one day, the generated Health Check will appear in the "Health Checks" section of the {% data variables.contact.support_portal %}.
+请求运行状况检查后，将安排一个作业来生成运行状况检查。 几个小时到一天后，生成的运行状况检查将显示在 {% data variables.contact.support_portal %}的“运行状况检查”部分中。
 
-![Screenshot of the Health Checks section of the {% data variables.contact.support_portal %}.](/assets/images/enterprise/support/support-portal-health-checks-section.png)
+![{% data variables.contact.support_portal %}的“运行状况检查”部分的屏幕截图。](/assets/images/enterprise/support/support-portal-health-checks-section.png)

translations/zh-CN/content/admin/enterprise-management/monitoring-your-appliance/index.md

@@ -16,6 +16,7 @@ children:
   - /setting-up-external-monitoring
   - /configuring-collectd
   - /monitoring-using-snmp
+  - /about-system-logs
   - /generating-a-health-check-for-your-enterprise
 ---
 

translations/zh-CN/content/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/introducing-github-actions-to-your-enterprise.md

@@ -40,7 +40,7 @@ Then,{% else %}First,{% endif %} decide whether you'll allow third-party actions
 Consider combining OpenID Connect (OIDC) with reusable workflows to enforce consistent deployments across your repository, organization, or enterprise. You can do this by defining trust conditions on cloud roles based on reusable workflows. For more information, see "[Using OpenID Connect with reusable workflows](/actions/deployment/security-hardening-your-deployments/using-openid-connect-with-reusable-workflows)."
 {% endif %}
 
-You can access information about activity related to {% data variables.product.prodname_actions %} in the audit logs for your enterprise. If your business needs require retaining audit logs for longer than six months, plan how you'll export and store this data outside of {% data variables.product.prodname_dotcom %}. For more information, see {% ifversion ghec %}"[Streaming the audit logs for organizations in your enterprise](/admin/user-management/managing-organizations-in-your-enterprise/streaming-the-audit-logs-for-organizations-in-your-enterprise-account)."{% else %}"[Searching the audit log](/admin/user-management/monitoring-activity-in-your-enterprise/searching-the-audit-log)."{% endif %}
+You can access information about activity related to {% data variables.product.prodname_actions %} in the audit logs for your enterprise. If your business needs require retaining audit logs for longer than six months, plan how you'll export and store this data outside of {% data variables.product.prodname_dotcom %}. For more information, see {% ifversion ghec %}"[Streaming the audit log for your enterprise](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/streaming-the-audit-log-for-your-enterprise)" and "[Exporting audit log activity for your enterprise](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/exporting-audit-log-activity-for-your-enterprise)."{% else %}"[Log forwarding](/admin/monitoring-activity-in-your-enterprise/exploring-user-activity/log-forwarding)."{% endif %}
 
 ![Audit log entries](/assets/images/help/repository/audit-log-entries.png)
 

translations/zh-CN/content/admin/guides.md

@@ -31,7 +31,6 @@ includeGuides:
   - /admin/authentication/managing-identity-and-access-for-your-enterprise/managing-team-synchronization-for-organizations-in-your-enterprise
   - /admin/authentication/managing-identity-and-access-for-your-enterprise/switching-your-saml-configuration-from-an-organization-to-an-enterprise-account
   - /admin/authentication/managing-your-enterprise-users-with-your-identity-provider/about-enterprise-managed-users
-  - /admin/authentication/managing-your-enterprise-users-with-your-identity-provider/auditing-activity-in-your-enterprise
   - /admin/authentication/managing-your-enterprise-users-with-your-identity-provider/configuring-saml-single-sign-on-for-enterprise-managed-users
   - /admin/authentication/managing-your-enterprise-users-with-your-identity-provider/configuring-scim-provisioning-for-enterprise-managed-users
   - /admin/authentication/managing-your-enterprise-users-with-your-identity-provider/configuring-scim-provisioning-for-enterprise-managed-users-with-okta
@@ -75,6 +74,7 @@ includeGuides:
   - /admin/enterprise-management/setting-up-external-monitoring
   - /admin/enterprise-management/upgrade-requirements
   - /admin/enterprise-management/upgrading-github-enterprise-server
+  - /admin/enterprise-management/monitoring-your-appliance/about-system-logs
   - /admin/enterprise-support/about-github-enterprise-support
   - /admin/github-actions/about-using-actions-in-your-enterprise
   - /admin/github-actions/backing-up-and-restoring-github-enterprise-server-with-github-actions-enabled
@@ -103,7 +103,6 @@ includeGuides:
   - /admin/policies/managing-pre-receive-hooks-on-the-github-enterprise-server-appliance
   - /admin/user-management/about-migrations
   - /admin/user-management/adding-people-to-teams
-  - /admin/user-management/audited-actions
   - /admin/user-management/auditing-ssh-keys
   - /admin/user-management/auditing-users-across-your-enterprise
   - /admin/user-management/configuring-git-large-file-storage-for-your-enterprise
@@ -115,11 +114,19 @@ includeGuides:
   - /admin/user-management/exporting-migration-data-from-your-enterprise
   - /admin/user-management/importing-data-from-third-party-version-control-systems
   - /admin/user-management/managing-dormant-users
-  - /admin/user-management/managing-global-webhooks
+  - /admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/about-the-audit-log-for-your-enterprise
+  - /admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/accessing-the-audit-log-for-your-enterprise
+  - /admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/searching-the-audit-log-for-your-enterprise
+  - /admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/exporting-audit-log-activity-for-your-enterprise
+  - /admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/streaming-the-audit-log-for-your-enterprise
+  - /admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/using-the-audit-log-api-for-your-enterprise
+  - /admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/audit-log-events-for-your-enterprise
+  - /admin/monitoring-activity-in-your-enterprise/exploring-user-activity/activity-dashboard
+  - /admin/monitoring-activity-in-your-enterprise/exploring-user-activity/viewing-push-logs
+  - /admin/monitoring-activity-in-your-enterprise/exploring-user-activity/log-forwarding
+  - /admin/monitoring-activity-in-your-enterprise/exploring-user-activity/managing-global-webhooks
   - /admin/user-management/managing-organizations-in-your-enterprise/adding-organizations-to-your-enterprise
   - /admin/user-management/managing-organizations-in-your-enterprise/managing-unowned-organizations-in-your-enterprise
-  - /admin/user-management/managing-organizations-in-your-enterprise/streaming-the-audit-logs-for-organizations-in-your-enterprise-account
-  - /admin/user-management/managing-organizations-in-your-enterprise/viewing-the-audit-logs-for-organizations-in-your-enterprise
   - /admin/user-management/managing-projects-using-jira
   - /admin/user-management/managing-users-in-your-enterprise/inviting-people-to-manage-your-enterprise
   - /admin/user-management/managing-users-in-your-enterprise/managing-support-entitlements-for-your-enterprise
@@ -128,7 +135,6 @@ includeGuides:
   - /admin/user-management/managing-users-in-your-enterprise/viewing-people-in-your-enterprise
   - /admin/user-management/migrating-data-to-your-enterprise
   - /admin/user-management/migrating-to-internal-repositories
-  - /admin/user-management/monitoring-activity-in-your-enterprise/managing-global-webhooks
   - /admin/user-management/placing-a-legal-hold-on-a-user-or-organization
   - /admin/user-management/preparing-to-migrate-data-to-your-enterprise
   - /admin/user-management/preventing-users-from-creating-organizations

translations/zh-CN/content/admin/identity-and-access-management/managing-iam-with-enterprise-managed-users/auditing-activity-in-your-enterprise.md

@@ -1,35 +0,0 @@
----
-title: 审核企业中的活动
-shortTitle: 审核活动
-intro: '您可以审核企业中 {% data variables.product.prodname_managed_users %} 的活动，查看执行的操作、执行的用户以及执行时间等相关信息。'
-permissions: Enterprise owners can access the audit log.
-product: '{% data reusables.gated-features.emus %}'
-redirect_from:
-  - /github/setting-up-and-managing-your-enterprise/managing-your-enterprise-users-with-your-identity-provider/auditing-activity-in-your-enterprise
-  - /admin/authentication/managing-your-enterprise-users-with-your-identity-provider/auditing-activity-in-your-enterprise
-versions:
-  ghec: '*'
-topics:
-  - Accounts
-  - Enterprise
----
-
-## 关于审核日志
-
-审核日志允许企业所有者快速查看或导出企业所有者和成员执行的操作。 每个审核日志条目都显示有关事件的信息。
-
-- 可在其中执行操作的组织
-- 执行操作的用户
-- 执行操作的仓库
-- 执行的操作内容
-- 发生操作的国家/地区
-- 操作发生的日期和时间
-
-## 访问审核日志
-
-您还可以从 REST API 访问企业的审核日志。 更多信息请参阅 API 文档中的“[GitHub Enterprise 管理](/rest/reference/enterprise-admin#get-the-audit-log-for-an-enterprise)”。
-
-{% data reusables.enterprise-accounts.access-enterprise %}
-{% data reusables.enterprise-accounts.settings-tab %}
-{% data reusables.enterprise-accounts.audit-log-tab %}
-1. （可选）在事件列表上方，选择 **Export Git Events（导出 Git 事件）**或 **Export（导出）**下拉菜单，然后选择用于从审核日志中导出事件的选项。 ![企业审核日志的"导出 Git 事件"和"导出"下拉菜单](/assets/images/help/enterprises/audit-log-export-drop-down-menus.png)

translations/zh-CN/content/admin/identity-and-access-management/managing-iam-with-enterprise-managed-users/index.md

@@ -17,6 +17,5 @@ children:
   - /configuring-scim-provisioning-for-enterprise-managed-users
   - /configuring-scim-provisioning-for-enterprise-managed-users-with-okta
   - /managing-team-memberships-with-identity-provider-groups
-  - /auditing-activity-in-your-enterprise
 ---
 

translations/zh-CN/content/admin/identity-and-access-management/managing-recovery-codes-for-your-enterprise/downloading-your-enterprise-accounts-saml-single-sign-on-recovery-codes.md

@@ -1,7 +1,7 @@
 ---
-title: Downloading your enterprise account's SAML single sign-on recovery codes
-shortTitle: Download recovery codes
-intro: 'To ensure that you can access {% data variables.product.product_name %} if your identity provider (IdP) is unavailable, you should download your enterprise account''s SAML single sign-on (SSO) recovery codes.'
+title: 下载企业帐户的 SAML 单点登录恢复代码
+shortTitle: 下载恢复代码
+intro: '为确保在身份提供程序 (IdP) 不可用时可以访问 {% data variables.product.product_name %} ，应下载企业帐户的 SAML 单点登录 (SSO) 恢复代码。'
 versions:
   ghec: '*'
 type: how_to
@@ -13,14 +13,14 @@ topics:
 permissions: Enterprise owners can download the SAML SSO recovery codes for the enterprise account.
 ---
 
-In the event that your IdP is unavailable, you can use a recovery code to sign in and access your enterprise on {% data variables.product.product_location %}. For more information, see "[Accessing your enterprise account if your identity provider is unavailable](/admin/identity-and-access-management/managing-recovery-codes-for-your-enterprise/accessing-your-enterprise-account-if-your-identity-provider-is-unavailable)."
+如果您的 IdP 不可用，您可以使用恢复代码登录并通过 {% data variables.product.product_location %} 访问您的企业。 更多信息请参阅“[在身份提供程序不可用时访问企业帐户](/admin/identity-and-access-management/managing-recovery-codes-for-your-enterprise/accessing-your-enterprise-account-if-your-identity-provider-is-unavailable)”。
 
-If you did not save your recovery codes when you configured SAML SSO, you can still access the codes from your enterprise's settings.
+如果在配置 SAML SSO 时未保存恢复代码，您仍然可以从企业的设置中访问这些代码。
 
 {% data reusables.enterprise-accounts.access-enterprise %}
 {% data reusables.enterprise-accounts.settings-tab %}
 {% data reusables.enterprise-accounts.security-tab %}
 
-1. Under "Require SAML authentication", click **Save your recovery codes**. ![Screenshot of the button to test SAML configuration before enforcing](/assets/images/help/enterprises/saml-recovery-codes-link.png)
+1. 在“Require SAML authentication（要求 SAML 身份验证）”下，单击 **Save your recovery codes（保存恢复代码）**。 ![用于在强制实施之前测试 SAML 配置的按钮屏幕截图](/assets/images/help/enterprises/saml-recovery-codes-link.png)
 
-2. To save your recovery codes, click **Download**, **Print**, or **Copy**. ![Screenshot of the buttons to download, print, or copy your recovery codes](/assets/images/help/saml/saml_recovery_code_options.png)
+2. 要保存恢复代码，请单击 **Download（下载）**、**Print（打印）**或 **Copy（复制）**。 ![用于下载、打印或复制恢复代码的按钮屏幕截图](/assets/images/help/saml/saml_recovery_code_options.png)

translations/zh-CN/content/admin/identity-and-access-management/managing-recovery-codes-for-your-enterprise/index.md

@@ -1,7 +1,7 @@
 ---
-title: Managing recovery codes for your enterprise
-shortTitle: Manage recovery codes
-intro: 'With SAML single sign-on recovery codes, you can access your enterprise account even when your identity provider is unavailable.'
+title: 管理企业的恢复代码
+shortTitle: 管理恢复代码
+intro: 使用 SAML 单点登录恢复代码，即使身份提供程序不可用，您也可以访问企业帐户。
 versions:
   ghec: '*'
 topics:

translations/zh-CN/content/admin/index.md

@@ -100,8 +100,8 @@ featuredLinks:
     - '{% ifversion ghes %}/billing/managing-your-license-for-github-enterprise{% endif %}'
     - '{% ifversion ghes %}/admin/configuration/command-line-utilities{% endif %}'
     - '{% ifversion ghec %}/admin/configuration/configuring-your-enterprise/verifying-or-approving-a-domain-for-your-enterprise{% endif %}'
-    - '{% ifversion ghec %}/admin/user-management/managing-organizations-in-your-enterprise/viewing-the-audit-logs-for-organizations-in-your-enterprise{% endif %}'
-    - '{% ifversion ghec %}/admin/user-management/monitoring-activity-in-your-enterprise/managing-global-webhooks{% endif %}'
+    - '{% ifversion ghec %}/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/about-the-audit-log-for-your-enterprise{% endif %}'
+    - '{% ifversion ghec %}/admin/monitoring-activity-in-your-enterprise/exploring-user-activity/managing-global-webhooks{% endif %}'
     - '{% ifversion ghec %}/billing/managing-your-license-for-github-enterprise/using-visual-studio-subscription-with-github-enterprise/setting-up-visual-studio-subscription-with-github-enterprise{% endif %}'
     - /admin/configuration/configuring-github-connect/managing-github-connect
     - /admin/enterprise-support/about-github-enterprise-support
@@ -125,6 +125,7 @@ children:
   - /identity-and-access-management
   - /user-management
   - /policies
+  - /monitoring-activity-in-your-enterprise
   - /enterprise-management
   - /github-actions
   - /packages

translations/zh-CN/content/admin/installation/setting-up-a-github-enterprise-server-instance/installing-github-enterprise-server-on-aws.md

@@ -54,10 +54,9 @@ AMIs for {% data variables.product.prodname_ghe_server %} are available in the A
 
 ### Using the {% data variables.product.prodname_ghe_server %} portal to select an AMI
 
-{% data reusables.enterprise_installation.enterprise-download-procedural %}
 {% data reusables.enterprise_installation.download-appliance %}
-3. In the Select your platform drop-down menu, click **Amazon Web Services**.
-4. In the Select your AWS region drop-down menu, choose your desired region.
+3. Under "{% data variables.product.prodname_dotcom %} in the Cloud", select the "Select your platform" dropdown menu, and click **Amazon Web Services**.
+4. Select the "Select your AWS region" drop-down menu, and click your desired region.
 5. Take note of the AMI ID that is displayed.
 
 ### Using the AWS CLI to select an AMI

translations/zh-CN/content/admin/installation/setting-up-a-github-enterprise-server-instance/installing-github-enterprise-server-on-hyper-v.md

@@ -28,10 +28,9 @@ shortTitle: 在 Hyper-V 上安装
 
 ## 下载 {% data variables.product.prodname_ghe_server %} 映像
 
-{% data reusables.enterprise_installation.enterprise-download-procedural %}
 {% data reusables.enterprise_installation.download-license %}
 {% data reusables.enterprise_installation.download-appliance %}
-4. 选择 {% data variables.product.prodname_dotcom %} 内部部署，然后单击 **Hyper-V (VHD)**。
+4. 在“{% data variables.product.prodname_dotcom %} 本地”下，选择“Select your hypervisor（选择您的虚拟机管理程序）”下拉菜单，然后单击 **Hyper-V (VHD)**。
 5. 单击 **Download for Hyper-V (VHD)**。
 
 ## 创建 {% data variables.product.prodname_ghe_server %} 实例

translations/zh-CN/content/admin/installation/setting-up-a-github-enterprise-server-instance/installing-github-enterprise-server-on-openstack-kvm.md

@@ -27,10 +27,9 @@ shortTitle: 在 OpenStack 上安装
 
 ## 下载 {% data variables.product.prodname_ghe_server %} 映像
 
-{% data reusables.enterprise_installation.enterprise-download-procedural %}
 {% data reusables.enterprise_installation.download-license %}
 {% data reusables.enterprise_installation.download-appliance %}
-4. 选择 {% data variables.product.prodname_dotcom %} 内部部署，然后单击 **OpenStack KVM (QCOW2)**。
+4. 在“{% data variables.product.prodname_dotcom %} 本地”下，选择“Select your hypervisor（选择您的虚拟机管理程序）”下拉菜单，然后单击 **OpenStack KVM (QCOW2)**。
 5. 单击 **Download for OpenStack KVM (QCOW2)**。
 
 ## 创建 {% data variables.product.prodname_ghe_server %} 实例

translations/zh-CN/content/admin/installation/setting-up-a-github-enterprise-server-instance/installing-github-enterprise-server-on-vmware.md

@@ -31,10 +31,9 @@ shortTitle: 在 VMware 上安装
 
 ## 下载 {% data variables.product.prodname_ghe_server %} 映像
 
-{% data reusables.enterprise_installation.enterprise-download-procedural %}
 {% data reusables.enterprise_installation.download-license %}
 {% data reusables.enterprise_installation.download-appliance %}
-4. 选择 {% data variables.product.prodname_dotcom %} 内部部署，然后单击 **VMware ESXi/vSphere (OVA)**。
+4. 在“{% data variables.product.prodname_dotcom %} 本地”下，选择“Select your hypervisor（选择您的虚拟机管理程序）”下拉菜单，然后单击 **VMware ESXi/vSphere (OVA)**。
 5. 单击 **Download for VMware ESXi/vSphere (OVA)**。
 
 ## 创建 {% data variables.product.prodname_ghe_server %} 实例

translations/zh-CN/content/admin/installation/setting-up-a-github-enterprise-server-instance/installing-github-enterprise-server-on-xenserver.md

@@ -34,10 +34,9 @@ shortTitle: 在 XenServer 上安装
 
 ## 下载 {% data variables.product.prodname_ghe_server %} 映像
 
-{% data reusables.enterprise_installation.enterprise-download-procedural %}
 {% data reusables.enterprise_installation.download-license %}
 {% data reusables.enterprise_installation.download-appliance %}
-4. 选择 {% data variables.product.prodname_dotcom %} 内部部署，然后单击 **XenServer (VHD)**。
+4. 在“{% data variables.product.prodname_dotcom %} 本地”下，选择“Select your hypervisor（选择您的虚拟机管理程序）”下拉菜单，然后单击 **XenServer (VHD)**。
 5. 要下载许可文件，请单击 **Download license**。
 
 ## 创建 {% data variables.product.prodname_ghe_server %} 实例

translations/zh-CN/content/admin/monitoring-activity-in-your-enterprise/exploring-user-activity/activity-dashboard.md

@@ -6,6 +6,7 @@ redirect_from:
   - /enterprise/admin/installation/activity-dashboard
   - /enterprise/admin/user-management/activity-dashboard
   - /admin/user-management/activity-dashboard
+  - /admin/user-management/monitoring-activity-in-your-enterprise/activity-dashboard
 versions:
   ghes: '*'
   ghae: '*'

translations/zh-CN/content/admin/monitoring-activity-in-your-enterprise/exploring-user-activity/index.md

@@ -0,0 +1,17 @@
+---
+title: Exploring user activity in your enterprise
+intro: 'You can view user and system activity by leveraging dashboards, webhooks and log forwarding.'
+versions:
+  ghec: '*'
+  ghes: '*'
+  ghae: '*'
+topics:
+  - Enterprise
+children:
+  - /activity-dashboard
+  - /viewing-push-logs
+  - /log-forwarding
+  - /managing-global-webhooks
+shortTitle: Explore user activity
+---
+

translations/zh-CN/content/admin/monitoring-activity-in-your-enterprise/exploring-user-activity/log-forwarding.md

@@ -7,6 +7,7 @@ redirect_from:
   - /enterprise/admin/enterprise-management/log-forwarding
   - /admin/enterprise-management/log-forwarding
   - /admin/user-management/log-forwarding
+  - /admin/user-management/monitoring-activity-in-your-enterprise/log-forwarding
 versions:
   ghes: '*'
   ghae: '*'

translations/zh-CN/content/admin/monitoring-activity-in-your-enterprise/exploring-user-activity/managing-global-webhooks.md

@@ -13,6 +13,7 @@ redirect_from:
   - /articles/configuring-webhooks-for-organization-events-in-your-enterprise-account
   - /github/setting-up-and-managing-your-enterprise-account/configuring-webhooks-for-organization-events-in-your-enterprise-account
   - /github/setting-up-and-managing-your-enterprise/configuring-webhooks-for-organization-events-in-your-enterprise-account
+  - /admin/user-management/monitoring-activity-in-your-enterprise/managing-global-webhooks
 versions:
   ghec: '*'
   ghes: '*'

translations/zh-CN/content/admin/monitoring-activity-in-your-enterprise/exploring-user-activity/viewing-push-logs.md

@@ -6,6 +6,7 @@ redirect_from:
   - /enterprise/admin/installation/viewing-push-logs
   - /enterprise/admin/user-management/viewing-push-logs
   - /admin/user-management/viewing-push-logs
+  - /admin/user-management/monitoring-activity-in-your-enterprise/viewing-push-logs
 versions:
   ghes: '*'
   ghae: '*'
@@ -41,6 +42,6 @@ topics:
 {% data reusables.enterprise_installation.ssh-into-instance %}
 1. 在相应的 Git 仓库中，打开审核日志文件：
   ```shell
-  ghe-repo <em>owner</em>/<em>repository</em> -c "less audit_log"
+  ghe-repo <em>owner</em>/<em>repository</em> -c "cat audit_log"
   ```
 {% endif %}

translations/zh-CN/content/admin/monitoring-activity-in-your-enterprise/index.md

@@ -0,0 +1,17 @@
+---
+title: 监控企业中的活动
+intro: 'You can view user and system activity by leveraging audit logs{% ifversion ghes or ghae %}, push logs, dashboards, webhooks, and log forwarding{% else %}and webhooks{% endif %}.'
+redirect_from:
+  - /enterprise/admin/installation/monitoring-activity-on-your-github-enterprise-server-instance
+versions:
+  ghec: '*'
+  ghes: '*'
+  ghae: '*'
+topics:
+  - Enterprise
+children:
+  - /reviewing-audit-logs-for-your-enterprise
+  - /exploring-user-activity
+shortTitle: Monitor activity
+---
+

translations/zh-CN/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/about-the-audit-log-for-your-enterprise.md

@@ -0,0 +1,61 @@
+---
+title: About the audit log for your enterprise
+intro: 'To support debugging and internal and external compliance, {% data variables.product.product_name %} provides logs of audited{% ifversion ghes %} system,{% endif %} user, organization, and repository events.'
+shortTitle: About audit logs
+redirect_from:
+  - /enterprise/admin/articles/audit-logging
+  - /enterprise/admin/installation/audit-logging
+  - /enterprise/admin/user-management/audit-logging
+  - /admin/user-management/audit-logging
+  - /admin/user-management/monitoring-activity-in-your-enterprise/audit-logging
+  - /github/setting-up-and-managing-your-enterprise/managing-your-enterprise-users-with-your-identity-provider/auditing-activity-in-your-enterprise
+  - /admin/authentication/managing-your-enterprise-users-with-your-identity-provider/auditing-activity-in-your-enterprise
+  - /admin/identity-and-access-management/managing-iam-with-enterprise-managed-users/auditing-activity-in-your-enterprise
+versions:
+  ghes: '*'
+  ghae: '*'
+  ghec: '*'
+type: overview
+topics:
+  - Auditing
+  - Enterprise
+  - Logging
+  - Security
+---
+
+## About audit logs
+
+{% data reusables.audit_log.retention-periods %}
+
+{% data reusables.audit_log.audit-log-search-list-info-about-action %}
+
+In addition to viewing your audit log, you can monitor activity in your enterprise in other ways, such as {% ifversion ghes or ghae %}viewing push logs and {% endif %}managing global webhooks. For more information, see "[Exploring user activity in your enterprise](/admin/monitoring-activity-in-your-enterprise/exploring-user-activity)."
+
+## Using your audit logs
+
+As an enterprise owner{% ifversion ghes %} or site administrator{% endif %}, you can interact with the audit log data for your enterprise in several ways:
+- You can view the audit log for your enterprise. For more information, see "[Accessing the audit log for your enterprise](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/accessing-the-audit-log-for-your-enterprise)."
+- You can search the audit log for specific events{% ifversion ghec %} and export audit log data{% endif %}. For more information, see "[Searching the audit log for your enterprise](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/searching-the-audit-log-for-your-enterprise)"{% ifversion ghec %} and "[Exporting the audit log for your enterprise](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/exporting-audit-log-activity-for-your-enterprise)"{% endif %}.
+{%- ifversion ghec %}
+- 您可以将审核和 Git 事件数据从 {% data variables.product.prodname_dotcom %} 流式传输到外部数据管理系统。 For more information, see "[Streaming the audit log for your enterprise](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/streaming-the-audit-log-for-your-enterprise)."
+{%- else %}
+- You can forward audit and system logs, from your enterprise to an third-party hosted monitoring system. 更多信息请参阅“[日志转发](/admin/monitoring-activity-in-your-enterprise/exploring-user-activity/log-forwarding)。”
+{%- endif %}
+{%- ifversion ghec or ghes > 3.2 or ghae-issue-6648 %}
+- You can use the Audit log API to view actions performed in your enterprise. For more information, see "[Using the audit log API for your enterprise](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/using-the-audit-log-api-for-your-enterprise)."
+{%- endif %}
+
+For a full list of audit log actions that may appear in your enterprise audit log, see "[Audit log actions for your enterprise](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/audit-log-events-for-your-enterprise)."
+
+{% ifversion ghec %}
+## Git events
+
+Git events data, such as cloning, fetching, and pushing is logged. For more information, see "[Streaming the audit log for your enterprise](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/streaming-the-audit-log-for-your-enterprise)."
+
+{% endif %}
+
+## 延伸阅读
+- “[查看组织的审核日志](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization)”
+{%- ifversion ghes %}
+- "[About system logs](/admin/enterprise-management/monitoring-your-appliance/about-system-logs)"
+{%- endif %}

translations/zh-CN/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/accessing-the-audit-log-for-your-enterprise.md

@@ -0,0 +1,28 @@
+---
+title: Accessing the audit log for your enterprise
+intro: You can view aggregated actions from all of the organizations owned by an enterprise account in the enterprise's audit log.
+shortTitle: Access audit logs
+permissions: 'Enterprise owners {% ifversion ghes %}and site administrators {% endif %}can access the audit log.'
+redirect_from:
+  - /github/setting-up-and-managing-your-enterprise/managing-organizations-in-your-enterprise-account/viewing-the-audit-logs-for-organizations-in-your-enterprise-account
+  - /articles/viewing-the-audit-logs-for-organizations-in-your-business-account
+  - /articles/viewing-the-audit-logs-for-organizations-in-your-enterprise-account
+  - /github/setting-up-and-managing-your-enterprise-account/viewing-the-audit-logs-for-organizations-in-your-enterprise-account
+  - /github/setting-up-and-managing-your-enterprise/viewing-the-audit-logs-for-organizations-in-your-enterprise-account
+  - /admin/user-management/managing-organizations-in-your-enterprise/viewing-the-audit-logs-for-organizations-in-your-enterprise
+versions:
+  ghec: '*'
+  ghes: '*'
+  ghae: '*'
+type: how_to
+topics:
+  - Auditing
+  - Enterprise
+  - Logging
+---
+
+{% data reusables.audit_log.retention-periods %}
+
+{% data reusables.enterprise-accounts.access-enterprise %}
+{% data reusables.enterprise-accounts.settings-tab %}
+{% data reusables.enterprise-accounts.audit-log-tab %}

translations/zh-CN/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/exporting-audit-log-activity-for-your-enterprise.md

@@ -0,0 +1,51 @@
+---
+title: Exporting audit log activity for your enterprise
+intro: You can export audit and Git events data to a file for offline analysis.
+shortTitle: Export audit logs
+permissions: Enterprise owners can export the audit log.
+miniTocMaxHeadingLevel: 3
+versions:
+  ghec: '*'
+type: tutorial
+topics:
+  - Auditing
+  - Enterprise
+  - Logging
+---
+
+## About exports of audit log and Git events data
+
+You can export the audit log by downloading a JSON or CSV file from your enterprise on {% data variables.product.product_name %}. When you export audit log events, you can query by one or more of these supported qualifiers to filter for specific log events to export. For more information about search qualifiers, see "[Search based on the action performed](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/searching-the-audit-log-for-your-enterprise#search-based-on-the-action-performed)."
+
+You can export Git events data by downloading a JSON file from your enterprise audit log. Unlike audit log data, you cannot query for specific Git events to filter and export in the audit log user interface.
+
+{% data reusables.audit_log.exported-log-keys-and-values %}
+
+As an alternative to exporting log events, you can use the API to retrieve audit log events, or set up {% data variables.product.product_name %} to stream audit data as events are logged. For more information, see "[Using the audit log API for your enterprise](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/using-the-audit-log-api-for-your-enterprise)" and "[Streaming the audit log for your enterprise](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/streaming-the-audit-log-for-your-enterprise)."
+
+## Exporting audit log data
+
+{% data reusables.enterprise-accounts.access-enterprise %}
+{% data reusables.enterprise-accounts.settings-tab %}
+{% data reusables.enterprise-accounts.audit-log-tab %}
+1. Optionally, to only export filtered results, search by one or more supported qualifiers or log filters.
+2. Select the {% octicon "download" aria-label="The Download icon" %} **Export** dropdown menu, and choose the file format (JSON or CSV) to export log events in.
+
+    ![导出按钮](/assets/images/help/organizations/org-audit-log-export.png)
+
+## Exporting Git events data
+
+You can also export Git events data by date range.
+
+{% data reusables.enterprise-accounts.access-enterprise %}
+{% data reusables.enterprise-accounts.settings-tab %}
+{% data reusables.enterprise-accounts.audit-log-tab %}
+1. Select the {% octicon "download" aria-label="The Download icon" %} **Export Git Events** dropdown menu and choose a date range to export log events for.
+
+    ![Export Git events button](/assets/images/help/organizations/org-audit-log-export-git-events.png)
+1. Click {% octicon "file-zip" aria-label="The File-zip icon" %} **Download Results** to download the file.
+1. The data is exported as a compressed JSON file. To extract the JSON data, uncompress the file using an archive utility client or command. 例如：
+
+    ```
+    gunzip export-avocado-corp-1642896556.json.gz
+    ```

translations/zh-CN/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/index.md

@@ -0,0 +1,20 @@
+---
+title: Reviewing audit logs for your enterprise
+intro: You can view user and system activity in the audit logs for your enterprise.
+shortTitle: Review audit logs
+versions:
+  ghec: '*'
+  ghes: '*'
+  ghae: '*'
+topics:
+  - Enterprise
+children:
+  - /about-the-audit-log-for-your-enterprise
+  - /accessing-the-audit-log-for-your-enterprise
+  - /searching-the-audit-log-for-your-enterprise
+  - /exporting-audit-log-activity-for-your-enterprise
+  - /streaming-the-audit-log-for-your-enterprise
+  - /using-the-audit-log-api-for-your-enterprise
+  - /audit-log-events-for-your-enterprise
+---
+

translations/zh-CN/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/searching-the-audit-log-for-your-enterprise.md

@@ -0,0 +1,130 @@
+---
+title: Searching the audit log for your enterprise
+intro: You can search an extensive list of audited actions in your enterprise.
+shortTitle: Search audit logs
+permissions: 'Enterprise owners {% ifversion ghes %}and site administrators {% endif %}can search the audit log.'
+redirect_from:
+  - /enterprise/admin/articles/searching-the-audit-log
+  - /enterprise/admin/installation/searching-the-audit-log
+  - /enterprise/admin/user-management/searching-the-audit-log
+  - /admin/user-management/searching-the-audit-log
+  - /admin/user-management/monitoring-activity-in-your-enterprise/searching-the-audit-log
+versions:
+  ghes: '*'
+  ghae: '*'
+  ghec: '*'
+type: how_to
+topics:
+  - Auditing
+  - Enterprise
+  - Logging
+miniTocMaxHeadingLevel: 3
+---
+
+## About search for the enterprise audit log
+
+You can search your enterprise audit log directly from the user interface by using the **Filters** dropdown, or by typing a search query.
+
+  ![搜索查询](/assets/images/enterprise/site-admin-settings/search-query.png)
+
+For more information about viewing your enterprise audit log, see "[Accessing the audit log for your enterprise](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/accessing-the-audit-log-for-your-enterprise)."
+
+You can also use the API to retrieve audit log events. For more information, see "[Using the audit log API for your enterprise](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/using-the-audit-log-api-for-your-enterprise)."
+
+请注意，无法使用文本搜索条目。 但是，您可以使用各种过滤器构建搜索查询。 查询日志时使用的许多运算符，如 `-`、`>` 或 `<`，与在 {% data variables.product.product_name %} 上搜索时的格式相同。 更多信息请参阅“[在 {% data variables.product.prodname_dotcom %} 上搜索](/search-github/getting-started-with-searching-on-github/about-searching-on-github)”。
+
+{% note %}
+
+**注**：{% data reusables.audit_log.retention-periods %}
+
+{% endnote %}
+
+## Search query filters
+
+|                          过滤，过滤器 | 描述                                                                                                                                                                                                                                    |
+| -------------------------------:| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+|          `Yesterday's activity` | All actions created in the past day.                                                                                                                                                                                                  |
+| `Enterprise account management` | All actions in the `business` category.                                                                                                                                                                                               |
+|                        `组织成员资格` | All actions for when a new user was invited to join an organization.                                                                                                                                                                  |
+|               `Team management` | All actions related to team management.<br/>- When a user account or repository was added or removed from a team<br/>- When a team maintainer was promoted or demoted<br/>-  When a team was deleted                |
+|         `Repository management` | All actions for repository management.<br/>- When a repository was created or deleted<br/>- When the repository visibility was changed<br/>- When a team was added or removed from a repository{% ifversion ghec %}
+|               `Billing updates` | All actions concerning how your enterprise pays for {% data variables.product.prodname_dotcom %} and for when your billing email address was changed.{% endif %}
+|                 `Hook activity` | All actions for webhooks and pre-receive hooks.                                                                                                                                                                                       |
+|           `Security management` | All actions concerning SSH keys, deploy keys, security keys, 2FA, and SAML single sign-on credential authorization, and vulnerability alerts for repositories.                                                                        |
+
+## 搜索查询语法
+
+You can compose a search query from one or more `key:value` pairs, separated by AND/OR logical operators. 例如，要查看自 2017 年初开始影响仓库 `octocat/Spoon-Knife` 的所有操作：
+
+  `repo:"octocat/Spoon-Knife" AND created:>=2017-01-01`
+
+The `key:value` pairs that can be used in a search query are:
+
+|              键 | 值                                                                                                                                                   |
+| --------------:| --------------------------------------------------------------------------------------------------------------------------------------------------- |
+|     `actor_id` | 发起操作的用户帐户的 ID                                                                                                                                       |
+|        `actor` | 发起操作的用户帐户的名称                                                                                                                                        |
+| `oauth_app_id` | 与操作相关联的 OAuth 应用程序的 ID                                                                                                                              |
+|       `action` | 已审核操作的名称                                                                                                                                            |
+|      `user_id` | 受操作影响的用户的 ID                                                                                                                                        |
+|           `用户` | 受操作影响的用户的名称                                                                                                                                         |
+|      `repo_id` | 受操作影响的仓库的 ID（若适用）                                                                                                                                   |
+|         `repo` | 受操作影响的仓库的名称（若适用）                                                                                                                                    |
+|     `actor_ip` | 发起操作的 IP 地址                                                                                                                                         |
+|      `created` | Time at which the action occurred{% ifversion ghes %}. If querying the audit log from the site admin dashboard, use `created_at` instead{% endif %}
+|         `from` | 发起操作的视图                                                                                                                                             |
+|         `note` | 事件特定的其他信息（采用纯文本或 JSON 格式）                                                                                                                           |
+|          `org` | 受操作影响的组织的名称（若适用）                                                                                                                                    |
+|       `org_id` | 受操作影响的组织的 ID（若适用）                                                                                                                                   |
+|     `business` | Name of the enterprise affected by the action (if applicable)                                                                                       |
+|  `business_id` | ID of the enterprise affected by the action (if applicable)                                                                                         |
+
+To see actions grouped by category, you can also use the action qualifier as a `key:value` pair. For more information, see "[Search based on the action performed](#search-based-on-the-action-performed)."
+
+For a full list of actions in your enterprise audit log, see "[Audit log actions for your enterprise](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/audit-log-events-for-your-enterprise)."
+
+## 搜索审核日志
+
+{% data reusables.audit_log.audit-log-search-by-operation %}
+
+{% data reusables.audit_log.audit-log-search-by-repo %}
+
+{% data reusables.audit_log.audit-log-search-by-user %}
+
+### 基于执行的操作搜索
+
+要搜索特定事件，请在查询中使用 `action` 限定符。 例如：
+
+  * `action:team` 会找到团队类别中的所有事件。
+  * `-action:hook` 会排除 web 挂钩类别中的所有事件。
+
+每个类别都有一组可进行过滤的关联操作。 例如：
+
+  * `action:team.create` 会找到团队创建处的所有事件。
+  * `-action:hook.events_changed` 会排除 web 挂钩上事件已经改动的所有事件。
+
+Actions that can be found in your enterprise audit log are grouped within the following categories:
+
+{% data reusables.audit_log.audit-log-action-categories %}
+### 基于操作时间搜索
+
+使用 `created` 限定符在审核日志中根据事件发生的时间过滤事件。
+
+{% data reusables.time_date.date_format %} {% data reusables.time_date.time_format %}
+
+{% data reusables.search.date_gt_lt %}
+
+例如：
+
+  * `created:2014-07-08` 会找到在 2014 年 7 月 8 日发生的所有事件。
+  * `created:>=2014-07-08` 查找在 2014 年 7 月 8 日或之后发生的所有事件。
+  * `created:<=2014-07-08` 查找在 2014 年 7 月 8 日或之前发生的所有事件。
+  * `created:2014-07-01..2014-07-31` 会找到在 2014 年 7 月发生的所有事件。
+
+### 基于位置搜索
+
+使用限定符 `country`，您可以在审核日志中根据发生事件的国家/地区过滤事件。 You can use a country's two-letter short code or full name. Countries with spaces in their name will need to be wrapped in quotation marks. 例如：
+
+  * `country:de` 会找到在德国发生的所有事件。
+  * `country:Mexico` 会找到在墨西哥发生的所有事件。
+  * `country:"United States"` 会找到在美国发生的所有事件。

translations/zh-CN/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/streaming-the-audit-log-for-your-enterprise.md

@@ -1,5 +1,5 @@
 ---
-title: 流式传输企业帐户中组织的审核日志
+title: Streaming the audit log for your enterprise
 intro: '您可以将审核和 Git 事件数据从 {% data variables.product.prodname_dotcom %} 流式传输到外部数据管理系统。'
 miniTocMaxHeadingLevel: 3
 versions:
@@ -10,27 +10,13 @@ topics:
   - Enterprise
   - Logging
   - Organizations
-shortTitle: 流式传输组织审核日志
+shortTitle: Stream audit logs
 redirect_from:
   - /github/setting-up-and-managing-your-enterprise/managing-organizations-in-your-enterprise-account/streaming-the-audit-logs-for-organizations-in-your-enterprise-account
+  - /admin/user-management/managing-organizations-in-your-enterprise/streaming-the-audit-logs-for-organizations-in-your-enterprise-account
 permissions: Enterprise owners can configure audit log streaming.
 ---
 
-## 关于导出审核数据
-
-您可以通过多种方式从 {% data variables.product.prodname_dotcom %} 中提取审核日志和 Git 事件数据：
-
-* 转到 {% data variables.product.prodname_dotcom %} 中的审核日志页，然后单击 **Export（导出）**。 更多信息请参阅“[查看企业帐户中组织的审核日志](/github/setting-up-and-managing-your-enterprise/managing-organizations-in-your-enterprise-account/viewing-the-audit-logs-for-organizations-in-your-enterprise-account)”和“[导出审核日志](/organizations/keeping-your-organization-secure/reviewing-the-audit-log-for-your-organization#exporting-the-audit-log)”。
-* 使用 API 轮询新的审核日志事件。 更多信息请参阅“[使用审核日志 API](/organizations/keeping-your-organization-secure/reviewing-the-audit-log-for-your-organization#using-the-audit-log-api)”。
-* 设置 {% data variables.product.product_name %} 以在记录事件时流式传输审核数据。
-
-目前，多个存储提供商支持审核日志流式处理。
-- Amazon S3
-- Azure Blob Storage
-- Azure Event Hubs
-- Google Cloud Storage
-- Splunk
-
 ## 关于审核日志流
 
 为了帮助保护您的知识产权并保持组织的合规性，您可以使用流式处理来保留审核日志数据的副本并监控：
@@ -40,7 +26,7 @@ permissions: Enterprise owners can configure audit log streaming.
 
 * **数据探索**。 您可以使用首选工具检查流事件，以查询大量数据。 流包含整个企业帐户中的审核事件和 Git 事件。
 * **数据连续性**。 您可以暂停流长达七天，而不会丢失任何审核数据。
-* **数据保留**。 您可以根据需要保留导出的审核日志和 Git 数据。
+* **数据保留**。 You can keep your exported audit logs and Git events data as long as you need to.
 
 企业所有者可以随时设置、暂停或删除流。 流导出企业中所有组织的审核数据。
 

translations/zh-CN/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/using-the-audit-log-api-for-your-enterprise.md

@@ -0,0 +1,143 @@
+---
+title: Using the audit log API for your enterprise
+intro: 'You can programmatically retrieve enterprise events with the{% ifversion ghec or ghes > 3.2 %} REST or{% endif %} GraphQL API.'
+shortTitle: Audit log API
+permissions: 'Enterprise owners {% ifversion ghes %}and site administrators {% endif %}can use the audit log API.'
+miniTocMaxHeadingLevel: 3
+versions:
+  ghec: '*'
+  ghes: '>=3.0'
+  ghae: '*'
+type: tutorial
+topics:
+  - Auditing
+  - Enterprise
+  - Logging
+  - API
+---
+
+## 使用审核日志 API
+
+您可以使用 GraphQL API{% ifversion ghec or ghes > 3.2 or ghae-issue-6648 %} 或 REST API{% endif %} 与审核日志交互。
+
+Timestamps and date fields in the API response are measured in [UTC epoch milliseconds](http://en.wikipedia.org/wiki/Unix_time).
+
+{% ifversion ghec or ghes > 3.0 or ghae %}
+## Querying the audit log GraphQL API
+
+To ensure your intellectual property is secure, and you maintain compliance for your enterprise, you can use the audit log GraphQL API to keep copies of your audit log data and monitor:
+{% data reusables.audit_log.audit-log-api-info %}
+
+Note that you can't retrieve Git events using the {% ifversion not ghec %}audit log API.{% else %}GraphQL API. 要检索 Git 事件，请改为使用 REST API。 For more information, see `git` category actions in "[Audit log actions for your enterprise](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/audit-log-events-for-your-enterprise#git-category-actions)", and also the "[Enterprise administration](/rest/reference/enterprise-admin#audit-log)" and "[Organizations](/rest/reference/orgs#get-the-audit-log-for-an-organization) audit log endpoints in the REST API documentation."{% endif %}
+
+GraphQL 响应可包含长达 90 至 120 天的数据。
+
+### Example 1: Members added to or removed from organizations in an enterprise
+
+The query below fetches the audit logs for the `avocado-corp` enterprise and returns the first 10 organizations in the enterprise, where the only actions performed were adding or removing a member from an organization. The first 20 audit log entries for each organization are returned.
+
+This query uses the [auditlog](/graphql/reference/objects) field from the Organization object, and the [OrgAddMemberAuditEntry](/graphql/reference/objects#orgaddmemberauditentry) and [OrgRemoveMemberAuditEntry](/graphql/reference/objects#orgremovememberauditentry) objects. The  {% data variables.product.prodname_dotcom %} account querying the enterprise audit log must be an organization owner for each organization within the enterprise.
+
+```shell
+{
+  enterprise(slug: "avocado-corp") {
+    organizations(first: 10, orderBy: {field: LOGIN, direction: DESC}) {
+      nodes {
+        name
+        auditLog(first: 20) {
+          edges {
+            node {
+              ... on OrgAddMemberAuditEntry {
+                action
+                actorLogin
+                createdAt
+              }
+              ... on OrgRemoveMemberAuditEntry {
+                action
+                actorLogin
+                createdAt
+              }
+            }
+          }
+        }
+      }
+      pageInfo {
+        hasNextPage
+        endCursor
+      }
+    }
+  }
+}
+```
+
+The GraphQL API will return at most 100 nodes per query. To retrieve additional results, you'll need to implement pagination. For more information, see "[Resource limitations](/graphql/overview/resource-limitations#node-limit)" in the GraphQL API documentation and [Pagination](https://graphql.org/learn/pagination/) in the official GraphQL documentation.
+### Example 2: Events in an organization, for a specific date and actor
+
+You can specify multiple search phrases, such as `created` and `actor`, by separating them in your query string with a space.
+
+The query below fetches all the audit logs for the `avocado-corp` enterprise that relate to the `octo-org` organization, where the actions were performed by the `octocat` user on or after the 1 Jan, 2022. The first 20 audit log entries are returned, with the newest log entry appearing first.
+
+This query uses the [AuditEntry](/graphql/reference/interfaces#auditentry) interface. The {% data variables.product.prodname_dotcom %} account querying the enterprise audit log must be an owner of the `octo-org` organization.
+
+```shell
+{
+  enterprise(slug: "avocado-corp") {
+    organizations(first: 1, query: "octo-org") {
+      nodes {
+        name
+        auditLog(first: 20, query: "actor:octocat created:>=2022-01-01T00:00:00.000Z", orderBy: {field: CREATED_AT, direction: DESC}) {
+          edges {
+            node {
+              ... on AuditEntry {
+                action
+                actorLogin
+                createdAt
+                user {
+                  name
+                }
+              }
+            }
+          }
+        }
+      }
+    }
+  }
+}
+```
+
+For more query examples, see the [platform-samples repository](https://github.com/github/platform-samples/blob/master/graphql/queries).
+
+{% endif %}
+{% ifversion ghec or ghes > 3.2 or ghae-issue-6648 %}
+## Querying the audit log REST API
+
+To ensure your intellectual property is secure, and you maintain compliance for your enterprise, you can use the audit log REST API to keep copies of your audit log data and monitor:
+{% data reusables.audit_log.audited-data-list %}
+
+{% data reusables.audit_log.retention-periods %}
+
+For more information about the audit log REST API, see "[Enterprise administration](/rest/reference/enterprise-admin#audit-log)" and "[Organizations](/rest/reference/orgs#get-the-audit-log-for-an-organization)."
+
+### Example 1: All events in an enterprise, for a specific date, with pagination
+
+The query below searches for audit log events created on Jan 1st, 2022 in the `avocado-corp` enterprise, and return the first page with a maximum of 100 items per page using [REST API pagination](/rest/overview/resources-in-the-rest-api#pagination):
+
+```shell
+curl -H "Authorization: token <em>TOKEN</em>" \
+--request GET \
+"https://api.github.com/enterprises/avocado-corp/audit-log?phrase=created:2022-01-01&page=1&per_page=100"
+```
+
+### Example 2: Events for pull requests in an enterprise, for a specific date and actor
+
+You can specify multiple search phrases, such as `created` and `actor`, by separating them in your formed URL with the `+` symbol or ASCII character code `%20`.
+
+The query below searches for audit log events for pull requests, where the event occurred on or after Jan 1st, 2022 in the `avocado-corp` enterprise, and the action was performed by the `octocat` user:
+
+```shell
+curl -H "Authorization: token <em>TOKEN</em>" \
+--request GET \
+"https://api.github.com/enterprises/avocado-corp/audit-log?phrase=action:pull_request+created:>=2022-01-01+actor:octocat"
+```
+
+{% endif %}

translations/zh-CN/content/admin/overview/system-overview.md

@@ -39,15 +39,15 @@ topics:
 
 ## 部署选项
 
-您可以将 {% data variables.product.prodname_ghe_server %} 部署为一个虚拟设备，也可采用高可用性配置。 更多信息请参阅“[配置 {% data variables.product.prodname_ghe_server %} 以实现高可用性](/enterprise/{{ currentVersion }}/admin/guides/installation/configuring-github-enterprise-server-for-high-availability/)”。
+您可以将 {% data variables.product.prodname_ghe_server %} 部署为一个虚拟设备，也可采用高可用性配置。 更多信息请参阅“[配置 {% data variables.product.prodname_ghe_server %} 以实现高可用性](/admin/enterprise-management/configuring-high-availability)”。
 
-某些拥有成千上万名开发者的组织还会从使用 {% data variables.product.prodname_ghe_server %} 集群中受益。 更多信息请参阅“[关于集群](/enterprise/{{ currentVersion }}/admin/guides/clustering/about-clustering)。”
+某些拥有成千上万名开发者的组织还会从使用 {% data variables.product.prodname_ghe_server %} 集群中受益。 更多信息请参阅“[关于集群](/admin/enterprise-management/configuring-clustering/about-clustering)。”
 
 ## 数据保留和数据中心冗余
 
 {% danger %}
 
-在生产环境中使用 {% data variables.product.prodname_ghe_server %} 之前，我们强烈建议您设置备份和灾难恢复计划。 更多信息请参阅“[在设备上配置备份](/enterprise/{{ currentVersion }}/admin/guides/installation/configuring-backups-on-your-appliance)”。
+在生产环境中使用 {% data variables.product.prodname_ghe_server %} 之前，我们强烈建议您设置备份和灾难恢复计划。 更多信息请参阅“[在设备上配置备份](/admin/configuration/configuring-your-enterprise/configuring-backups-on-your-appliance)”。
 
 {% enddanger %}
 
@@ -55,7 +55,7 @@ topics:
 
 除网络备份外，在设备处于离线或维护模式时，还支持用户存储卷的 AWS (EBS) 和 VMware 磁盘快照。 如果您的服务级别要求允许定期离线维护，可以将定期卷快照用作低成本、低复杂性的方案，代替通过 {% data variables.product.prodname_enterprise_backup_utilities %} 进行网络备份。
 
-更多信息请参阅“[在设备上配置备份](/enterprise/{{ currentVersion }}/admin/guides/installation/configuring-backups-on-your-appliance)”。
+更多信息请参阅“[在设备上配置备份](/admin/configuration/configuring-your-enterprise/configuring-backups-on-your-appliance)”。
 
 ## 安全
 
@@ -80,11 +80,11 @@ topics:
 
 目前，{% data variables.product.prodname_ghe_server %} 设备的基础是 Debian 9 (Stretch)，并接受 Debian 长期支持计划的支持。  计划在 Stretch 的 Debian LTS 期间结束前迁移到更新的基础操作系统。
 
-定期补丁更新发布在 {% data variables.product.prodname_ghe_server %} [发行](https://enterprise.github.com/releases)页面上，[发行说明](/enterprise-server/admin/release-notes)页面提供详细信息。 这些补丁一般含有经过测试并且质量经过我们工程团队批准的上游供应商和项目安全补丁。 从上游更新发布到测试以及捆绑于即将发布的 {% data variables.product.prodname_ghe_server %} 补丁版本中时，可能稍有延迟。
+定期补丁更新发布在 {% data variables.product.prodname_ghe_server %} [发行](https://enterprise.github.com/releases)页面上，[发行说明](/admin/release-notes)页面提供详细信息。 这些补丁一般含有经过测试并且质量经过我们工程团队批准的上游供应商和项目安全补丁。 从上游更新发布到测试以及捆绑于即将发布的 {% data variables.product.prodname_ghe_server %} 补丁版本中时，可能稍有延迟。
 
 ### 网络安全性
 
-{% data variables.product.prodname_ghe_server %} 的内部防火墙限制对设备服务的网络访问。 网络上仅提供设备正常运行所需的服务。 更多信息请参阅“[网络端口](/enterprise/{{ currentVersion }}/admin/guides/installation/network-ports)”。
+{% data variables.product.prodname_ghe_server %} 的内部防火墙限制对设备服务的网络访问。 网络上仅提供设备正常运行所需的服务。 更多信息请参阅“[网络端口](/admin/configuration/configuring-network-settings/network-ports)”。
 
 ### 应用程序安全性
 
@@ -92,15 +92,15 @@ topics:
 
 ### 外部服务和支持
 
-{% data variables.product.prodname_ghe_server %} 无需从网络访问外部服务也可以正常运行。 您可以选择集成外部服务，以提供电子邮件传送、外部监控和日志转发等功能。 更多信息请参阅“[配置电子邮件通知](/admin/configuration/configuring-email-for-notifications)”、“[设置外部监控](/enterprise/{{ currentVersion }}/admin/installation/setting-up-external-monitoring)”和“[日志转发](/admin/user-management/log-forwarding)”。
+{% data variables.product.prodname_ghe_server %} 无需从网络访问外部服务也可以正常运行。 您可以选择集成外部服务，以提供电子邮件传送、外部监控和日志转发等功能。 更多信息请参阅“[配置电子邮件通知](/admin/configuration/configuring-your-enterprise/configuring-email-for-notifications)”、“[设置外部监控](/admin/enterprise-management/monitoring-your-appliance/setting-up-external-monitoring)”和“[日志转发](/admin/monitoring-activity-in-your-enterprise/exploring-user-activity/log-forwarding)”。
 
-您可以手动收集故障排除数据并发送至 {% data variables.contact.github_support %}。 更多信息请参阅“[向 {% data variables.contact.github_support %} 提供数据](/enterprise/{{ currentVersion }}/admin/enterprise-support/providing-data-to-github-support)”。
+您可以手动收集故障排除数据并发送至 {% data variables.contact.github_support %}。 更多信息请参阅“[将数据提供给 {% data variables.contact.github_support %}](/support/contacting-github-support/providing-data-to-github-support)”。
 
 ### 加密通信
 
-{% data variables.product.prodname_dotcom %} 将 {% data variables.product.prodname_ghe_server %} 设计为在公司防火墙后面运行。 为确保线路通信安全，我们建议您启用传输层安全协议 (TLS)。 {% data variables.product.prodname_ghe_server %} 在 HTTPS 流量方面支持 2048 位和更高的商业 TLS 证书。 更多信息请参阅“[配置 TLS](/enterprise/{{ currentVersion }}/admin/installation/configuring-tls)”。
+{% data variables.product.prodname_dotcom %} 将 {% data variables.product.prodname_ghe_server %} 设计为在公司防火墙后面运行。 为确保线路通信安全，我们建议您启用传输层安全协议 (TLS)。 {% data variables.product.prodname_ghe_server %} 在 HTTPS 流量方面支持 2048 位和更高的商业 TLS 证书。 更多信息请参阅“[配置 TLS](/admin/configuration/configuring-network-settings/configuring-tls)”。
 
-默认情况下，该设备还为使用 Git 的仓库访问和管理目的提供安全 Shell (SSH) 访问。 更多信息请参阅“[关于 SSH](/enterprise/user/articles/about-ssh)”和“[访问管理 shell (SSH)](/enterprise/{{ currentVersion }}/admin/installation/accessing-the-administrative-shell-ssh)“。
+默认情况下，该设备还为使用 Git 的仓库访问和管理目的提供安全 Shell (SSH) 访问。 更多信息请参阅“[关于 SSH](/authentication/connecting-to-github-with-ssh/about-ssh)”和“[访问管理 shell (SSH)](/admin/configuration/configuring-your-enterprise/accessing-the-administrative-shell-ssh)“。
 
 {% ifversion ghes > 3.3 %}
 
@@ -112,24 +112,24 @@ topics:
 
 {% data variables.product.prodname_ghe_server %} 提供三种类型的帐户。
 
-- `管理员` Linux 用户帐户已控制对基础操作系统的访问，包括对直接文件系统和数据库的访问。 一小部分受信任的管理员应该有权访问此帐户，他们可以通过 SSH 访问。 更多信息请参阅“[访问管理 shell (SSH)](/enterprise/{{ currentVersion }}/admin/installation/accessing-the-administrative-shell-ssh)”。
+- `管理员` Linux 用户帐户已控制对基础操作系统的访问，包括对直接文件系统和数据库的访问。 一小部分受信任的管理员应该有权访问此帐户，他们可以通过 SSH 访问。 更多信息请参阅“[访问管理 shell (SSH)](/admin/configuration/configuring-your-enterprise/accessing-the-administrative-shell-ssh)。”
 - 设备 Web 应用程序中的用户帐户对自己的数据以及其他用户或组织明确授予权限的任何数据具有完全访问权限。
 - 设备 Web 应用程序中的站点管理员是可以管理高级 Web 应用程序和设备设置、用户和组织帐户设置以及仓库数据的用户帐户。
 
-关于 {% data variables.product.prodname_ghe_server %} 用户权限的更多信息，请参阅“[GitHub 上的访问权限](/enterprise/user/articles/access-permissions-on-github) ”。
+关于 {% data variables.product.prodname_ghe_server %} 用户权限的更多信息，请参阅“[GitHub 上的访问权限](/get-started/learning-about-github/access-permissions-on-github) ”。
 
 ### 身份验证
 
 {% data variables.product.prodname_ghe_server %} 提供四种身份验证方法。
 
-- SSH 公钥身份验证提供使用 Git 的仓库访问权限和管理 shell 的访问权限。 更多信息请参阅“[关于 SSH](/enterprise/user/articles/about-ssh)”和“[访问管理 shell (SSH)](/enterprise/{{ currentVersion }}/admin/installation/accessing-the-administrative-shell-ssh)“。
-- 使用 HTTP cookie 的用户名和密码身份验证提供 Web 应用程序访问和会话管理权限，可选择双重身份验证 (2FA)。 更多信息请参阅“[使用内置身份验证](/enterprise/{{ currentVersion }}/admin/user-management/using-built-in-authentication)”。
-- 使用 LDAP 服务、SAML 身份提供程序 (IdP) 或其他兼容服务的外部 LDAP、SAML 或 CAS 身份验证提供对 Web 应用程序的访问权限。 更多信息请参阅“[为您的 GitHub Enterprise Server 实例验证用户身份](/enterprise/{{ currentVersion }}/admin/user-management/authenticating-users-for-your-github-enterprise-server-instance)“。
+- SSH 公钥身份验证提供使用 Git 的仓库访问权限和管理 shell 的访问权限。 更多信息请参阅“[关于 SSH](/authentication/connecting-to-github-with-ssh/about-ssh)”和“[访问管理 shell (SSH)](/admin/configuration/configuring-your-enterprise/accessing-the-administrative-shell-ssh)“。
+- 使用 HTTP cookie 的用户名和密码身份验证提供 Web 应用程序访问和会话管理权限，可选择双重身份验证 (2FA)。 更多信息请参阅“[使用内置身份验证](/admin/identity-and-access-management/authenticating-users-for-your-github-enterprise-server-instance/using-built-in-authentication)”。
+- 使用 LDAP 服务、SAML 身份提供程序 (IdP) 或其他兼容服务的外部 LDAP、SAML 或 CAS 身份验证提供对 Web 应用程序的访问权限。 更多信息请参阅“[为您的 GitHub Enterprise Server 实例验证用户身份](/admin/identity-and-access-management/authenticating-users-for-your-github-enterprise-server-instance)“。
 - OAuth 和个人访问令牌为外部客户端和服务提供对 Git 仓库数据和 API 的访问权限。 更多信息请参阅“[创建个人访问令牌](/github/authenticating-to-github/creating-a-personal-access-token)”。
 
 ### 审核和访问日志记录
 
-{% data variables.product.prodname_ghe_server %} 存储传统的操作系统日志和应用程序日志。 应用程序还会编写详细的审核和安全日志，永久存储在 {% data variables.product.prodname_ghe_server %} 上。 您可以通过 `syslog-ng` 协议将两种类型的日志实时转发到多个目标。 更多信息请参阅“[日志转发](/admin/user-management/log-forwarding)。”
+{% data variables.product.prodname_ghe_server %} 存储传统的操作系统日志和应用程序日志。 应用程序还会编写详细的审核和安全日志，永久存储在 {% data variables.product.prodname_ghe_server %} 上。 您可以通过 `syslog-ng` 协议将两种类型的日志实时转发到多个目标。 更多信息请参阅“[日志转发](/admin/monitoring-activity-in-your-enterprise/exploring-user-activity/log-forwarding)。”
 
 访问和审核日志包括如下信息。
 
@@ -158,6 +158,6 @@ topics:
 
 ## 延伸阅读
 
-- “[设置 {% data variables.product.prodname_ghe_server %} 的试用版](/articles/setting-up-a-trial-of-github-enterprise-server)”
-- “[设置 {% data variables.product.prodname_ghe_server %} 实例](/enterprise/{{ currentVersion }}/admin/guides/installation/setting-up-a-github-enterprise-server-instance)”
+- “[设置 {% data variables.product.prodname_ghe_server %} 的试用版](/get-started/signing-up-for-github/setting-up-a-trial-of-github-enterprise-server)”
+- “[设置 {% data variables.product.prodname_ghe_server %} 实例](/admin/installation/setting-up-a-github-enterprise-server-instance)”
 - `github/roadmap` 仓库中的 [ {% data variables.product.prodname_roadmap %} ]({% data variables.product.prodname_roadmap_link %})

translations/zh-CN/content/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise.md

@@ -115,7 +115,7 @@ shortTitle: 仓库管理策略
 
 ## 执行邀请{% ifversion ghec %} 外部{% endif %} 协作者参与仓库的策略
 
-在您的企业帐户拥有的所有组织中，您可以允许成员邀请{% ifversion ghec %}外部{% endif %}协作者加入仓库、将{% ifversion ghec %}外部协作者{% endif %}邀请限制为组织所有者或允许所有者在组织级别管理设置。
+在企业拥有的所有组织中，您可以允许成员邀请{% ifversion ghec %}外部{% endif %} 协作者访问存储库，限制{% ifversion ghec %}外部协作者 {% endif %}邀请组织所有者，{% if prevent-org-admin-add-outside-collaborator %}限制{% ifversion ghec %}外部协作者 {% endif %}邀请企业所有者，{% endif %}或允许组织所有者在组织级别管理设置。
 
 {% data reusables.enterprise-accounts.access-enterprise %}
 {% data reusables.enterprise-accounts.policies-tab %}

translations/zh-CN/content/admin/user-management/index.md

@@ -1,6 +1,6 @@
 ---
 title: 管理用户、组织和仓库
-shortTitle: 管理用户、组织和仓库
+shortTitle: 管理用户、组织和存储库
 intro: 本指南介绍了可让用户登录您的企业的身份验证方法、如何创建组织和团队以进行仓库访问和协作，并针对用户安全提供了最佳实践建议。
 redirect_from:
   - /enterprise/admin/categories/user-management
@@ -18,7 +18,6 @@ children:
   - /managing-users-in-your-enterprise
   - /managing-organizations-in-your-enterprise
   - /managing-repositories-in-your-enterprise
-  - /monitoring-activity-in-your-enterprise
   - /migrating-data-to-and-from-your-enterprise
 ---
 

translations/zh-CN/content/admin/user-management/managing-organizations-in-your-enterprise/index.md

@@ -23,8 +23,6 @@ children:
   - /requiring-two-factor-authentication-for-an-organization
   - /creating-teams
   - /adding-people-to-teams
-  - /viewing-the-audit-logs-for-organizations-in-your-enterprise
-  - /streaming-the-audit-logs-for-organizations-in-your-enterprise-account
   - /managing-your-role-in-an-organization-owned-by-your-enterprise
   - /removing-users-from-teams-and-organizations
   - /removing-organizations-from-your-enterprise

translations/zh-CN/content/admin/user-management/managing-organizations-in-your-enterprise/managing-your-role-in-an-organization-owned-by-your-enterprise.md

@@ -1,6 +1,6 @@
 ---
-title: Managing your role in an organization owned by your enterprise
-intro: You can manage your membership in any organization owned by your enterprise and change your role within the organization.
+title: 管理您在企业拥有的组织中的角色
+intro: 您可以管理您在企业拥有的任何组织中的成员身份，并更改您在组织中的角色。
 permissions: Enterprise owners can manage their role in an organization owned by the enterprise.
 versions:
   feature: enterprise-owner-join-org
@@ -9,46 +9,46 @@ topics:
   - Administrator
   - Enterprise
   - Organizations
-shortTitle: Manage your organization roles
+shortTitle: 管理您的组织角色
 ---
 
 {% note %}
 
-**Note:** The ability for enterprise owners to manage their role in an organization owned by the enterprise is in beta and subject to change.
+**注意：** 企业所有者在企业拥有的组织中管理其角色的能力处于测试阶段，可能会发生变化。
 
 {% endnote %}
 
-## About role management
+## 关于角色管理
 
-You can choose to join an organization owned by your enterprise as a member or as an organization owner, change your role within the organization, or leave the organization.
+您可以选择以成员或组织所有者的身份加入企业拥有的组织，更改您在组织中的角色或离开组织。
 
 {% warning %}
 
-**Warning**: If an organization uses SCIM to provision users, joining the organization this way could have unintended consequences. 更多信息请参阅“[关于 SCIM](/organizations/managing-saml-single-sign-on-for-your-organization/about-scim)”。
+**警告**：如果组织使用 SCIM 来预配用户，则以这种方式加入组织可能会产生意想不到的后果。 更多信息请参阅“[关于 SCIM](/organizations/managing-saml-single-sign-on-for-your-organization/about-scim)”。
 
 {% endwarning %}
 
-## Managing your role with the enterprise settings
+## 使用企业设置管理您的角色
 
-You can join an organization owned by your enterprise and manage your role within the organization, directly from the settings for your enterprise account.
+您可以加入企业拥有的组织，并直接从企业帐户的设置中管理您在组织中的角色。
 
-If an organization enforces SAML single sign-on (SSO), you cannot use the enterprise settings to join the organization. Instead, you must join the organization using that organization's identity provider (IdP). Then, you can manage your role in your enterprise settings. For more information, see "[Joining an organization that enforces SAML SSO](#joining-an-organization-that-enforces-saml-sso)."
+如果组织强制实施 SAML 单点登录 (SSO)，则无法使用企业设置加入组织。 相反，您必须使用该组织的身份提供程序 (IdP) 加入组织。 然后，您可以在企业设置中管理您的角色。 更多信息请参阅“[加入强制实施 SAML SSO 的组织](#joining-an-organization-that-enforces-saml-sso)”。
 
 {% data reusables.enterprise-accounts.access-enterprise %}
-1. On the **Organizations** tab, to the right of the organization you want to manage your role in, select the {% octicon "gear" aria-label="The gear icon" %} dropdown menu and click the action you want to take.
+1. 在 **Organizations（组织）**选项卡上，在您要在其中管理角色的组织右侧，选择 {% octicon "gear" aria-label="The gear icon" %} 下拉菜单，然后单击要执行的操作。
 
-   ![Screenshot of the dropdown menu for the gear icon for an organization](/assets/images/help/business-accounts/change-role-in-org.png)
+   ![组织的齿轮图标下拉菜单的屏幕截图](/assets/images/help/business-accounts/change-role-in-org.png)
 
-## Joining an organization that enforces SAML SSO
+## 加入强制实施 SAML SSO 的组织
 
-If an organization enforces SAML SSO, you cannot use the enterprise settings to join the organization. Instead, you must join the organization using that organization's identity provider (IdP).
+如果组织强制实施 SAML SSO，则无法使用企业设置加入组织。 相反，您必须使用该组织的身份提供程序 (IdP) 加入组织。
 
-1. You must be assigned access in your IdP to the application for {% data variables.product.prodname_ghe_cloud %} that is used by the organization. If you're unable to configure your IdP yourself, contact your IdP administrator.
-1. Authenticate to the organization using SAML SSO.
+1. 您必须在 IdP 中为组织使用的 {% data variables.product.prodname_ghe_cloud %} 的应用程序分配访问权限。 如果您无法自行配置 IdP，请联系您的 IdP 管理员。
+1. 使用 SAML SSO 向组织进行身份验证。
 
-   - If the organization uses SCIM, accept the organization invitation that will be generated by the SCIM integration.
-   - If the organization does not use SCIM, visit the following URL, replacing ORGANIZATION with the name of the organization, then follow the prompts to authenticate.
+   - 如果组织使用 SCIM，请接受将由 SCIM 集成生成的组织邀请。
+   - 如果组织不使用 SCIM，请访问以下 URL，将 ORGANIZATION 替换为组织的名称，然后按照提示进行身份验证。
 
     `https://github.com/orgs/ORGANIZATION/sso`
 
-After you've joined the organization, you can use the enterprise settings to manage your role in the organization, such as becoming an organization owner. For more information, see "[Managing your role with the enterprise settings](#managing-your-role-with-the-enterprise-settings)."
+加入组织后，您可以使用企业设置来管理您在组织中的角色，例如成为组织所有者。 更多信息请参阅“[使用企业设置管理您的角色](#managing-your-role-with-the-enterprise-settings)。。

translations/zh-CN/content/admin/user-management/managing-organizations-in-your-enterprise/restoring-a-deleted-organization.md

@@ -1,6 +1,6 @@
 ---
-title: Restoring a deleted organization
-intro: 'You can partially restore an organization that was previously deleted on {% data variables.product.product_location %}.'
+title: 恢复已删除的组织
+intro: '您可以部分恢复以前在 {% data variables.product.product_location %} 上删除的组织。'
 versions:
   ghes: '*'
 type: how_to
@@ -8,46 +8,46 @@ topics:
   - Administrator
   - Enterprise
   - Organizations
-shortTitle: Restore organization
+shortTitle: 恢复组织
 permissions: 'Site administers can restore an organization on {% data variables.product.product_name %}.'
 ---
 
-## About organization restoration
+## 关于组织恢复
 
-You can use the site admin dashboard to restore an organization that was previously deleted on {% data variables.product.product_location %}, as long as the audit log Elasticsearch indices contain the data for the `org.delete` event.
+您可以使用站点管理仪表板来恢复以前在 {% data variables.product.product_location %} 上删除的组织，只要审核日志 Elasticsearch 索引包含 `org.delete` 事件的数据即可。
 
-Immediately after you restore an organization, the organization will not be exactly the same as it was prior to the deletion. You'll have to manually restore any repositories that were owned by the organization. 更多信息请参阅“[恢复删除的仓库](/admin/user-management/managing-repositories-in-your-enterprise/restoring-a-deleted-repository)”。
+恢复组织后，组织与删除之前不完全相同。 您必须手动恢复组织拥有的所有存储库。 更多信息请参阅“[恢复删除的仓库](/admin/user-management/managing-repositories-in-your-enterprise/restoring-a-deleted-repository)”。
 
-You can also use the audit log to help you manually re-add teams and organization members. For more information, see "[Restoring members and teams](#restoring-members-and-teams)."
+您还可以使用审核日志来帮助您手动重新添加团队和组织成员。 更多信息请参阅“[恢复成员和团队](#restoring-members-and-teams)”。
 
-## Restoring an organization
+## 恢复组织
 
 {% data reusables.enterprise_site_admin_settings.access-settings %}
-1. Under "Search users, organizations, enterprises, teams, repositories, gists, and applications", search for the organization.
+1. 在“Search users, organizations, enterprises, teams, repositories, gists, and applications（搜索用户、组织、企业、团队、存储库、要点和应用程序）”下，搜索组织。
 
-  ![Screenshot of the search field and Search button](/assets/images/enterprise/stafftools/search-field.png)
+  ![搜索字段和“搜索”按钮的屏幕截图](/assets/images/enterprise/stafftools/search-field.png)
 
-1. Under "Deleted accounts", to the right of the organization you want to restore, select the {% octicon "kebab-horizontal" aria-label="The edit icon" %} dropdown menu, then click **Recreate**.
+1. 在“Deleted accounts（已删除的帐户）”下要恢复的组织右侧，选择 {% octicon "kebab-horizontal" aria-label="The edit icon" %} 下拉菜单，然后单击 **Recreate（重新创建）**。
 
-   ![Screenshot of the dropdown menu for a deleted organization](/assets/images/enterprise/stafftools/recreate-organization.png)
+   ![已删除组织的下拉菜单屏幕截图](/assets/images/enterprise/stafftools/recreate-organization.png)
 
-## Restoring members and teams
+## 恢复成员和团队
 
-You can use the audit log to find a list of the previous members and teams of the organization, then recreate them manually. For more information about using the audit log, see "[Auditing users across your enterprise](/admin/user-management/managing-users-in-your-enterprise/auditing-users-across-your-enterprise)."
+您可以使用审核日志查找组织中以前的成员和团队的列表，然后手动重新创建它们。 有关使用审核日志的详细信息，请参阅“[审核企业中的用户](/admin/user-management/managing-users-in-your-enterprise/auditing-users-across-your-enterprise)”。
 
-In all the search phrases below, replace ORGANIZATION with the name of the organization and TEAM with the name of the team.
+在下面的所有搜索短语中，将 ORGANIZATION 替换为组织的名称，将 TEAM 替换为团队的名称。
 
-### Restoring organization members
+### 恢复组织成员
 
-1. To find all users who were added to and removed from the organization, search the audit log for `action:org.add_member org:ORGANIZATION` and `action:org.remove_member org:ORGANIZATION`.
-1. Manually add to the organization each user that should still be a member. For more information, see "[Adding people to your organization](/organizations/managing-membership-in-your-organization/adding-people-to-your-organization)."
+1. 若要查找在组织中添加和删除的所有用户，请在审核日志中搜索 `action:org.add_member org:ORGANIZATION` 和 `action:org.remove_member org:ORGANIZATION`。
+1. 手动将仍应是成员的每个用户添加到组织中。 更多信息请参阅“[向组织添加人员](/organizations/managing-membership-in-your-organization/adding-people-to-your-organization)”。
 
-### Restoring teams
+### 恢复团队
 
-1. To find each team name, search the audit log for `action:team.create org:ORGANIZATION`.
-1. Manually recreate the team. For more information, see "[Creating a team](/organizations/organizing-members-into-teams/creating-a-team)."
-1. To find the members that have been added to each team, search for `action:team.add_member team:"ORGANIZATION/TEAM"`.
-1. Manually re-add the team members. For more information, see "[Adding organization members to a team](/organizations/organizing-members-into-teams/adding-organization-members-to-a-team)."
-1. To find the repositories that the team was granted access to, search for `action:team.add_repository team:"ORGANIZATION/TEAM"`.
-1. To find the access level that the team was granted for each repository, search for `action:team.update_repository_permission team:"ORGANIZATION/TEAM"`.
-1. Manually give the team access again. For more information, see "[Managing team access to an organization repository](/organizations/managing-access-to-your-organizations-repositories/managing-team-access-to-an-organization-repository)."
+1. 若要查找每个团队名称，请在审核日志中搜索 `action:team.create org:ORGANIZATION`。
+1. 手动重新创建团队。 For more information, see "[Creating a team](/organizations/organizing-members-into-teams/creating-a-team)."
+1. 要查找已添加到每个团队的成员，请搜索 `action:team.add_member team:"ORGANIZATION/TEAM"`。
+1. 手动重新添加团队成员。 更多信息请参阅“[将组织成员添加到团队](/organizations/organizing-members-into-teams/adding-organization-members-to-a-team)”。
+1. 要查找团队被授予访问权限的存储库，请搜索 `action:team.add_repository team:"ORGANIZATION/TEAM"`。
+1. 要查找团队为每个存储库授予的访问权限级别，请搜索 `action:team.update_repository_permission team:"ORGANIZATION/TEAM"`。
+1. 再次手动授予团队访问权限。 更多信息请参阅“[管理团队的组织仓库访问权限](/organizations/managing-access-to-your-organizations-repositories/managing-team-access-to-an-organization-repository)”。

translations/zh-CN/content/admin/user-management/managing-organizations-in-your-enterprise/viewing-the-audit-logs-for-organizations-in-your-enterprise.md

@@ -1,36 +0,0 @@
----
-title: 查看企业中组织的审核日志
-intro: 企业所有者可以在其审核日志中查看企业帐户拥有的所有组织的汇总操作。
-redirect_from:
-  - /github/setting-up-and-managing-your-enterprise/managing-organizations-in-your-enterprise-account/viewing-the-audit-logs-for-organizations-in-your-enterprise-account
-  - /articles/viewing-the-audit-logs-for-organizations-in-your-business-account
-  - /articles/viewing-the-audit-logs-for-organizations-in-your-enterprise-account
-  - /github/setting-up-and-managing-your-enterprise-account/viewing-the-audit-logs-for-organizations-in-your-enterprise-account
-  - /github/setting-up-and-managing-your-enterprise/viewing-the-audit-logs-for-organizations-in-your-enterprise-account
-versions:
-  ghec: '*'
-type: how_to
-topics:
-  - Auditing
-  - Enterprise
-  - Logging
-  - Organizations
-shortTitle: 查看组织审核日志
----
-
-每个审核日志条目都显示有关事件的适用信息，例如：
-
-- 可在其中执行操作的组织
-- 执行操作的用户
-- 执行操作的仓库
-- 执行的操作内容
-- 发生操作的国家/地区
-- 操作发生的日期和时间
-
-您可以在审核日志中搜索特定事件并导出审核日志数据。 有关搜索审核日志和特定组织事件的更多信息，请参阅“[审查组织的审核日志](/organizations/keeping-your-organization-secure/reviewing-the-audit-log-for-your-organization)”。
-
-您还可以将审核和 Git 事件数据从 {% data variables.product.prodname_dotcom %} 流式传输到外部数据管理系统。 更多信息请参阅“[流式传输企业帐户中组织的审核日志](/admin/user-management/managing-organizations-in-your-enterprise/streaming-the-audit-logs-for-organizations-in-your-enterprise-account)”。
-
-{% data reusables.enterprise-accounts.access-enterprise %}
-{% data reusables.enterprise-accounts.settings-tab %}
-{% data reusables.enterprise-accounts.audit-log-tab %}

translations/zh-CN/content/admin/user-management/managing-users-in-your-enterprise/auditing-users-across-your-enterprise.md

@@ -81,7 +81,7 @@ shortTitle: 审计用户
 
 ### 基于执行的操作搜索
 
-`action` 限定符可搜索特定事件（按类别组织）。 有关与这些类别相关的事件的信息，请参阅“[审核的操作](/admin/user-management/audited-actions)”。
+`action` 限定符可搜索特定事件（按类别组织）。 有关与这些类别相关的事件的信息，请参阅“[审核企业的日志事件](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/audit-log-events-for-your-enterprise)”。
 
 | 类别名称   | 描述                   |
 | ------ | -------------------- |

translations/zh-CN/content/admin/user-management/managing-users-in-your-enterprise/customizing-user-messages-for-your-enterprise.md

@@ -72,7 +72,7 @@ topics:
 
 如果消息中包含 Markdown 复选框，则用户必须选中所有复选框才能忽略消息。 例如，如果您在必读消息中包含服务条款，您可以要求每个用户选中复选框以确认他们阅读了这些条款。
 
-每次用户看到必读消息时，都会创建审核日志事件。 该事件包括用户看到的消息的版本。 更多信息请参阅“[已审核操作](/admin/user-management/audited-actions)”。
+每次用户看到必读消息时，都会创建审核日志事件。 该事件包括用户看到的消息的版本。 更多信息请参阅“[审核企业的日志事件](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/audit-log-events-for-your-enterprise)”。
 
 {% note %}
 

translations/zh-CN/content/admin/user-management/managing-users-in-your-enterprise/impersonating-a-user.md

@@ -19,7 +19,7 @@ shortTitle: 模拟用户
 
 对于每个模拟会话，您需要提供模拟的原因。 会话限制为一小时，您将拥有与被模拟用户相同的访问权限。
 
-在模拟会话期间执行的操作将记录为企业审核日志以及模拟用户的安全日志中的事件。 当模拟会话开始时，被模拟的人员将收到电子邮件通知。 更多信息请参阅“[已审核的操作](/admin/user-management/monitoring-activity-in-your-enterprise/audited-actions)”和“[查看安全日志](/authentication/keeping-your-account-and-data-secure/reviewing-your-security-log)”。
+在模拟会话期间执行的操作将记录为企业审核日志以及模拟用户的安全日志中的事件。 当模拟会话开始时，被模拟的人员将收到电子邮件通知。 更多信息请参阅“[审核企业的日志事件](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/audit-log-events-for-your-enterprise)”和“[查看安全日志](/authentication/keeping-your-account-and-data-secure/reviewing-your-security-log)”。
 
 ## 模拟用户
 

translations/zh-CN/content/admin/user-management/managing-users-in-your-enterprise/removing-a-member-from-your-enterprise.md

@@ -1,39 +1,39 @@
 ---
-title: Removing a member from your enterprise
-intro: You can remove a member from all organizations owned by your enterprise.
+title: 从企业中删除成员
+intro: 您可以从企业拥有的所有组织中删除成员。
 permissions: Enterprise owners can remove an enterprise member from the enterprise.
 versions:
   feature: remove-enterprise-members
 type: how_to
 topics:
   - Enterprise
-shortTitle: Remove member
+shortTitle: 删除成员
 ---
 
 {% note %}
 
-**Note:** The ability to remove enterprise members is in beta and subject to change.
+**注意：** 删除企业成员的功能处于测试阶段，可能会发生更改。
 
 {% endnote %}
 
-## About removal of enterprise members
+## 关于删除企业成员
 
-When you remove an enterprise member from your enterprise, the member is removed from all organizations owned by your enterprise.
+从企业中删除企业成员时，该成员将从企业拥有的所有组织中删除。
 
-If the enterprise member you're removing is the last owner of an organization owned by your enterprise, you will become an owner of that organization.
+如果要删除的企业成员是企业拥有的组织的最后一个所有者，您将成为该组织的所有者。
 
-If your enterprise or any of the organizations owned by your enterprise uses an identity provider (IdP) to manage organization membership, the member may be added back to the organization by the IdP. Make sure to also make any necessary changes in your IdP.
+如果您的企业或您的企业拥有的任何组织使用身份提供程序 (IdP) 来管理组织成员身份，则 IdP 可能会将成员添加回组织。 确保还要对 IdP 进行任何必要的更改。
 
-## Removing a member from your enterprise
+## 从企业中删除成员
 
 {% note %}
 
-**Note:** If an enterprise member uses only {% data variables.product.prodname_ghe_server %}, and not {% data variables.product.prodname_ghe_cloud %}, you cannot remove the enterprise member this way.
+**注意：** 如果企业成员仅使用 {% data variables.product.prodname_ghe_server %}，而不使用 {% data variables.product.prodname_ghe_cloud %}，则无法以这种方式删除企业成员。
 
 {% endnote %}
 
 {% data reusables.enterprise-accounts.access-enterprise %}
 {% data reusables.enterprise-accounts.people-tab %}
-1. To the right of the person you want to remove, select the {% octicon "gear" aria-label="The gear icon" %} dropdown menu and click **Remove from enterprise**.
+1. 在要删除的人员的右侧，选择 {% octicon "gear" aria-label="The gear icon" %} 下拉菜单，然后单击 **Remove from enterprise（从企业中删除）**。
 
-   ![Screenshot of the "Remove from enterprise" option for an enterprise member](/assets/images/help/business-accounts/remove-member.png)
+   ![企业成员的 "从企业中删除" 选项的屏幕截图](/assets/images/help/business-accounts/remove-member.png)

translations/zh-CN/content/admin/user-management/monitoring-activity-in-your-enterprise/audit-logging.md

@@ -1,48 +0,0 @@
----
-title: 审核日志
-intro: '{% data variables.product.product_name %} 会保留已审计 {% ifversion ghes %} 系统、{% endif %}用户、组织和仓库事件的日志。 日志可用于调试以及内部和外部合规。'
-redirect_from:
-  - /enterprise/admin/articles/audit-logging
-  - /enterprise/admin/installation/audit-logging
-  - /enterprise/admin/user-management/audit-logging
-  - /admin/user-management/audit-logging
-versions:
-  ghes: '*'
-  ghae: '*'
-type: reference
-topics:
-  - Auditing
-  - Enterprise
-  - Logging
-  - Security
----
-
-有关完整列表，请参阅“[审核的操作](/admin/user-management/audited-actions)”。 有关查找特定操作的详细信息，请参阅“[搜索审核日志](/admin/user-management/searching-the-audit-log)”。
-
-## 推送日志
-
-会记录每个 Git 推送操作。 更多信息请参阅“[查看推送日志](/admin/user-management/viewing-push-logs)”。
-
-{% ifversion ghes %}
-## 系统事件
-
-所有审核的系统事件都将记录到 `/var/log/github/audit.log`。 日志每 24 小时自动轮换一次，并会保留七天。
-
-支持包中包含系统日志。 更多信息请参阅“[向 {% data variables.product.prodname_dotcom %} Support 提供数据](/admin/enterprise-support/providing-data-to-github-support)”。
-
-## 支持包
-
-所有审核信息均会记录到任何支持包 `github-logs` 目录的 `audit.log` 文件中。 如果已启用日志转发，您可以将此数据传输到外部 syslog 流使用者，例如 [Splunk](http://www.splunk.com/) 或 [Logstash](http://logstash.net/)。 此日志中的所有条目均使用 `github_audit` 关键词，并且可以通过该关键词进行筛选。 更多信息请参阅“[日志转发](/admin/user-management/log-forwarding)。”
-
-例如，此条目显示已创建的新仓库。
-
-```
-Oct 26 01:42:08 github-ent github_audit: {:created_at=>1351215728326, :actor_ip=>"10.0.0.51", :data=>{}, :user=>"some-user", :repo=>"some-user/some-repository", :actor=>"some-user", :actor_id=>2, :user_id=>2, :action=>"repo.create", :repo_id=>1, :from=>"repositories#create"}
-```
-
-此示例显示提交已推送到仓库。
-
-```
-Oct 26 02:19:31 github-ent github_audit: { "pid":22860, "ppid":22859, "program":"receive-pack", "git_dir":"/data/repositories/some-user/some-repository.git", "hostname":"github-ent", "pusher":"some-user", "real_ip":"10.0.0.51", "user_agent":"git/1.7.10.4", "repo_id":1, "repo_name":"some-user/some-repository", "transaction_id":"b031b7dc7043c87323a75f7a92092ef1456e5fbaef995c68", "frontend_ppid":1, "repo_public":true, "user_name":"some-user", "user_login":"some-user", "frontend_pid":18238, "frontend":"github-ent", "user_email":"some-user@github.example.com", "user_id":2, "pgroup":"github-ent_22860", "status":"post_receive_hook", "features":" report-status side-band-64k", "received_objects":3, "receive_pack_size":243, "non_fast_forward":false, "current_ref":"refs/heads/main" }
-```
-{% endif %}

translations/zh-CN/content/admin/user-management/monitoring-activity-in-your-enterprise/audited-actions.md

@@ -1,198 +0,0 @@
----
-title: 审核的操作
-intro: 您可以在审核日志中搜索各种操作。
-miniTocMaxHeadingLevel: 3
-redirect_from:
-  - /enterprise/admin/articles/audited-actions
-  - /enterprise/admin/installation/audited-actions
-  - /enterprise/admin/user-management/audited-actions
-  - /admin/user-management/audited-actions
-versions:
-  ghes: '*'
-  ghae: '*'
-type: reference
-topics:
-  - Auditing
-  - Enterprise
-  - Security
----
-
-## 身份验证
-
-| 操作                                   | 描述                                               |
-| ------------------------------------ | ------------------------------------------------ |
-| `oauth_access.create`                | 已为用户帐户[生成>][generate token] [OAuth 访问令牌][]。      |
-| `oauth_access.destroy`               | 已从用户帐户中删除 [OAuth 访问令牌][]。                        |
-| `oauth_application.destroy`          | 已从用户或组织帐户中删除 [OAuth 应用程序][]。                     |
-| `oauth_application.reset_secret`     | 已重置 [OAuth 应用程序][]的密钥。                           |
-| `oauth_application.transfer`         | 已将 [OAuth 应用程序][]从一个用户或组织帐户传送到另一个用户或组织帐户。        |
-| `public_key.create`                  | 已将 SSH 密钥[添加][add key]到用户帐户中，或者已将[部署密钥][]添加到仓库中。 |
-| `public_key.delete`                  | 已从用户帐户中移除 SSH 密钥，或已从仓库中移除[部署密钥][]。               |
-| `public_key.update`                  | 已更新用户帐户的 SSH 密钥或仓库的[部署密钥][]。{% ifversion ghes %}
-| `two_factor_authentication.enabled`  | 已为用户帐户启用[双重身份验证][2fa]。                           |
-| `two_factor_authentication.disabled` | 已为用户帐户禁用[双重身份验证][2fa]。{% endif %}
-
-{% ifversion ghes %}
-## {% data variables.product.prodname_actions %}
-
-{% data reusables.actions.actions-audit-events-for-enterprise %}
-
-{% endif %}
-
-## 挂钩
-
-| 操作                    | 描述          |
-| --------------------- | ----------- |
-| `hook.create`         | 已向仓库添加新挂钩。  |
-| `hook.config_changed` | 已更改挂钩的配置。   |
-| `hook.destroy`        | 已删除挂钩。      |
-| `hook.events_changed` | 已更改挂钩的配置事件。 |
-
-## 企业配置设置
-
-| 操作                                                      | 描述                                                                                                                                                                                                                                                      |
-| ------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |{% ifversion ghes or ghae %}
-| `business.advanced_security_policy_update`              | 站点管理员创建、更新或删除 {% data variables.product.prodname_GH_advanced_security %} 策略。 更多信息请参阅“[在企业中执行 {% data variables.product.prodname_advanced_security %} 的策略](/admin/policies/enforcing-policies-for-advanced-security-in-your-enterprise)”。{% endif %}
-| `business.clear_members_can_create_repos`               | 站点管理员取消了对在企业中的组织中创建仓库的限制。 更多信息请参阅“[在企业中实施仓库管理策略](/admin/policies/enforcing-repository-management-policies-in-your-enterprise#setting-a-policy-for-repository-creation)”。{% ifversion ghes > 3.1 %}
-| `business.referrer_override_enable`                     | 站点管理员可以改写推荐策略。 更多信息请参阅“[配置企业的推荐策略](/admin/configuration/configuring-your-enterprise/configuring-the-referrer-policy-for-your-enterprise)”。                                                                                                              |
-| `business.referrer_override_disable`                    | 站点管理员可以禁用推荐策略。 更多信息请参阅“[配置企业的推荐策略](/admin/configuration/configuring-your-enterprise/configuring-the-referrer-policy-for-your-enterprise)”。{% endif %}
-| `business.update_member_repository_creation_permission` | 站点管理员限制在企业中的组织中创建仓库。 更多信息请参阅“[在企业中实施仓库管理策略](/admin/policies/enforcing-repository-management-policies-in-your-enterprise#setting-a-policy-for-repository-creation)”。{% ifversion ghes %}
-| `enterprise.config.lock_anonymous_git_access`           | 站点管理员锁定匿名 Git 读取权限，以防止仓库管理员更改该企业中仓库的现有匿名 Git 读取权限设置。 更多信息请参阅“[在企业中实施仓库管理策略](/admin/policies/enforcing-repository-management-policies-in-your-enterprise#configuring-anonymous-git-read-access)”。                                                        |
-| `enterprise.config.unlock_anonymous_git_access`         | 站点管理员解锁匿名 Git 读取权限，以允许仓库管理员更改该企业中仓库的现有匿名 Git 读取权限设置。 更多信息请参阅“[在企业中实施仓库管理策略](/admin/policies/enforcing-repository-management-policies-in-your-enterprise#configuring-anonymous-git-read-access)”。{% endif %}
-
-{% ifversion ghae %}
-
-## IP 允许列表
-
-|                                         名称 | 描述                                                                    |
-| ------------------------------------------:| --------------------------------------------------------------------- |
-|               `ip_allow_list_entry.create` | IP 地址已添加到 IP 允许列表中。                                                   |
-|               `ip_allow_list_entry.update` | IP 地址或描述已更改。                                                          |
-|              `ip_allow_list_entry.destroy` | IP 地址已从 IP 允许列表中删除。                                                   |
-|                     `ip_allow_list.enable` | IP 允许列表已启用。                                                           |
-|  `ip_allow_list.enable_for_installed_apps` | 已为安装的 {% data variables.product.prodname_github_apps %} 启用 IP 允许列表。 |
-|                    `ip_allow_list.disable` | IP 允许列表已禁用。                                                           |
-| `ip_allow_list.disable_for_installed_apps` | 已为安装的 {% data variables.product.prodname_github_apps %} 禁用 IP 允许列表。 |
-
-{% endif %}
-
-## 议题
-
-| 操作                     | 描述                                                                                  |
-| ---------------------- | ----------------------------------------------------------------------------------- |
-| `issue.update`         | 问题的正文文本（初始注释）已更改。                                                                   |
-| `issue_comment.update` | 已更改问题的正文文本（初始注释）。                                                                   |
-| `issue.destroy`        | 已从仓库中删除问题。 更多信息请参阅“[删除议题](/github/managing-your-work-on-github/deleting-an-issue)”。 |
-
-## 组织
-
-| 操作                 | 描述                                                                                                                                           |
-| ------------------ | -------------------------------------------------------------------------------------------------------------------------------------------- |
-| `org.async_delete` | 用户发起了删除组织的后台作业。                                                                                                                              |
-| `org.delete`       | 用户发起的背景作业删除了组织。{% ifversion not ghae %}
-| `org.transform`    | 已将用户帐户转换为组织。 更多信息请参阅“[将用户转换为组织](/github/setting-up-and-managing-your-github-user-account/converting-a-user-into-an-organization)”{% endif %}
-
-## 拉取请求
-
-| 操作 | 描述n | | :- | :- |{% ifversion ghes > 3.1 or ghae %} | `pull_request.create` | 创建了拉取请求。 更多信息请参阅“[创建拉取请求](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-a-pull-request)”。 | | `pull_request.close` | 关闭了拉取请求而未合并。 更多信息请参阅“[关闭拉取请求](/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/closing-a-pull-request)”。 | | `pull_request.reopen` | 重新打开了之前关闭的拉取请求。 | | `pull_request.merge` | 合并了拉取请求。 更多信息请参阅“[合并拉取请求](/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/merging-a-pull-request)”。 | | `pull_request.indirect_merge` | 考虑合并拉取请求，因为拉取请求的提交已合并到目标分支。 | | `pull_request.ready_for_review` | 拉取请求标记为可供审查。 更多信息请参阅“[更改拉取请求的阶段](/github/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/changing-the-stage-of-a-pull-request#marking-a-pull-request-as-ready-for-review)”。 | | `pull_request.converted_to_draft` | 拉取请求转换为草稿。 更多信息请参阅“[更改拉取请求的阶段](/github/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/changing-the-stage-of-a-pull-request#converting-a-pull-request-to-a-draft)”。 | | `pull_request.create_review_request` | 请求对拉取请求的审查。 更多信息请参阅“[关于拉取请求审查](/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/about-pull-request-reviews)”。 | | `pull_request.remove_review_request` | 从拉取请求删除审查请求。 更多信息请参阅“[关于拉取请求审查](/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/about-pull-request-reviews)”。 | | `pull_request_review.submit` | 为拉取请求提交审查。 更多信息请参阅“[关于拉取请求审查](/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/about-pull-request-reviews)”。 | | `pull_request_review.discute` | 撤销对拉取请求的审查。 更多信息请参阅“[忽略拉取请求审查](/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/dismissing-a-pull-request-review)”。 | | `pull_request_review.delete` | 删除对拉取请求的审查。 | | `pull_request_review_comment.create` | 审查评论添加到拉取请求。 更多信息请参阅“[关于拉取请求审查](/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/about-pull-request-reviews)”。 | | `pull_request_review_comment.update` | 更改拉取请求上的审查评论。 |{% endif %} | `pull_request_review_comment.delete` | 删除了拉取请求上的审查评论。 |
-
-## 受保护分支
-
-| 操作                                                                 | 描述                                                      |
-| ------------------------------------------------------------------ | ------------------------------------------------------- |
-| `protected_branch.create`                                          | 已在分支上启用分支保护。                                            |
-| `protected_branch.destroy`                                         | 已在分支上禁用分支保护。                                            |
-| `protected_branch.update_admin_enforced`                           | 已为仓库管理员强制执行分支保护。                                        |
-| `protected_branch.update_require_code_owner_review`                | 已在分支上更新必需代码所有者审查的强制执行。                                  |
-| `protected_branch.dismiss_stale_reviews`                           | 已在分支上更新忽略旧拉取请求的强制执行。                                    |
-| `protected_branch.update_signature_requirement_enforcement_level`  | 已在分支上更新必需提交签名的强制执行。                                     |
-| `protected_branch.update_pull_request_reviews_enforcement_level`   | 已在分支上更新必需拉取请求审查的强制执行。 可以是 `0`（已停用）、`1`（非管理员）`2`（所有人）之一。 |
-| `protected_branch.update_required_status_checks_enforcement_level` | 已在分支上更新必需状态检查的强制执行。                                     |
-| `protected_branch.rejected_ref_update`                             | 分支更新尝试被拒。                                               |
-| `protected_branch.policy_override`                                 | 分支保护要求被仓库管理员覆盖。                                         |
-
-## 仓库
-
-| 操作                                         | 描述                                                                                                                                                                                                        |
-| ------------------------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-| `repo.access`                              | 仓库的可见性已更改为私有{% ifversion ghes %}、公共{% endif %} 或内部。                                                                                                                                                       |
-| `repo.archived`                            | 已存档仓库。 更多信息请参阅“[存档 {% data variables.product.prodname_dotcom %} 仓库](/github/creating-cloning-and-archiving-repositories/archiving-a-github-repository)”。                                                  |
-| `repo.add_member`                          | 已向仓库添加协作者。                                                                                                                                                                                                |
-| `repo.config`                              | 站点管理员已阻止强制推送。 更多信息请参阅“[阻止对仓库进行强制推送](/enterprise/{{ currentVersion }}/admin/guides/developer-workflow/blocking-force-pushes-to-a-repository/)”。                                                            |
-| `repo.create`                              | 已创建仓库。                                                                                                                                                                                                    |
-| `repo.destroy`                             | 已删除仓库。                                                                                                                                                                                                    |
-| `repo.remove_member`                       | 已从仓库中移除协作者。                                                                                                                                                                                               |
-| `repo.rename`                              | 已重命名仓库。                                                                                                                                                                                                   |
-| `repo.transfer`                            | 用户已接受接收传输仓库的请求。                                                                                                                                                                                           |
-| `repo.transfer_start`                      | 用户已发送向另一用户或组织传输仓库的请求。                                                                                                                                                                                     |
-| `repo.unarchived`                          | 已取消存档仓库。 更多信息请参阅“[存档 {% data variables.product.prodname_dotcom %} 仓库](/github/creating-cloning-and-archiving-repositories/archiving-a-github-repository)”。{% ifversion ghes %}
-| `repo.config.disable_anonymous_git_access` | 已为仓库禁用匿名 Git 读取权限。 更多信息请参阅“[为仓库启用匿名 Git 读取权限](/enterprise/{{ currentVersion }}/user/articles/enabling-anonymous-git-read-access-for-a-repository)。”                                                       |
-| `repo.config.enable_anonymous_git_access`  | 已为仓库启用匿名 Git 读取权限。 更多信息请参阅“[为仓库启用匿名 Git 读取权限](/enterprise/{{ currentVersion }}/user/articles/enabling-anonymous-git-read-access-for-a-repository)。”                                                       |
-| `repo.config.lock_anonymous_git_access`    | 已锁定仓库的匿名 Git 读取权限设置，阻止仓库管理员更改（启用或禁用）此设置。 更多信息请参阅“[阻止用户更改匿名 Git 读取权限](/enterprise/{{ currentVersion }}/admin/guides/user-management/preventing-users-from-changing-anonymous-git-read-access)”。            |
-| `repo.config.unlock_anonymous_git_access`  | 已解锁仓库的匿名 Git 读取权限设置，允许仓库管理员更改（启用或禁用）此设置。 更多信息请参阅“[阻止用户更改匿名 Git 读取权限](/enterprise/{{ currentVersion }}/admin/guides/user-management/preventing-users-from-changing-anonymous-git-read-access)”。{% endif %}
-
-{% if secret-scanning-audit-log-custom-patterns %}
-## 秘密扫描
-
-| 操作 | 描述                                                                                                                                                                                                                                                                                                                                                  |
-| -- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-|    | `business_secret_scanning_custom_pattern.create` | Triggered when an enterprise-level custom pattern is published for secret scanning. For more information, see "[Defining custom patterns for secret scanning](/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#defining-a-custom-pattern-for-an-enterprise-account)." |
-|    | `business_secret_scanning_custom_pattern.update` | Triggered when changes to an enterprise-level custom pattern are saved for secret scanning.                                                                                                                                                                                                      |
-|    | `business_secret_scanning_custom_pattern.delete` | Triggered when an enterprise-level custom pattern is removed from secret scanning.                                                                                                                                                                                                               |
-{% endif %}
-
-## 站点管理员工具
-
-| 操作                      | 描述                                                                    |
-| ----------------------- | --------------------------------------------------------------------- |
-| `staff.disable_repo`    | 站点管理员已禁用对仓库及其所有复刻的访问。                                                 |
-| `staff.enable_repo`     | 站点管理员重新启用了对仓库及其所有复刻的访问权限。{% ifversion ghae or ghes > 3.2 %}
-| `staff.exit_fake_login` | 站点管理员在 {% data variables.product.product_name %} 上结束了模拟会话。            |
-| `staff.fake_login`      | 站点管理员以另一用户的身份登录 {% data variables.product.product_name %}。{% endif %}
-| `staff.repo_unlock`     | 站点管理员已解锁（临时获得完全访问权限）用户的一个私有仓库。                                        |
-| `staff.unlock`          | 站点管理员已解锁（临时获得完全访问权限）用户的所有私有仓库。                                        |
-
-## 团队
-
-| 操作                        | 描述                                          |
-| ------------------------- | ------------------------------------------- |
-| `team.create`             | 已向团队添加用户帐户或仓库。                              |
-| `team.delete`             | 用户帐户或仓库已从团队中删除。{% ifversion ghes or ghae %}
-| `team.demote_maintainer`  | 用户从团队维护员降级为团队成员。{% endif %}
-| `team.destroy`            | 团队被删除。{% ifversion ghes or ghae %}
-| `team.promote_maintainer` | 用户从团队成员晋升为团队维护员。{% endif %}
-
-## 用户
-
-| 操作                              | 描述                                                                                                            |
-| ------------------------------- | ------------------------------------------------------------------------------------------------------------- |
-| `user.add_email`                | 已向用户帐户添加电子邮件地址。                                                                                               |
-| `user.async_delete`             | 异步作业已开始破坏用户帐户，最终触发 `user.delete`。{% ifversion ghes %}
-| `user.change_password`          | 用户已更改其密码。{% endif %}
-| `user.create`                   | 已创建新的用户帐户。                                                                                                    |
-| `user.delete`                   | 已通过异步作业销毁用户帐户。                                                                                                |
-| `user.demote`                   | 已将站点管理员降级为普通用户帐户。                                                                                             |
-| `user.destroy`                  | 用户已删除其帐户，触发 `user.async_delete`。{% ifversion ghes %}
-| `user.failed_login`             | 用户尝试登录时使用的用户名、密码或双重身份验证码不正确。                                                                                  |
-| `user.forgot_password`          | 用户通过登录页面请求了密码重置。{% endif %}
-| `user.login`                    | 用户已登录。{% ifversion ghes or ghae %}
-| `user.mandatory_message_viewed` | 用户查看必读消息（详情请参阅“[自定义用户消息](/admin/user-management/customizing-user-messages-for-your-enterprise)”）| {% endif %}
-| `user.promote`                  | 已将普通用户帐户升级为站点管理员。                                                                                             |
-| `user.remove_email`             | 已从用户帐户中移除电子邮件地址。                                                                                              |
-| `user.rename`                   | 已更改用户名。                                                                                                       |
-| `user.suspend`                  | 用户帐户被站点管理员暂停。{% ifversion ghes %}
-| `user.two_factor_requested`     | 已提示用户输入双重身份验证码。{% endif %}
-| `user.unsuspend`                | 站点管理员已取消挂起用户帐户。                                                                                               |
-
-{% ifversion ghes > 3.1 or ghae %}
-## 工作流程
-
-{% data reusables.actions.actions-audit-events-workflow %}
-{% endif %}
-
-  [add key]: /articles/adding-a-new-ssh-key-to-your-github-account
-  [部署密钥]: /guides/managing-deploy-keys/#deploy-keys
-  [generate token]: /articles/creating-an-access-token-for-command-line-use
-  [OAuth 访问令牌]: /developers/apps/authorizing-oauth-apps
-  [OAuth 应用程序]: /guides/basics-of-authentication/#registering-your-app
-  [2fa]: /articles/about-two-factor-authentication

translations/zh-CN/content/admin/user-management/monitoring-activity-in-your-enterprise/index.md

@@ -1,23 +0,0 @@
----
-title: 监控企业中的活动
-intro: 您可以利用企业中的仪表板和日志查看活动。
-redirect_from:
-  - /enterprise/admin/installation/monitoring-activity-on-your-github-enterprise-server-instance
-  - /enterprise/admin/user-management/monitoring-activity-in-your-enterprise
-versions:
-  ghec: '*'
-  ghes: '*'
-  ghae: '*'
-topics:
-  - Enterprise
-children:
-  - /activity-dashboard
-  - /audit-logging
-  - /searching-the-audit-log
-  - /audited-actions
-  - /viewing-push-logs
-  - /log-forwarding
-  - /managing-global-webhooks
-shortTitle: 监控企业
----
-

translations/zh-CN/content/admin/user-management/monitoring-activity-in-your-enterprise/searching-the-audit-log.md

@@ -1,51 +0,0 @@
----
-title: 搜索审核日志
-intro: 站点管理员可以在企业上搜索已审核操作的广泛列表。
-redirect_from:
-  - /enterprise/admin/articles/searching-the-audit-log
-  - /enterprise/admin/installation/searching-the-audit-log
-  - /enterprise/admin/user-management/searching-the-audit-log
-  - /admin/user-management/searching-the-audit-log
-versions:
-  ghes: '*'
-  ghae: '*'
-type: how_to
-topics:
-  - Auditing
-  - Enterprise
-  - Logging
----
-
-## 搜索查询语法
-
-由一个或多个键值对（以 AND/OR 逻辑运算符分隔）构成一个搜索查询。
-
-|              键 | 值                         |
-| --------------:| ------------------------- |
-|     `actor_id` | 发起操作的用户帐户的 ID             |
-|        `actor` | 发起操作的用户帐户的名称              |
-| `oauth_app_id` | 与操作相关联的 OAuth 应用程序的 ID    |
-|       `action` | 已审核操作的名称                  |
-|      `user_id` | 受操作影响的用户的 ID              |
-|           `用户` | 受操作影响的用户的名称               |
-|      `repo_id` | 受操作影响的仓库的 ID（若适用）         |
-|         `repo` | 受操作影响的仓库的名称（若适用）          |
-|     `actor_ip` | 发起操作的 IP 地址               |
-|   `created_at` | 操作发生的时间                   |
-|         `from` | 发起操作的视图                   |
-|         `note` | 事件特定的其他信息（采用纯文本或 JSON 格式） |
-|          `org` | 受操作影响的组织的名称（若适用）          |
-|       `org_id` | 受操作影响的组织的 ID（若适用）         |
-
-例如，要查看自 2017 年初开始影响仓库 `octocat/Spoon-Knife` 的所有操作：
-
-  `repo:"octocat/Spoon-Knife" AND created_at:[2017-01-01 TO *]`
-
-有关操作的完整列表，请参阅“[审核的操作](/admin/user-management/audited-actions)”。
-
-## 搜索审核日志
-
-{% data reusables.enterprise-accounts.access-enterprise %}
-{% data reusables.enterprise-accounts.settings-tab %}
-{% data reusables.enterprise-accounts.audit-log-tab %}
-4. 输入搜索查询。 ![搜索查询](/assets/images/enterprise/site-admin-settings/search-query.png)

translations/zh-CN/content/authentication/authenticating-with-saml-single-sign-on/authorizing-a-personal-access-token-for-use-with-saml-single-sign-on.md

@@ -15,6 +15,8 @@ shortTitle: 使用 SAML 的 PAT
 
 您可以授权现有的个人访问令牌，或者[创建新的个人访问令牌](/github/authenticating-to-github/creating-a-personal-access-token)，然后再授权。
 
+{% data reusables.saml.must-authorize-linked-identity %}
+
 {% data reusables.saml.authorized-creds-info %}
 
 {% data reusables.user-settings.access_settings %}

translations/zh-CN/content/authentication/authenticating-with-saml-single-sign-on/authorizing-an-ssh-key-for-use-with-saml-single-sign-on.md

@@ -15,6 +15,8 @@ shortTitle: 使用 SAML 的 SSH 密钥
 
 您可以授权现有 SSH 密钥，或者创建新 SSH 密钥后再授权。 有关创建新 SSH 密钥的更多信息，请参阅“[生成新的 SSH 密钥并添加到 ssh-agent](/articles/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent)”。
 
+{% data reusables.saml.must-authorize-linked-identity %}
+
 {% data reusables.saml.authorized-creds-info %}
 
 {% note %}

translations/zh-CN/content/authentication/managing-commit-signature-verification/telling-git-about-your-signing-key.md

@@ -97,7 +97,7 @@ shortTitle: 将您的签名密钥告诉 Git
 {% data reusables.gpg.list-keys-with-note %}
 {% data reusables.gpg.copy-gpg-key-id %}
 {% data reusables.gpg.paste-gpg-key-id %}
-1. To add your GPG key to your `.bashrc` startup file, run the following command:
+1. 要将 GPG 密钥添加到您的 `.bashrc` 配置文件中，请运行以下命令：
   ```bash
   $ [ -f ~/.bashrc ] && echo 'export GPG_TTY=$(tty)' >> ~/.bashrc
   ```

translations/zh-CN/content/billing/managing-billing-for-your-github-account/one-time-payments-for-customers-in-india.md

@@ -19,48 +19,48 @@ shortTitle: 印度一次性付款
 印度储备银行 (RBI) 的一项新支付法规最近生效。 该法规对经常性在线交易提出了额外的要求，并阻止印度一些 {% data variables.product.company_short %} 客户进行定期付款。 对 {% data variables.product.product_name %} 上的任何定期交易使用印度颁布的付款方式的客户，可能会发现他们的付款被银行或发卡机构拒绝。 更多信息请参阅 [RBI 的新闻稿](https://www.rbi.org.in/Scripts/BS_PressReleaseDisplay.aspx?prid=51353)。
 
 该法规适用于所有经常性交易，包括：
-- {% data variables.product.prodname_dotcom %} plan subscriptions (Pro, Team, Enterprise)
-- {% data variables.product.prodname_marketplace %} purchases
-- {% data variables.product.prodname_sponsors %} transactions
-- Git Large File Storage purchases
-- {% data variables.product.prodname_actions %}, {% data variables.product.prodname_registry %}, and {% data variables.product.prodname_codespaces %} consumption
+- {% data variables.product.prodname_dotcom %} 计划订阅（专业版、团队版、企业版）
+- {% data variables.product.prodname_marketplace %} 购买
+- {% data variables.product.prodname_sponsors %} 交易
+- Git Large File Storage 购买
+- {% data variables.product.prodname_actions %}、{% data variables.product.prodname_registry %} 和 {% data variables.product.prodname_codespaces %} 的使用
 
-In order to minimize disruption, recurring payments for our affected customers were paused on October 29th, 2021. Paid features and services have remained available to customers impacted by the RBI regulation.
+为了尽量减少中断，受影响客户的定期付款已于 2021 年 10 月 29 日暂停。 受 RBI 法规影响的客户仍然可以使用付费功能和服务。
 
-## About one-time payments on {% data variables.product.company_short %}
+## 关于 {% data variables.product.company_short %} 的一次性付款
 
-As we work with our payment gateway provider to meet the new requirements, we are providing a temporary one-time payment option for impacted customers in India. From February 15th 2022, {% data variables.product.company_short %} customers in India who have been affected by the new RBI regulation will be able to make one-time payments on their regular billing cycle cadence.
+随着我们与支付网关提供商合作以满足新要求，我们为印度受影响的客户提供临时的一次性付款选项。 从 2022 年 2 月 15 日起，受新 RBI 法规影响的印度 {% data variables.product.company_short %} 客户将能够按照其常规计费周期节奏进行一次性付款。
 
-### For customers on monthly billing
+### 对于按月计费的客户
 
-Customers on monthly billing plans will be able to make a one-time payment on the same day their billing cycle usually renews. For example, if you're usually billed on the 7th of each month, you will now be able to make a one-time payment from your account from the 7th of each month. Your first one-time payment will also include any accrued usage from October 2021 onwards.
+使用月度计费计划的客户将能够在其计费周期通常续订的同一天进行一次性付款。 例如，如果您通常在每月 7 日向您收费，那么现在可以从每月 7 日开始用您的帐户一次性付款。 您的首次一次性付款还将包括 2021 年 10 月起的任何累积使用量。
 
-If you are currently billed monthly, and would like to switch to yearly billing, you can reduce the frequency of your one-time payments. For more information, see "[Changing the duration of your billing cycle](/en/billing/managing-your-github-billing-settings/changing-the-duration-of-your-billing-cycle)."
+如果您目前按月计费，并希望切换到按年计费，则可以减少一次性付款的频率。 更多信息请参阅“[更改计费周期的持续时间](/en/billing/managing-your-github-billing-settings/changing-the-duration-of-your-billing-cycle)”。
 
-### For customers on yearly billing
+### 对于按年计费的客户
 
-If you are billed yearly, and your renewal date was between October 1st, 2021 and February 14th, 2022, you will be able to make a one-time payment for your annual subscriptions from February 15th. This initial payment will include the prorated outstanding cost of your subscription for the period since your previous billing cycle ended.
+如果您按年计费，并且您的续订日期在 2021 年 10 月 1 日至 2022 年 2 月 14 日之间，则从 2 月 15 日起，您可以一次性支付年度订阅费用。 此初始付款将包括自上一个结算周期结束以来按比例计算的订阅未付费用。
 
-If your billing cycle is due to renew after February 15th, we will attempt to take the recurring payment. If the payment attempt is declined, you will then be able to make a one-time payment through your account's billing page.
+如果您的结算周期将在 2 月 15 日之后续订，我们将尝试定期付款。 如果付款尝试被拒绝，您将能够通过帐户的结算页面进行一次性付款。
 
-In the meantime, we are actively working with our payment partners to restore recurring payments for impacted customers. For more information or questions, you can contact [GitHub Support](https://support.github.com/contact).
+与此同时，我们正在积极与我们的支付合作伙伴合作，为受影响的客户恢复经常性付款。 如需更多信息或有疑问，您可以联系 [GitHub 支持](https://support.github.com/contact)。
 
-### Impact to {% data variables.product.prodname_sponsors %}
+### 对 {% data variables.product.prodname_sponsors %} 的影响
 
-Existing sponsorships will remain in place during this period and maintainers will continue to be paid out as expected. Payments for the accrued sponsorship amounts from the funding account will be collected at the same time as other accrued charges.
+在此期间，现有的赞助将继续存在，维护者将继续按预期获得报酬。 从赞助帐户中支付的应计赞助金额将与其他应计费用同时收取。
 
-## Making a one-time payment for a GitHub subscription
+## 为 GitHub 订阅进行一次性付款
 
 {% note %}
 
-**Note**: Affected customers will receive an email notification with a link to their billing settings when payment is due. Two further reminder emails will be sent 7 and 14 days later if payment has not been made. After 14 days, paid features and services will be locked until payment is made.
+**注意**：付款到期时，受影响的客户将收到一封电子邮件通知，其中包含指向其结算设置的链接。 如果未付款，将在 7 天和 14 天后再发送两封提醒电子邮件。 14 天后，付费功能和服务将被锁定，直到付款为止。
 
 {% endnote %}
 
 {% data reusables.user-settings.access_settings %}
 {% data reusables.user-settings.billing_plans %}
-3. At the top of the page, click **Pay now**. ![One-time payment pay now button](/assets/images/help/billing/pay-now-button.png)
-4. Review your billing and payment information. If you need to make an edit, click **Edit** next to the relevant section. Otherwise, click **Submit payment**. ![One-time payment summary](/assets/images/help/billing/payment-summary.png)
-5. Optionally, if you clicked **Edit**, make any necessary changes, and then click **Submit payment**. ![One-time payment edit summary](/assets/images/help/billing/payment-summary-edit.png)
-6. Once payment for the current billing cycle has been successfully made, the **Pay now** button on your "Billing & plans" page will be disabled until your next payment is due. ![One-time payment pay now button disabled](/assets/images/help/billing/pay-now-button-disabled.png)
+3. 在页面顶部，单击 **Pay now（立即付款）**。 ![一次性付款立即付款按钮](/assets/images/help/billing/pay-now-button.png)
+4. 查看您的帐单和付款信息。 如果您需要进行编辑，请点击相关部分旁边的 **Edit（编辑）**。 否则，请单击 **Submit payment（提交付款）**。 ![一次性付款摘要](/assets/images/help/billing/payment-summary.png)
+5. （可选）如果您单击了 **Edit（编辑）**，请进行任何必要的更改，然后单击 **Submit payment（提交付款）**。 ![一次性付款编辑摘要](/assets/images/help/billing/payment-summary-edit.png)
+6. 成功支付当前结算周期的款项后，“Billing & plans（结算和计划）”页面上的 **Pay now（立即付款）**按钮将被停用，直到您的下一次付款到期。 ![一次性付款立即付款按钮已禁用](/assets/images/help/billing/pay-now-button-disabled.png)
   

translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning.md

@@ -96,7 +96,7 @@ By default, only alerts with the severity level of `Error`{% ifversion fpt or gh
 
 {% data reusables.repositories.navigate-to-repo %}
 {% data reusables.repositories.sidebar-settings %}
-{% data reusables.repositories.navigate-to-security-and-analysis %}
+{% data reusables.repositories.navigate-to-code-security-and-analysis %}
 1. Under "Code scanning", to the right of "Check Failure", use the drop-down menu to select the level of severity you would like to cause a pull request check failure. 
 {% ifversion fpt or ghes > 3.1  or ghae or ghec %}
 ![Check failure setting](/assets/images/help/repository/code-scanning-check-failure-setting.png)

translations/zh-CN/content/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates.md

@@ -68,7 +68,7 @@ You can also enable or disable {% data variables.product.prodname_dependabot_sec
 
 {% data reusables.repositories.navigate-to-repo %}
 {% data reusables.repositories.sidebar-settings %}
-{% data reusables.repositories.navigate-to-security-and-analysis %}
+{% data reusables.repositories.navigate-to-code-security-and-analysis %}
 1. Under "Code security and analysis", to the right of "{% data variables.product.prodname_dependabot %} security updates", click **Enable** to enable the feature or **Disable** to disable it. {% ifversion fpt or ghec %}For public repositories, the button is disabled if the feature is always enabled.{% endif %}
   {% ifversion fpt or ghec %}!["Code security and analysis" section with button to enable {% data variables.product.prodname_dependabot_security_updates %}](/assets/images/help/repository/enable-dependabot-security-updates-button.png){% else %}!["Code security and analysis" section with button to enable {% data variables.product.prodname_dependabot_security_updates %}](/assets/images/enterprise/3.3/repository/security-and-analysis-disable-or-enable-ghes.png){% endif %}
 

translations/zh-CN/content/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates.md

@@ -49,7 +49,7 @@ shortTitle: Dependabot 版本更新
 如果您启用了安全更新，有时会看到额外的安全更新拉取请求。 这些由默认分支上依赖项的 {% data variables.product.prodname_dependabot %} 警报所触发。 {% data variables.product.prodname_dependabot %} 自动提出拉取请求以更新有漏洞的依赖项。
 
 ## 支持的仓库和生态系统
-<!-- If you make changes to this feature, update /getting-started-with-github/github-language-support to reflect any changes to supported repositories or ecosystems. -->
+<!-- If you make changes to this feature, check whether any of the changes affect languages listed in /get-started/learning-about-github/github-language-support. If so, please update the language support article accordingly. -->
 
 您可以为包含其中一个受支持包管理器的依赖项清单或锁定文件的仓库配置版本更新。 对于某些软件包管理器，您也可以配置依赖项的供应。 For more information, see "[Configuration options for the dependabot.yml file](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates#vendor)."
 {% note %}

translations/zh-CN/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md

@@ -33,35 +33,37 @@ shortTitle: Configure dependabot.yml
 
 下次安全警报触发安全更新的拉取请求时将使用所有同时影响安全更新的选项。  更多信息请参阅“[配置 {% data variables.product.prodname_dependabot_security_updates %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-dependabot-security-updates)。”
 
-*dependabot.yml* 文件有两个必需的顶级密钥：`version` 和 `updates`。 您可以选择性包括一个顶级`注册表`键。 该文件必须以 `version: 2` 开头。
+*dependabot.yml* 文件有两个必需的顶级密钥：`version` 和 `updates`。 You can, optionally, include a top-level `registries` key{% ifversion fpt or ghec or ghes > 3.4 %} and/or a `enable-beta-ecosystems` key{% endif %}. 该文件必须以 `version: 2` 开头。
 
 ## 更新的配置选项
 
 顶级 `updates` 密钥是必需的。 您使用它来配置 {% data variables.product.prodname_dependabot %} 如何更新版本或项目的依赖项。 每个条目都为特定的包管理器配置更新设置。 您可以使用以下选项。
 
-| 选项                                                                         |  必选   | 描述                                                          |
-|:-------------------------------------------------------------------------- |:-----:|:----------------------------------------------------------- |
-| [`package-ecosystem`](#package-ecosystem)                                  | **X** | 要使用的包管理器                                                    |
-| [`目录`](#directory)                                                         | **X** | 包清单位置                                                       |
-| [`schedule.interval`](#scheduleinterval)                                   | **X** | 检查更新的频率                                                     |
-| [`allow`](#allow)                                                          |       | 自定义允许的更新                                                    |
-| [`assignees`](#assignees)                                                  |       | 要在拉取请求上设置的受让人                                               |
-| [`commit-message`](#commit-message)                                        |       | 提交消息首选项                                                     |
-| [`ignore`](#ignore)                                                        |       | 忽略某些依赖项或版本                                                  |
-| [`insecure-external-code-execution`](#insecure-external-code-execution)    |       | 允许或拒绝清单文件中的代码执行                                             |
-| [`labels`](#labels)                                                        |       | 要在拉取请求上设置的标签                                                |
-| [`里程碑`](#milestone)                                                        |       | 要在拉取请求上设置的里程碑                                               |
-| [`open-pull-requests-limit`](#open-pull-requests-limit)                    |       | 限制对版本更新打开的拉取请求数                                             |
-| [`pull-request-branch-name.separator`](#pull-request-branch-nameseparator) |       | 更改拉取请求分支名称的分隔符                                              |
-| [`rebase-strategy`](#rebase-strategy)                                      |       | 禁用自动变基                                                      |
-| [`registries`](#registries)                                                |       | {% data variables.product.prodname_dependabot %} 可以访问的私有注册表 |
-| [`reviewers`](#reviewers)                                                  |       | 要在拉取请求上设置的审查者                                               |
-| [`schedule.day`](#scheduleday)                                             |       | 检查更新的周日期                                                    |
-| [`schedule.time`](#scheduletime)                                           |       | 每天检查更新的时间 (hh:mm)                                           |
-| [`schedule.timezone`](#scheduletimezone)                                   |       | 一天中时间的时区（区域标识符）                                             |
-| [`target-branch`](#target-branch)                                          |       | 对其创建拉取请求的分支                                                 |
-| [`vendor`](#vendor)                                                        |       | 更新供应或缓存的依赖项                                                 |
-| [`versioning-strategy`](#versioning-strategy)                              |       | 如何更新清单版本要求                                                  |
+| 选项                                                                         |  必选   | 描述                                                                                     |
+|:-------------------------------------------------------------------------- |:-----:|:-------------------------------------------------------------------------------------- |
+| [`package-ecosystem`](#package-ecosystem)                                  | **X** | 要使用的包管理器                                                                               |
+| [`目录`](#directory)                                                         | **X** | 包清单位置                                                                                  |
+| [`schedule.interval`](#scheduleinterval)                                   | **X** | 检查更新的频率                                                                                |
+| [`allow`](#allow)                                                          |       | 自定义允许的更新                                                                               |
+| [`assignees`](#assignees)                                                  |       | 要在拉取请求上设置的受让人                                                                          |
+| [`commit-message`](#commit-message)                                        |       | Commit message preferences                  |{% ifversion fpt or ghec or ghes > 3.4 %}
+| [`enable-beta-ecosystems`](#enable-beta-ecosystems)                        |       | Enable ecosystems that have beta-level support 
+{% endif %}
+| [`ignore`](#ignore)                                                        |       | 忽略某些依赖项或版本                                                                             |
+| [`insecure-external-code-execution`](#insecure-external-code-execution)    |       | 允许或拒绝清单文件中的代码执行                                                                        |
+| [`labels`](#labels)                                                        |       | 要在拉取请求上设置的标签                                                                           |
+| [`里程碑`](#milestone)                                                        |       | 要在拉取请求上设置的里程碑                                                                          |
+| [`open-pull-requests-limit`](#open-pull-requests-limit)                    |       | 限制对版本更新打开的拉取请求数                                                                        |
+| [`pull-request-branch-name.separator`](#pull-request-branch-nameseparator) |       | 更改拉取请求分支名称的分隔符                                                                         |
+| [`rebase-strategy`](#rebase-strategy)                                      |       | 禁用自动变基                                                                                 |
+| [`registries`](#registries)                                                |       | {% data variables.product.prodname_dependabot %} 可以访问的私有注册表                            |
+| [`reviewers`](#reviewers)                                                  |       | 要在拉取请求上设置的审查者                                                                          |
+| [`schedule.day`](#scheduleday)                                             |       | 检查更新的周日期                                                                               |
+| [`schedule.time`](#scheduletime)                                           |       | 每天检查更新的时间 (hh:mm)                                                                      |
+| [`schedule.timezone`](#scheduletimezone)                                   |       | 一天中时间的时区（区域标识符）                                                                        |
+| [`target-branch`](#target-branch)                                          |       | 对其创建拉取请求的分支                                                                            |
+| [`vendor`](#vendor)                                                        |       | 更新供应或缓存的依赖项                                                                            |
+| [`versioning-strategy`](#versioning-strategy)                              |       | 如何更新清单版本要求                                                                             |
 
 这些选项大致分为以下类别。
 
@@ -302,7 +304,6 @@ updates:
       prefix-development: "pip dev"
       include: "scope"
 ```
-
 ### `ignore`
 
 {% data reusables.dependabot.default-dependencies-allow-ignore %}
@@ -330,7 +331,7 @@ updates:
 {% data reusables.dependabot.option-affects-security-updates %}
 
 ```yaml
-# Use `ignore` to specify dependencies that should not be updated 
+# Use `ignore` to specify dependencies that should not be updated
 
 version: 2
 updates:
@@ -356,6 +357,15 @@ updates:
 
 {% endnote %}
 
+{% ifversion fpt or ghec or ghes > 3.4 %}
+{% note %}
+
+**Note**: For the `pub` ecosystem, {% data variables.product.prodname_dependabot %} won't perform an update when the version that it tries to update to is ignored, even if an earlier version is available.
+
+{% endnote %}
+
+{% endif %}
+
 ### `insecure-external-code-execution`
 
 作为版本更新过程的一部分，具有 `package-ecosystem` 值 `bundler`、`mix` 和 `pip` 的包管理器可以在清单中执行外部代码。 这可能允许受损害的软件包窃取凭据或访问已配置的注册。 当您在 `updates` 配置中添加 [`registries`](#registries) 设置时，{% data variables.product.prodname_dependabot %} 自会动阻止外部代码执行，在这种情况下，版本更新可能失败。 您可以选择覆盖此行为，并将 `insecure-external-code-execution` 设置为 `allow`，以允许 `bundler`、`mix` 和 `pip` 包管理器的执行。
@@ -504,7 +514,7 @@ updates:
 要允许 {% data variables.product.prodname_dependabot %} 使用 `bundler`、`mix` 和 `pip` 包管理器来更新私人注册表中的依赖项，您可以选择允许外部代码执行。 更多信息请参阅上面的 [`insecure-external-code-execution`](#insecure-external-code-execution)。
 
 ```yaml
-# Allow {% data variables.product.prodname_dependabot %} to use one of the two defined private registries 
+# Allow {% data variables.product.prodname_dependabot %} to use one of the two defined private registries
 # when updating dependency versions for this ecosystem
 
 {% raw %}
@@ -738,7 +748,7 @@ updates:
 
 version: 2
 registries:
-  dockerhub: # Define access for a private registry 
+  dockerhub: # Define access for a private registry
     type: docker-registry
     url: registry.hub.docker.com
     username: octocat
@@ -972,3 +982,23 @@ registries:
     token: ${{secrets.MY_TERRAFORM_API_TOKEN}}
 ```
 {% endraw %}
+
+{% ifversion fpt or ghec or ghes > 3.4 %}
+## Enabling support for beta-level ecosystems
+
+### `enable-beta-ecosystems`
+
+By default, {% data variables.product.prodname_dependabot %} updates the dependency manifests and lock files only for fully supported ecosystems. Use the `enable-beta-ecosystems` flag to opt in to updates for ecosystems that are not yet generally available.
+
+```yaml
+# Configure beta ecosystem
+
+version: 2
+enable-beta-ecosystems: true
+updates:
+  - package-ecosystem: "pub"
+    directory: "/"
+    schedule:
+      interval: "daily"
+```
+{% endif %}

translations/zh-CN/content/code-security/repository-security-advisories/about-coordinated-disclosure-of-security-vulnerabilities.md

@@ -65,7 +65,7 @@ shortTitle: 协调披露
 
  如果您是维护者， 您可以在管道开始时通过为您的仓库设置安全策略来掌控这一过程，或者以其他方式使安全报告说明清楚可用，例如在项目的 README 文件中。 有关添加安全策略的更多信息，请参阅“[关于安全策略](/code-security/getting-started/adding-a-security-policy-to-your-repository#about-security-policies)”。 如果没有安全策略，漏洞报告者可能会尝试向您发送电子邮件或以其他方式私下与您联系。 或者，有人可能会开一个（公共）议题讨论安全问题的细节。
 
- 作为维护者，要在您的代码中披露漏洞，请先在 {% data variables.product.prodname_dotcom %} 中软件包的仓库内创建安全通告。 {% data reusables.security-advisory.security-advisory-overview %} For more information, see "[About {% data variables.product.prodname_security_advisories %} for repositories](/code-security/repository-security-advisories/about-github-security-advisories-for-repositories)."
+ 作为维护者，要在您的代码中披露漏洞，请先在 {% data variables.product.prodname_dotcom %} 中软件包的仓库内创建安全通告。 {% data reusables.security-advisory.security-advisory-overview %} 更多信息请参阅“[关于存储库的 {% data variables.product.prodname_security_advisories %}](/code-security/repository-security-advisories/about-github-security-advisories-for-repositories)”。
 
 
- To get started, see "[Creating a repository security advisory](/code-security/repository-security-advisories/creating-a-repository-security-advisory)."
+ 要开始，请参阅“[创建仓库安全通告](/code-security/repository-security-advisories/creating-a-repository-security-advisory)”。

translations/zh-CN/content/code-security/repository-security-advisories/about-github-security-advisories-for-repositories.md

@@ -1,5 +1,5 @@
 ---
-title: About GitHub Security Advisories for repositories
+title: 关于存储库的 GitHub 安全通告
 intro: '您可以使用 {% data variables.product.prodname_security_advisories %} 来私下讨论、修复和发布有关仓库中安全漏洞的信息。'
 redirect_from:
   - /articles/about-maintainer-security-advisories
@@ -14,7 +14,7 @@ topics:
   - Security advisories
   - Vulnerabilities
   - CVEs
-shortTitle: Repository security advisories
+shortTitle: 存储库安全通告
 ---
 
 {% data reusables.repositories.security-advisory-admin-permissions %}
@@ -29,17 +29,17 @@ shortTitle: Repository security advisories
 
 通过 {% data variables.product.prodname_security_advisories %}，您可以：
 
-1. 创建安全通告草稿，并使用草稿私下讨论漏洞对项目的影响。 For more information, see "[Creating a repository security advisory](/code-security/repository-security-advisories/creating-a-repository-security-advisory)."
+1. 创建安全通告草稿，并使用草稿私下讨论漏洞对项目的影响。 更多信息请参阅“[创建存储库安全通告](/code-security/repository-security-advisories/creating-a-repository-security-advisory)”。
 2. 在临时私有复刻中私下协作以修复漏洞。
-3. 在补丁发布后发布通告向社区提醒漏洞。 For more information, see "[Publishing a repository security advisory](/code-security/repository-security-advisories/publishing-a-repository-security-advisory)."
+3. 在补丁发布后发布通告向社区提醒漏洞。 更多信息请参阅“[发布存储库安全通告](/code-security/repository-security-advisories/publishing-a-repository-security-advisory)”。
 
 {% data reusables.repositories.security-advisories-republishing %}
 
-您可以向为安全通告做出贡献的个人提供积分。 For more information, see "[Editing a repository security advisory](/code-security/repository-security-advisories/editing-a-repository-security-advisory#about-credits-for-security-advisories)."
+您可以向为安全通告做出贡献的个人提供积分。 更多信息请参阅“[编辑存储库安全通告](/code-security/repository-security-advisories/editing-a-repository-security-advisory#about-credits-for-security-advisories)”。
 
 {% data reusables.repositories.security-guidelines %}
 
-如果您在仓库中创建了安全通告，安全通告将保留在您的仓库中。 我们在 [github.com/advantores](https://github.com/advisories) 上的 {% data variables.product.prodname_advisory_database %} 发布任何由依赖关系图支持的生态系统的安全通告。 Anyone can submit a change to an advisory published in the {% data variables.product.prodname_advisory_database %}. For more information, see "[Editing security advisories in the {% data variables.product.prodname_advisory_database %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/editing-security-advisories-in-the-github-advisory-database)."
+如果您在仓库中创建了安全通告，安全通告将保留在您的仓库中。 我们在 [github.com/advantores](https://github.com/advisories) 上的 {% data variables.product.prodname_advisory_database %} 发布任何由依赖关系图支持的生态系统的安全通告。 任何人都可以提交对 {% data variables.product.prodname_advisory_database %} 中发布的通告的更改。 更多信息请参阅“[编辑 {% data variables.product.prodname_advisory_database %} 中的安全通告](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/editing-security-advisories-in-the-github-advisory-database)”。
 
 如果安全通告是专门针对 npm 的，我们也会向 npm 安全通告发布该通告。 更多信息请参阅 [npmjs.com/advisories](https://www.npmjs.com/advisories)。
 
@@ -53,7 +53,7 @@ shortTitle: Repository security advisories
 
 在 {% data variables.product.prodname_dotcom %} 上为公共仓库创建安全通告时，您可以选择为安全漏洞提供现有的 CVE 标识号。 {% data reusables.repositories.request-security-advisory-cve-id %}
 
-在您发布了安全通告并且 {% data variables.product.prodname_dotcom %} 为漏洞分配 CVE 标识号后，{% data variables.product.prodname_dotcom %} 会将 CVE 发布到 MITRE 数据库。 For more information, see "[Publishing a repository security advisory](/code-security/repository-security-advisories/publishing-a-repository-security-advisory)."
+在您发布了安全通告并且 {% data variables.product.prodname_dotcom %} 为漏洞分配 CVE 标识号后，{% data variables.product.prodname_dotcom %} 会将 CVE 发布到 MITRE 数据库。 更多信息请参阅“[发布存储库安全通告](/code-security/repository-security-advisories/publishing-a-repository-security-advisory)”。
 
 ## 对于发布的安全通告的 {% data variables.product.prodname_dependabot_alerts %}
 

translations/zh-CN/content/code-security/repository-security-advisories/adding-a-collaborator-to-a-repository-security-advisory.md

@@ -1,5 +1,5 @@
 ---
-title: Adding a collaborator to a repository security advisory
+title: 将协作者添加到仓库安全通告
 intro: 您可以添加其他用户或团队与您协作处理安全通告。
 redirect_from:
   - /articles/adding-a-collaborator-to-a-maintainer-security-advisory
@@ -14,7 +14,7 @@ topics:
   - Security advisories
   - Vulnerabilities
   - Collaboration
-shortTitle: Add collaborators
+shortTitle: 添加协作者
 ---
 
 对安全通告具有管理员权限的人员可向安全通告添加协作者。
@@ -23,11 +23,11 @@ shortTitle: Add collaborators
 
 ## 添加协作者到安全通告
 
-协作者对安全通告具有写入权限。 For more information, see "[Permission levels for repository security advisories](/code-security/repository-security-advisories/permission-levels-for-repository-security-advisories)."
+协作者对安全通告具有写入权限。 更多信息请参阅“[仓库安全通告的权限级别](/code-security/repository-security-advisories/permission-levels-for-repository-security-advisories)”。
 
 {% note %}
 
-{% data reusables.repositories.security-advisory-collaborators-public-repositories %} For more information about removing a collaborator on a security advisory, see "[Removing a collaborator from a repository security advisory](/code-security/repository-security-advisories/removing-a-collaborator-from-a-repository-security-advisory)."
+{% data reusables.repositories.security-advisory-collaborators-public-repositories %} 有关删除安全通告协作者的更多信息，请参阅“[从仓库安全通告删除协作者](/code-security/repository-security-advisories/removing-a-collaborator-from-a-repository-security-advisory)”。
 
 {% endnote %}
 
@@ -40,6 +40,6 @@ shortTitle: Add collaborators
 
 ## 延伸阅读
 
-- "[Permission levels for repository security advisories](/code-security/repository-security-advisories/permission-levels-for-repository-security-advisories)"
-- "[Collaborating in a temporary private fork to resolve a repository security vulnerability](/code-security/repository-security-advisories/collaborating-in-a-temporary-private-fork-to-resolve-a-repository-security-vulnerability)"
-- "[Removing a collaborator from a repository security advisory](/code-security/repository-security-advisories/removing-a-collaborator-from-a-repository-security-advisory)."
+- "[仓库安全通告的权限级别](/code-security/repository-security-advisories/permission-levels-for-repository-security-advisories)"
+- "[在临时私有复刻中协作以解决仓库安全漏洞](/code-security/repository-security-advisories/collaborating-in-a-temporary-private-fork-to-resolve-a-repository-security-vulnerability)"
+- “[从仓库安全通告中删除协作者](/code-security/repository-security-advisories/removing-a-collaborator-from-a-repository-security-advisory)”。

translations/zh-CN/content/code-security/repository-security-advisories/collaborating-in-a-temporary-private-fork-to-resolve-a-repository-security-vulnerability.md

@@ -1,5 +1,5 @@
 ---
-title: Collaborating in a temporary private fork to resolve a repository security vulnerability
+title: 在临时私有复刻中协作以解决仓库安全漏洞
 intro: 您可以创建临时私有复刻，以私下协作修复仓库中的安全漏洞。
 redirect_from:
   - /articles/collaborating-in-a-temporary-private-fork-to-resolve-a-security-vulnerability
@@ -21,7 +21,7 @@ shortTitle: 临时私有复刻
 
 ## 基本要求
 
-在临时私有复刻中进行协作之前，必须创建维护员通告草稿。 For more information, see "[Creating a repository security advisory](/code-security/repository-security-advisories/creating-a-repository-security-advisory)."
+在临时私有复刻中进行协作之前，必须创建维护员通告草稿。 更多信息请参阅“[创建存储库安全通告](/code-security/repository-security-advisories/creating-a-repository-security-advisory)”。
 
 ## 创建临时私有复刻
 
@@ -37,7 +37,7 @@ shortTitle: 临时私有复刻
 
 ## 将协作者添加到临时私有复刻
 
-对安全通告具有管理员权限的任何人都可以向安全通告添加其他协作者，而安全通告的协作者可以访问临时私有复刻。 For more information, see "[Adding a collaborator to a repository security advisory](/code-security/repository-security-advisories/adding-a-collaborator-to-a-repository-security-advisory)."
+对安全通告具有管理员权限的任何人都可以向安全通告添加其他协作者，而安全通告的协作者可以访问临时私有复刻。 更多信息请参阅“[添加协作者到仓库安全通告](/code-security/repository-security-advisories/adding-a-collaborator-to-a-repository-security-advisory)”。
 
 ## 将更改添加到临时私有复刻
 
@@ -79,9 +79,9 @@ shortTitle: 临时私有复刻
 4. 在“Security Advisories（安全通告）”列表中，单击要合并其更改的安全通告。 ![列表中的安全通告](/assets/images/help/security/security-advisory-in-list.png)
 5. 要合并临时私有复刻中所有打开的拉取请求，请单击 **Merge pull requests（合并拉取请求）**。 ![合并拉取请求按钮](/assets/images/help/security/merge-pull-requests-button.png)
 
-合并安全通告中的更改后，您可以发布安全通告，以提醒您的社区有关项目早期版本中安全漏洞的信息。 For more information, see "[Publishing a repository security advisory](/code-security/repository-security-advisories/publishing-a-repository-security-advisory)."
+合并安全通告中的更改后，您可以发布安全通告，以提醒您的社区有关项目早期版本中安全漏洞的信息。 更多信息请参阅“[发布存储库安全通告](/code-security/repository-security-advisories/publishing-a-repository-security-advisory)”。
 
 ## 延伸阅读
 
-- "[Permission levels for repository security advisories](/code-security/repository-security-advisories/permission-levels-for-repository-security-advisories)"
-- "[Publishing a repository security advisory](/code-security/repository-security-advisories/publishing-a-repository-security-advisory)"
+- "[仓库安全通告的权限级别](/code-security/repository-security-advisories/permission-levels-for-repository-security-advisories)"
+- "[发布存储库安全通告](/code-security/repository-security-advisories/publishing-a-repository-security-advisory)"

translations/zh-CN/content/code-security/repository-security-advisories/creating-a-repository-security-advisory.md

@@ -1,5 +1,5 @@
 ---
-title: Creating a repository security advisory
+title: 创建仓库安全通告
 intro: 您可以创建安全通告草稿，以私下讨论和修复开源项目中的安全漏洞。
 redirect_from:
   - /articles/creating-a-maintainer-security-advisory
@@ -13,7 +13,7 @@ type: how_to
 topics:
   - Security advisories
   - Vulnerabilities
-shortTitle: Create repository advisories
+shortTitle: 创建仓库通告
 ---
 
 任何对仓库有管理员权限的人都可以创建安全通告。
@@ -36,7 +36,7 @@ shortTitle: Create repository advisories
 ## 后续步骤
 
 - 评论安全通告草稿，与团队讨论漏洞。
-- 添加协作者到安全通告。 For more information, see "[Adding a collaborator to a repository security advisory](/code-security/repository-security-advisories/adding-a-collaborator-to-a-repository-security-advisory)."
-- 在临时私有复刻中私下协作以修复漏洞。 For more information, see "[Collaborating in a temporary private fork to resolve a repository security vulnerability](/code-security/repository-security-advisories/collaborating-in-a-temporary-private-fork-to-resolve-a-repository-security-vulnerability)."
-- 添加因对安全通告做出贡献而应获得积分的个人。 For more information, see "[Editing a repository security advisory](/code-security/repository-security-advisories/editing-a-repository-security-advisory#about-credits-for-security-advisories)."
-- 发布安全通告以向社区提醒安全漏洞。 For more information, see "[Publishing a repository security advisory](/code-security/repository-security-advisories/publishing-a-repository-security-advisory)."
+- 添加协作者到安全通告。 更多信息请参阅“[添加协作者到仓库安全通告](/code-security/repository-security-advisories/adding-a-collaborator-to-a-repository-security-advisory)”。
+- 在临时私有复刻中私下协作以修复漏洞。 更多信息请参阅“[在临时私有复刻中协作以解决存储库安全漏洞](/code-security/repository-security-advisories/collaborating-in-a-temporary-private-fork-to-resolve-a-repository-security-vulnerability)”。
+- 添加因对安全通告做出贡献而应获得积分的个人。 更多信息请参阅“[编辑存储库安全通告](/code-security/repository-security-advisories/editing-a-repository-security-advisory#about-credits-for-security-advisories)”。
+- 发布安全通告以向社区提醒安全漏洞。 更多信息请参阅“[发布存储库安全通告](/code-security/repository-security-advisories/publishing-a-repository-security-advisory)”。

translations/zh-CN/content/code-security/repository-security-advisories/editing-a-repository-security-advisory.md

@@ -1,6 +1,6 @@
 ---
-title: Editing a repository security advisory
-intro: You can edit the metadata and description for a repository security advisory if you need to update details or correct errors.
+title: 编辑仓库安全通告
+intro: 如果需要更新详细信息或更正错误，可以编辑仓库安全通告的元数据和说明。
 redirect_from:
   - /github/managing-security-vulnerabilities/editing-a-security-advisory
   - /code-security/security-advisories/editing-a-security-advisory
@@ -11,10 +11,10 @@ type: how_to
 topics:
   - Security advisories
   - Vulnerabilities
-shortTitle: Edit repository advisories
+shortTitle: 编辑仓库通告
 ---
 
-People with admin permissions to a repository security advisory can edit the security advisory.
+对仓库安全通告具有管理员权限的人员可以编辑安全通告。
 
 {% data reusables.security-advisory.repository-level-advisory-note %}
 
@@ -43,4 +43,4 @@ People with admin permissions to a repository security advisory can edit the sec
 
 ## 延伸阅读
 
-- "[Withdrawing a repository security advisory](/code-security/repository-security-advisories/withdrawing-a-repository-security-advisory)"
+- "[撤销存储库安全通告](/code-security/repository-security-advisories/withdrawing-a-repository-security-advisory)"

translations/zh-CN/content/code-security/repository-security-advisories/index.md

@@ -1,7 +1,7 @@
 ---
-title: Managing repository security advisories for vulnerabilities in your project
-shortTitle: Repository security advisories
-intro: 'Discuss, fix, and disclose security vulnerabilities in your repositories using repository security advisories.'
+title: 管理项目中漏洞的仓库安全通告
+shortTitle: 存储库安全通告
+intro: 使用仓库安全通告讨论、修正和披露您仓库中的安全漏洞。
 redirect_from:
   - /articles/managing-security-vulnerabilities-in-your-project
   - /github/managing-security-vulnerabilities/managing-security-vulnerabilities-in-your-project

translations/zh-CN/content/code-security/repository-security-advisories/permission-levels-for-repository-security-advisories.md

@@ -1,6 +1,6 @@
 ---
-title: Permission levels for repository security advisories
-intro: The actions you can take in a repository security advisory depend on whether you have admin or write permissions to the security advisory.
+title: 仓库安全通告的权限级别
+intro: 您在仓库安全通告中可以执行的操作取决于您是公告的管理员还是对其有写入权限。
 redirect_from:
   - /articles/permission-levels-for-maintainer-security-advisories
   - /github/managing-security-vulnerabilities/permission-levels-for-maintainer-security-advisories
@@ -17,29 +17,29 @@ topics:
 shortTitle: 权限级别
 ---
 
-This article applies only to repository-level security advisories. Anyone can contribute to global security advisories in the {% data variables.product.prodname_advisory_database %} at [github.com/advisories](https://github.com/advisories). Edits to global advisories will not change or affect how the advisory appears on the repository.  For more information, see "[Editing security advisories in the {% data variables.product.prodname_advisory_database %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/editing-security-advisories-in-the-github-advisory-database)."
+本文仅适用于存储库级别的安全通告。 任何人都可以在 [github.com/advisories](https://github.com/advisories) 上为 {% data variables.product.prodname_advisory_database %} 中的全局安全通告做出贡献。 对全局通告的编辑不会更改或影响通告在存储库中的显示方式。  更多信息请参阅“[编辑 {% data variables.product.prodname_advisory_database %} 中的安全通告](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/editing-security-advisories-in-the-github-advisory-database)”。
 
 ## 权限概述
 
-{% data reusables.repositories.security-advisory-admin-permissions %} For more information about adding a collaborator to a security advisory, see "[Adding a collaborator to a repository security advisory](/code-security/repository-security-advisories/adding-a-collaborator-to-a-repository-security-advisory)."
+{% data reusables.repositories.security-advisory-admin-permissions %} 有关添加协作者到安全通告的更多信息，请参阅“[添加协作者到仓库安全通告](/code-security/repository-security-advisories/adding-a-collaborator-to-a-repository-security-advisory)”。
 
-| 操作                                                                                                                                                                                                                                                                                                          | 写入权限 | 管理员权限 |
-| ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---- | ----- |
-| 查看安全通告草稿                                                                                                                                                                                                                                                                                                    | X    | X     |
-| Add collaborators to the security advisory (see "[Adding a collaborator to a repository security advisory](/code-security/repository-security-advisories/adding-a-collaborator-to-a-repository-security-advisory)")                                                                                         |      | X     |
-| 编辑和删除安全通告中的任何评论                                                                                                                                                                                                                                                                                             | X    | X     |
-| Create a temporary private fork in the security advisory (see "[Collaborating in a temporary private fork to resolve a repository security vulnerability](/code-security/repository-security-advisories/collaborating-in-a-temporary-private-fork-to-resolve-a-repository-security-vulnerability)")         |      | X     |
-| Add changes to a temporary private fork in the security advisory (see "[Collaborating in a temporary private fork to resolve a repository security vulnerability](/code-security/repository-security-advisories/collaborating-in-a-temporary-private-fork-to-resolve-a-repository-security-vulnerability)") | X    | X     |
-| Create pull requests in a temporary private fork (see "[Collaborating in a temporary private fork to resolve a repository security vulnerability](/code-security/repository-security-advisories/collaborating-in-a-temporary-private-fork-to-resolve-a-repository-security-vulnerability)")                 | X    | X     |
-| Merge changes in the security advisory (see "[Collaborating in a temporary private fork to resolve a repository security vulnerability](/code-security/repository-security-advisories/collaborating-in-a-temporary-private-fork-to-resolve-a-repository-security-vulnerability)")                           |      | X     |
-| Add and edit metadata in the security advisory (see "[Publishing a repository security advisory](/code-security/repository-security-advisories/publishing-a-repository-security-advisory)")                                                                                                                 | X    | X     |
-| Add and remove credits for a security advisory (see "[Editing a repository security advisory](/code-security/repository-security-advisories/editing-a-repository-security-advisory)")                                                                                                                       | X    | X     |
-| 关闭安全通告草稿                                                                                                                                                                                                                                                                                                    |      | X     |
-| Publish the security advisory (see "[Publishing a repository security advisory](/code-security/repository-security-advisories/publishing-a-repository-security-advisory)")                                                                                                                                  |      | X     |
+| 操作                                                                                                                                                                                    | 写入权限 | 管理员权限 |
+| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---- | ----- |
+| 查看安全通告草稿                                                                                                                                                                              | X    | X     |
+| 添加协作者到安全通告（请参阅“[添加协作者到仓库安全通告](/code-security/repository-security-advisories/adding-a-collaborator-to-a-repository-security-advisory)”）                                                |      | X     |
+| 编辑和删除安全通告中的任何评论                                                                                                                                                                       | X    | X     |
+| 在安全通告中创建临时私有复刻（请参阅“[在临时私有复刻中协作以解决仓库安全漏洞](/code-security/repository-security-advisories/collaborating-in-a-temporary-private-fork-to-resolve-a-repository-security-vulnerability)”）    |      | X     |
+| 添加更改到安全通告中的临时私有复刻（请参阅“[在临时私有复刻中协作以解决仓库安全漏洞](/code-security/repository-security-advisories/collaborating-in-a-temporary-private-fork-to-resolve-a-repository-security-vulnerability)”） | X    | X     |
+| 在临时私有复刻中创建拉取请求（请参阅“[在临时私有复刻中协作以解决仓库安全漏洞](/code-security/repository-security-advisories/collaborating-in-a-temporary-private-fork-to-resolve-a-repository-security-vulnerability)”）    | X    | X     |
+| 合并安全通告中的更改（请参阅“[在临时私有复刻中协作以解决仓库安全漏洞](/code-security/repository-security-advisories/collaborating-in-a-temporary-private-fork-to-resolve-a-repository-security-vulnerability)”）        |      | X     |
+| 在安全通告中添加和编辑元数据（请参阅“[发布仓库安全通告](/code-security/repository-security-advisories/publishing-a-repository-security-advisory)”）                                                              | X    | X     |
+| 添加和删除安全通告的积分（请参阅“[编辑仓库安全通告](/code-security/repository-security-advisories/editing-a-repository-security-advisory)”）                                                                   | X    | X     |
+| 关闭安全通告草稿                                                                                                                                                                              |      | X     |
+| 发布安全通告（请参阅“[发布仓库安全通告](/code-security/repository-security-advisories/publishing-a-repository-security-advisory)”）                                                                      |      | X     |
 
 ## 延伸阅读
 
-- "[Adding a collaborator to a repository security advisory](/code-security/repository-security-advisories/adding-a-collaborator-to-a-repository-security-advisory)"
-- "[Collaborating in a temporary private fork to resolve a repository security vulnerability](/code-security/repository-security-advisories/collaborating-in-a-temporary-private-fork-to-resolve-a-repository-security-vulnerability)"
-- "[Removing a collaborator from a repository security advisory](/code-security/repository-security-advisories/removing-a-collaborator-from-a-repository-security-advisory)"
-- "[Withdrawing a repository security advisory](/code-security/repository-security-advisories/withdrawing-a-repository-security-advisory)"
+- "[添加协作者到仓库安全通告](/code-security/repository-security-advisories/adding-a-collaborator-to-a-repository-security-advisory)"
+- "[在临时私有复刻中协作以解决仓库安全漏洞](/code-security/repository-security-advisories/collaborating-in-a-temporary-private-fork-to-resolve-a-repository-security-vulnerability)"
+- “[从仓库安全通告中删除协作者](/code-security/repository-security-advisories/removing-a-collaborator-from-a-repository-security-advisory)”
+- "[撤销存储库安全通告](/code-security/repository-security-advisories/withdrawing-a-repository-security-advisory)"

translations/zh-CN/content/code-security/repository-security-advisories/publishing-a-repository-security-advisory.md

@@ -1,5 +1,5 @@
 ---
-title: Publishing a repository security advisory
+title: 发布存储库安全通告
 intro: 您可以发布安全通告，向社区提醒项目中的安全漏洞。
 redirect_from:
   - /articles/publishing-a-maintainer-security-advisory
@@ -15,7 +15,7 @@ topics:
   - Vulnerabilities
   - CVEs
   - Repositories
-shortTitle: Publish repository advisories
+shortTitle: 发布存储库通告
 ---
 
 <!--Marketing-LINK: From /features/security/software-supply-chain page "Publishing a security advisory".-->
@@ -26,9 +26,9 @@ shortTitle: Publish repository advisories
 
 ## 基本要求
 
-在发布安全通告或申请 CVE 标识号之前，必须创建安全通告草稿，并提供受安全漏洞影响的项目版本的相关信息。 For more information, see "[Creating a repository security advisory](/code-security/repository-security-advisories/creating-a-repository-security-advisory)."
+在发布安全通告或申请 CVE 标识号之前，必须创建安全通告草稿，并提供受安全漏洞影响的项目版本的相关信息。 更多信息请参阅“[创建存储库安全通告](/code-security/repository-security-advisories/creating-a-repository-security-advisory)”。
 
-如果您已创建安全通告，但尚未提供有关安全漏洞影响的项目版本的详细信息，则可以编辑安全通告。 For more information, see "[Editing a repository security advisory](/code-security/repository-security-advisories/editing-a-repository-security-advisory)."
+如果您已创建安全通告，但尚未提供有关安全漏洞影响的项目版本的详细信息，则可以编辑安全通告。 更多信息请参阅“[编辑存储库安全通告](/code-security/repository-security-advisories/editing-a-repository-security-advisory)”。
 
 ## 关于发布安全通告
 
@@ -36,7 +36,7 @@ shortTitle: Publish repository advisories
 
 {% data reusables.repositories.security-advisories-republishing %}
 
-在发布安全通告之前，您可以私下协作在临时私有复刻中修复漏洞。 For more information, see "[Collaborating in a temporary private fork to resolve a repository security vulnerability](/code-security/repository-security-advisories/collaborating-in-a-temporary-private-fork-to-resolve-a-repository-security-vulnerability)."
+在发布安全通告之前，您可以私下协作在临时私有复刻中修复漏洞。 更多信息请参阅“[在临时私有复刻中协作以解决存储库安全漏洞](/code-security/repository-security-advisories/collaborating-in-a-temporary-private-fork-to-resolve-a-repository-security-vulnerability)”。
 
 {% warning %}
 
@@ -63,7 +63,7 @@ shortTitle: Publish repository advisories
 
 发布安全通告后，安全通告的 URL 将与发布安全通告之前保持相同。 对仓库具有读取权限的任何人都能看到安全通告。 安全通告的协作者可以继续查看安全通告中过去的对话，包括完整的评论流，除非有管理员权限的人从安全通告删除该协作者。
 
-如果需要更新或更正已发布的安全通告中的信息，可以编辑安全通告。 For more information, see "[Editing a repository security advisory](/code-security/repository-security-advisories/editing-a-repository-security-advisory)."
+如果需要更新或更正已发布的安全通告中的信息，可以编辑安全通告。 更多信息请参阅“[编辑存储库安全通告](/code-security/repository-security-advisories/editing-a-repository-security-advisory)”。
 
 ## 发布安全通告
 
@@ -81,7 +81,7 @@ shortTitle: Publish repository advisories
 
 ## 申请 CVE 识别号（可选）
 
-{% data reusables.repositories.request-security-advisory-cve-id %} For more information, see "[About {% data variables.product.prodname_security_advisories %} for repositories](/code-security/repository-security-advisories/about-github-security-advisories-for-repositories#cve-identification-numbers)."
+{% data reusables.repositories.request-security-advisory-cve-id %} 更多信息请参阅“[关于存储库的 {% data variables.product.prodname_security_advisories %}](/code-security/repository-security-advisories/about-github-security-advisories-for-repositories#cve-identification-numbers)”。
 
 {% data reusables.repositories.navigate-to-repo %}
 {% data reusables.repositories.sidebar-security %}
@@ -92,4 +92,4 @@ shortTitle: Publish repository advisories
 
 ## 延伸阅读
 
-- "[Withdrawing a repository security advisory](/code-security/repository-security-advisories/withdrawing-a-repository-security-advisory)"
+- "[撤销存储库安全通告](/code-security/repository-security-advisories/withdrawing-a-repository-security-advisory)"

translations/zh-CN/content/code-security/repository-security-advisories/removing-a-collaborator-from-a-repository-security-advisory.md

@@ -1,6 +1,6 @@
 ---
-title: Removing a collaborator from a repository security advisory
-intro: 'When you remove a collaborator from a repository security advisory, they lose read and write access to the security advisory''s discussion and metadata.'
+title: 从仓库安全通告删除协作者
+intro: 协作者从仓库安全通告中删除后，将失去对安全通告的讨论和元数据的读取和写入权限。
 redirect_from:
   - /github/managing-security-vulnerabilities/removing-a-collaborator-from-a-security-advisory
   - /code-security/security-advisories/removing-a-collaborator-from-a-security-advisory
@@ -32,5 +32,5 @@ shortTitle: 删除协作者
 
 ## 延伸阅读
 
-- "[Permission levels for repository security advisories](/code-security/repository-security-advisories/permission-levels-for-repository-security-advisories)"
-- "[Adding a collaborator to a repository security advisory](/code-security/repository-security-advisories/adding-a-collaborator-to-a-repository-security-advisory)"
+- "[仓库安全通告的权限级别](/code-security/repository-security-advisories/permission-levels-for-repository-security-advisories)"
+- "[添加协作者到仓库安全通告](/code-security/repository-security-advisories/adding-a-collaborator-to-a-repository-security-advisory)"

translations/zh-CN/content/code-security/repository-security-advisories/withdrawing-a-repository-security-advisory.md

@@ -1,6 +1,6 @@
 ---
-title: Withdrawing a repository security advisory
-intro: You can withdraw a repository security advisory that you've published.
+title: 撤销存储库安全通告
+intro: 您可以撤销已发布的仓库安全通告。
 redirect_from:
   - /github/managing-security-vulnerabilities/withdrawing-a-security-advisory
   - /code-security/security-advisories/withdrawing-a-security-advisory
@@ -11,7 +11,7 @@ type: how_to
 topics:
   - Security advisories
   - Vulnerabilities
-shortTitle: Withdraw repository advisories
+shortTitle: 撤销存储库通告
 ---
 
 {% data reusables.security-advisory.repository-level-advisory-note %}
@@ -20,4 +20,4 @@ shortTitle: Withdraw repository advisories
 
 ## 延伸阅读
 
-- "[Editing a repository security advisory](/code-security/repository-security-advisories/editing-a-repository-security-advisory)"
+- "[编辑存储库安全通告](/code-security/repository-security-advisories/editing-a-repository-security-advisory)"

translations/zh-CN/content/code-security/secret-scanning/about-secret-scanning.md

@@ -38,6 +38,13 @@ If your project communicates with an external service, you might use a token or
 
 Service providers can partner with {% data variables.product.company_short %} to provide their secret formats for scanning. {% data reusables.secret-scanning.partner-program-link %}
 
+{% if secret-scanning-push-protection %}
+
+You can also enable {% data variables.product.prodname_secret_scanning %} as a push protection for a repository or an organization. When you enable this feature, {% data variables.product.prodname_secret_scanning %} prevents contributors from pushing code with a detected secret. To proceed, contributors must either remove the secret(s) from the push or, if needed, bypass the protection. For more information, see "[Protecting pushes with {% data variables.product.prodname_secret_scanning %}](/code-security/secret-scanning/protecting-pushes-with-secret-scanning)."
+
+{% endif %}
+
+
 {% ifversion fpt or ghec %}
 ## About {% data variables.product.prodname_secret_scanning_partner %}
 

translations/zh-CN/content/code-security/secret-scanning/configuring-secret-scanning-for-your-repositories.md

@@ -28,13 +28,15 @@ shortTitle: 配置密钥扫描
 
 {% data reusables.repositories.navigate-to-repo %}
 {% data reusables.repositories.sidebar-settings %}
-{% data reusables.repositories.navigate-to-security-and-analysis %}
+{% data reusables.repositories.navigate-to-code-security-and-analysis %}
 4. 如果 {% data variables.product.prodname_advanced_security %} 尚未对仓库启用，请在“{% data variables.product.prodname_GH_advanced_security %}”右侧单击 **Enable（启用）**。
    {% ifversion fpt or ghec %}![为仓库启用 {% data variables.product.prodname_GH_advanced_security %}](/assets/images/help/repository/enable-ghas-dotcom.png)
    {% elsif ghes or ghae %}![Enable {% data variables.product.prodname_GH_advanced_security %} for your repository](/assets/images/enterprise/3.1/help/repository/enable-ghas.png){% endif %}
 5. 查看启用 {% data variables.product.prodname_advanced_security %} 的影响，然后点击 **对仓库启用 {% data variables.product.prodname_GH_advanced_security %}**。
 6. 当您启用 {% data variables.product.prodname_advanced_security %} 时，{% data variables.product.prodname_secret_scanning %} 可能会因为组织的设置而自动启用。 如果 "{% data variables.product.prodname_secret_scanning_caps %}" 显示 **Enable（启用）**按钮，则您仍需通过单击 **Enable（启用）**来启用 {% data variables.product.prodname_secret_scanning %}。 如果您看到 **Disable（禁用）**按钮，则表明 {% data variables.product.prodname_secret_scanning %} 已启用。 ![为仓库启用 {% data variables.product.prodname_secret_scanning %}](/assets/images/help/repository/enable-secret-scanning-dotcom.png)
-
+{% if secret-scanning-push-protection %}
+7. （可选）如果要启用推送保护，请单击“Push protection（推送保护）”右侧的 **Enable（启用）** 。 {% data reusables.secret-scanning.push-protection-overview %} 更多信息请参阅“[使用 {% data variables.product.prodname_secret_scanning %} 保护推送](/code-security/secret-scanning/protecting-pushes-with-secret-scanning)”。 ![为存储库启用推送保护](/assets/images/help/repository/secret-scanning-enable-push-protection.png)
+{% endif %}
 {% ifversion ghae %}
 1. 在可以启用 {% data variables.product.prodname_secret_scanning %} 之前，您需要先启用 {% data variables.product.prodname_GH_advanced_security %}。 在“{% data variables.product.prodname_GH_advanced_security %}”右边单击 **Enable（启用）**。 ![为仓库启用 {% data variables.product.prodname_GH_advanced_security %}](/assets/images/enterprise/github-ae/repository/enable-ghas-ghae.png)
 2. 单击**为此仓库启用 {% data variables.product.prodname_GH_advanced_security %}** 以确认操作。 ![确认为仓库启用 {% data variables.product.prodname_GH_advanced_security %}](/assets/images/enterprise/github-ae/repository/enable-ghas-confirmation-ghae.png)

translations/zh-CN/content/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning.md

@@ -64,14 +64,12 @@ topics:
 
 {% data reusables.repositories.navigate-to-repo %}
 {% data reusables.repositories.sidebar-settings %}
-{% data reusables.repositories.navigate-to-security-and-analysis %}
+{% data reusables.repositories.navigate-to-code-security-and-analysis %}
 {% data reusables.repositories.navigate-to-ghas-settings %}
 {% data reusables.advanced-security.secret-scanning-new-custom-pattern %}
 {% data reusables.advanced-security.secret-scanning-add-custom-pattern-details %}{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5499 %}
 1. 当您准备好测试新的自定义模式时，要识别存储库中的匹配项而不创建警报，请单击 **Save and dry run（保存并空运行）**。
-1. 空运行完成后，您将看到存储库中的结果示例（最多 1000 个）。 查看结果并确定任何误报结果。 ![显示空运行结果的屏幕截图](/assets/images/help/repository/secret-scanning-publish-pattern.png)
-1. 编辑新的自定义模式以修复结果的任何问题，然后单击 **Save and dry run（保存并空运行）**以测试更改。
-{% indented_data_reference reusables.secret-scanning.beta-dry-runs spaces=3 %}
+{% data reusables.advanced-security.secret-scanning-dry-run-results %}
 {% endif %}
 {% data reusables.advanced-security.secret-scanning-create-custom-pattern %}
 
@@ -110,11 +108,13 @@ aAAAe9
 
 在定义自定义模式之前，您必须确保在组织中为要扫描的仓库启用 {% data variables.product.prodname_secret_scanning %}。 要在组织中的所有存储库上启用 {% data variables.product.prodname_secret_scanning %} ，请参阅“[管理组织的安全和分析设置](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization)”。
 
+{% ifversion ghes < 3.5 or ghae %}
 {% note %}
 
 **注意：** 由于没有试运行功能，我们建议您先在存储库中测试自定义模式，然后再为整个组织定义它们。 这样，可以避免创建过多的误报 {% data variables.product.prodname_secret_scanning %} 警报。
 
 {% endnote %}
+{% endif %}
 
 {% data reusables.profile.access_org %}
 {% data reusables.profile.org_settings %}
@@ -122,6 +122,12 @@ aAAAe9
 {% data reusables.repositories.navigate-to-ghas-settings %}
 {% data reusables.advanced-security.secret-scanning-new-custom-pattern %}
 {% data reusables.advanced-security.secret-scanning-add-custom-pattern-details %}
+{%- if secret-scanning-org-dry-runs %}
+1. 当您准备好测试新的自定义模式时，要识别所选存储库中的匹配项而不创建警报，请单击 **Save and dry run（保存并试运行）**。
+1. 搜索并选择要在其中执行试运行的存储库。 您最多可以选择 10 个存储库。 ![显示为试运行选择的存储库的屏幕截图](/assets/images/help/repository/secret-scanning-dry-run-custom-pattern-select-repo.png)
+1. 当您准备好测试新的自定义模式时，请单击 **Dry run（试运行）**。
+{% data reusables.advanced-security.secret-scanning-dry-run-results %}
+{%- endif %}
 {% data reusables.advanced-security.secret-scanning-create-custom-pattern %}
 
 创建模式后，{% data variables.product.prodname_secret_scanning %} 扫描组织的仓库中的任何密钥，包括其所有分支的整个 Git 历史记录。 组织所有者和仓库管理员将会收到发现的任何密钥警报通知，并且可以审查发现密钥的仓库中的警报。 有关查看 {% data variables.product.prodname_secret_scanning %} 警报的详细信息，请参阅“[管理来自 {% data variables.product.prodname_secret_scanning %} 的警报](/code-security/secret-security/managing-alerts-from-secret-scanning)”。

translations/zh-CN/content/code-security/secret-scanning/index.md

@@ -20,5 +20,6 @@ children:
   - /defining-custom-patterns-for-secret-scanning
   - /managing-alerts-from-secret-scanning
   - /secret-scanning-patterns
+  - /protecting-pushes-with-secret-scanning
 ---
 

translations/zh-CN/content/code-security/secret-scanning/protecting-pushes-with-secret-scanning.md

@@ -0,0 +1,87 @@
+---
+title: Protecting pushes with secret scanning
+intro: 'You can use {% data variables.product.prodname_secret_scanning %} to prevent supported secrets from being pushed into your organization or repository by enabling push protection.'
+product: '{% data reusables.gated-features.secret-scanning %}'
+miniTocMaxHeadingLevel: 3
+versions:
+  feature: secret-scanning-push-protection
+redirect_from:
+  - /early-access/code-security/secret-scanning/protecting-pushes-with-secret-scanning
+type: how_to
+topics:
+  - Secret scanning
+  - Advanced Security
+  - Alerts
+  - Repositories
+shortTitle: Push protection
+---
+
+{% data reusables.secret-scanning.beta %}
+{% data reusables.secret-scanning.enterprise-enable-secret-scanning %}
+{% data reusables.secret-scanning.push-protection-beta %}
+
+## About push protection for secrets
+
+Up to now, {% data variables.product.prodname_secret_scanning_GHAS %} checks for secrets _after_ a push and alerts users to exposed secrets. {% data reusables.secret-scanning.push-protection-overview %}
+
+{% data variables.product.prodname_secret_scanning_caps %} as a push protection currently scans repositories for secrets issued by the following service providers.
+
+{% data reusables.secret-scanning.secret-list-private-push-protection %}
+
+## Enabling {% data variables.product.prodname_secret_scanning %} as a push protection
+
+For you to use {% data variables.product.prodname_secret_scanning %} as a push protection, the organization or repository needs to have both {% data variables.product.prodname_GH_advanced_security %} and {% data variables.product.prodname_secret_scanning %} enabled. For more information, see "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization)," "[Managing security and analysis settings for your repository](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository)," and "[About {% data variables.product.prodname_GH_advanced_security %}](/get-started/learning-about-github/about-github-advanced-security)."
+
+Organization owners, security managers, and repository administrators can enable push protection for {% data variables.product.prodname_secret_scanning %} via the UI and API. For more information, see "[Repositories](/rest/reference/repos#update-a-repository)" and expand the "Properties of the `security_and_analysis` object" section in the REST API documentation.
+
+### Enabling {% data variables.product.prodname_secret_scanning %} as a push protection for an organization
+
+{% data reusables.organizations.navigate-to-org %}
+{% data reusables.organizations.org_settings %}
+{% data reusables.organizations.security-and-analysis %}
+{% data reusables.repositories.navigate-to-ghas-settings %}
+{% data reusables.advanced-security.secret-scanning-push-protection-org %}
+
+### Enabling {% data variables.product.prodname_secret_scanning %} as a push protection for a repository
+
+{% data reusables.repositories.navigate-to-repo %}
+{% data reusables.repositories.sidebar-settings %}
+{% data reusables.repositories.navigate-to-code-security-and-analysis %}
+{% data reusables.repositories.navigate-to-ghas-settings %}
+{% data reusables.advanced-security.secret-scanning-push-protection-repo %}
+
+
+## Using {% data variables.product.prodname_secret_scanning %} as a push protection from the command line
+
+When you attempt to push a supported secret to a repository or organization with {% data variables.product.prodname_secret_scanning %} as a push protection enabled, {% data variables.product.prodname_dotcom %} will block the push. You can remove the secret from your commit or follow a provided URL to allow the push.
+
+Up to five detected secrets will be displayed at a time on the command line. If a particular secret has already been detected in the repository and an alert already exists, {% data variables.product.prodname_dotcom %} will not block that secret.
+
+![Screenshot showing that a push is blocked when a user attempts to push a secret to a repository](/assets/images/help/repository/secret-scanning-push-protection-with-link.png)
+
+If you need to remove the secret from your latest commit (that is, `HEAD`) on the branch being pushed and any earlier commits that contain the secret, you can remove the secret from `HEAD`, then squash the commits between when the commit was introduced and the first version of `HEAD` for which the secret has been removed.
+
+{% note %}
+
+**注意**：
+
+* If your git configuration supports pushes to multiple branches, and not only to the default branch, your push may be blocked due to additional and unintended refs being pushed. For more information, see the [`push.default` options](https://git-scm.com/docs/git-config#Documentation/git-config.txt-pushdefault) in the Git Docs.
+* If {% data variables.product.prodname_secret_scanning %} upon a push times out, {% data variables.product.prodname_dotcom %} will still run a scan after the push.
+
+{% endnote %}
+
+### Allowing a blocked secret to be pushed
+
+If {% data variables.product.prodname_dotcom %} blocks a secret that you believe is safe to push, you can allow the secret and specify the reason why it should be allowed.
+
+If you confirm a secret is real and that you intend to fix it later, you should aim to remediate the secret as soon as possible. For example, you might revoke the secret and remove the secret from the repository's commit history. For more information, see "[Removing sensitive data from a repository](/authentication/keeping-your-account-and-data-secure/removing-sensitive-data-from-a-repository)."
+
+When you allow a secret to be pushed, an alert is created in the "Security" tab. The alert is closed and no notifications are sent if you specify that the secret is a false positive or used only in tests. If you specify that the secret is real and that you will fix it later, the security alert remains open and notifications are sent to the author of the commit and repository administrators. For more information, see "[Managing alerts from secret scanning](/code-security/secret-scanning/managing-alerts-from-secret-scanning)."
+
+1. Visit the URL returned by {% data variables.product.prodname_dotcom %} when your push was blocked. ![Screenshot showing form with options for unblocking the push of a secret](/assets/images/help/repository/secret-scanning-unblock-form.png)
+2. Choose the option that best describes why you should be able to push the secret.
+    - If the secret is only used in tests and poses no threat, click **It's used in tests**.
+    - If the detected string is not a secret, click **It's a false positive**.
+    - If the secret is real but you intend to fix it later, click **I'll fix it later**.
+3. Click **Allow me to push this secret**.
+4. Reattempt the push on the command line within three hours. If you have not pushed within three hours, you will need to repeat this process.

translations/zh-CN/content/code-security/secret-scanning/secret-scanning-patterns.md

@@ -32,7 +32,7 @@ Organizations using {% data variables.product.prodname_ghe_cloud %} with {% data
 
 ## Supported secrets for partner patterns
 
-{% data variables.product.product_name %} 当前会扫描公共仓库，查找以下服务提供商发布的密码。 有关 {% data variables.product.prodname_secret_scanning_partner %} 的更多信息，请参阅“[关于 {% data variables.product.prodname_secret_scanning_partner %}](/code-security/secret-scanning/about-secret-scanning#about-secret-scanning-for-partner-patterns)”。
+{% data variables.product.product_name %} currently scans public repositories for secrets issued by the following service providers. For more information about {% data variables.product.prodname_secret_scanning_partner %}, see "[About {% data variables.product.prodname_secret_scanning_partner %}](/code-security/secret-scanning/about-secret-scanning#about-secret-scanning-for-partner-patterns)."
 
 {% data reusables.secret-scanning.partner-secret-list-public-repo %}
 {% endif %}
@@ -45,7 +45,7 @@ When {% data variables.product.prodname_secret_scanning_GHAS %} is enabled, {% d
 {% ifversion ghes > 3.1 or ghae or ghec %}
 {% note %}
 
-**Note:** You can also define custom {% data variables.product.prodname_secret_scanning %} patterns for your repository, organization, or enterprise. 更多信息请参阅“[定义 {% data variables.product.prodname_secret_scanning %} 的自定义模式](/code-security/secret-security/defining-custom-patterns-for-secret-scanning)”。
+**Note:** You can also define custom {% data variables.product.prodname_secret_scanning %} patterns for your repository, organization, or enterprise. For more information, see "[Defining custom patterns for {% data variables.product.prodname_secret_scanning %}](/code-security/secret-security/defining-custom-patterns-for-secret-scanning)."
 
 {% endnote %}
 {% endif %}
@@ -53,10 +53,10 @@ When {% data variables.product.prodname_secret_scanning_GHAS %} is enabled, {% d
 {% data reusables.secret-scanning.partner-secret-list-private-repo %}
 {% endif %}
 
-## 延伸阅读
+## Further reading
 
-- "[保护您的仓库](/code-security/getting-started/securing-your-repository)"
-- "[保护帐户和数据安全](/github/authenticating-to-github/keeping-your-account-and-data-secure)"
+- "[Securing your repository](/code-security/getting-started/securing-your-repository)"
+- "[Keeping your account and data secure](/github/authenticating-to-github/keeping-your-account-and-data-secure)"
 {%- ifversion fpt or ghec %}
 - "[{% data variables.product.prodname_secret_scanning_caps %} partner program](/developers/overview/secret-scanning-partner-program)"
 {%- else %}

translations/zh-CN/content/code-security/security-overview/about-the-security-overview.md

@@ -22,11 +22,13 @@ topics:
 shortTitle: 关于安全概述
 ---
 
+{% ifversion ghes < 3.5 or ghae-issue-4554 %}
 {% data reusables.security-center.beta %}
+{% endif %}
 
 ## 关于安全概述
 
-{% ifversion ghes or ghec or ghae %}You{% elsif fpt %}Organizations that use {% data variables.product.prodname_ghe_cloud %}{% endif %} can use the security overview for a high-level view of the security status of {% ifversion ghes or ghec or ghae %}your  {% elsif fpt %}their{% endif %} organization or to identify problematic repositories that require intervention. {% ifversion ghes or ghec or ghae %}You {% elsif fpt %}These organizations{% endif %} can view aggregate or repository-specific security information in the security overview. {% ifversion ghes or ghec or ghae %}You {% elsif fpt %} Organizations that use {% data variables.product.prodname_ghe_cloud %}{% endif %} can also use the security overview to see which security features are enabled for {% ifversion ghes or ghec or ghae %}your {% elsif fpt %}their {% endif %} repositories and to configure any available security features that are not currently in use. {% ifversion fpt %}For more information, see [the {% data variables.product.prodname_ghe_cloud %} documentation](/enterprise-cloud@latest/code-security/security-overview/about-the-security-overview).{% endif %}
+{% ifversion ghes or ghec or ghae %}您{% elsif fpt %}使用 {% data variables.product.prodname_ghe_cloud %}{% endif %} 的组织可以使用安全性概述来获取{% ifversion ghes or ghec or ghae %} 您的 {% elsif fpt %}其{% endif %} 组织安全状态的高级视图，或者识别需要干预的问题存储库。 {% ifversion ghes or ghec or ghae %}您 {% elsif fpt %}这些组织{% endif %} 可以在安全性概述中查看汇总或存储库特定的安全信息。 {% ifversion ghes or ghec or ghae %}您 {% elsif fpt %} 使用 {% data variables.product.prodname_ghe_cloud %} 的组织{% endif %}还可以使用安全性概述来查看 {% ifversion ghes or ghec or ghae %}您的 {% elsif fpt %}其 {% endif %} 存储库启用了哪些安全功能，并配置当前未使用的任何可用安全功能。 {% ifversion fpt %}更多信息请参阅 [{% data variables.product.prodname_ghe_cloud %} 文档](/enterprise-cloud@latest/code-security/security-overview/about-the-security-overview)。{% endif %}
 
 {% ifversion ghec or ghes or ghae %}
 安全概述指示是否为组织拥有的存储库启用了 {% ifversion fpt or ghes > 3.1 or ghec %}安全{% endif %}{% ifversion ghae %}{% data variables.product.prodname_GH_advanced_security %}{% endif %} 功能，并合并每个功能的警报。{% ifversion fpt or ghes > 3.1 or ghec %} 安全功能包括 {% data variables.product.prodname_GH_advanced_security %} 功能，例如 {% data variables.product.prodname_code_scanning %} 和 {% data variables.product.prodname_secret_scanning %}以及 {% data variables.product.prodname_dependabot_alerts %}。{% endif %} 有关 {% data variables.product.prodname_GH_advanced_security %} 功能的详细信息，请参阅“[关于 {% data variables.product.prodname_GH_advanced_security %}](/get-started/learning-about-github/about-github-advanced-security)”。{% ifversion fpt or ghes > 3.1 or ghec %} 有关 {% data variables.product.prodname_dependabot_alerts %} 的详细信息，请参阅“[关于 {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies#dependabot-alerts-for-vulnerable-dependencies)”。{% endif %}
@@ -77,5 +79,5 @@ shortTitle: 关于安全概述
 {% endif %}
 
 ### 关于团队级安全性概述
-在团队级别，安全概述显示团队拥有管理权限的仓库特定安全信息。 For more information, see "[Managing team access to an organization repository](/organizations/managing-access-to-your-organizations-repositories/managing-team-access-to-an-organization-repository)."
+在团队级别，安全概述显示团队拥有管理权限的仓库特定安全信息。 更多信息请参阅“[管理团队的组织仓库访问权限](/organizations/managing-access-to-your-organizations-repositories/managing-team-access-to-an-organization-repository)”。
 {% endif %}

translations/zh-CN/content/code-security/security-overview/filtering-alerts-in-the-security-overview.md

@@ -17,7 +17,9 @@ topics:
 shortTitle: 筛选警报
 ---
 
+{% ifversion ghes < 3.5 or ghae-issue-4554 %}
 {% data reusables.security-center.beta %}
+{% endif %}
 
 ## 关于筛选安全性概述
 
@@ -121,10 +123,10 @@ shortTitle: 筛选警报
 
 在机密扫描警报视图中可用。
 
-| 限定符                            | 描述                                                                                                                                                                           |
-| ------------------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-| `secret-type:SERVICE_PROVIDER` | 显示指定机密和提供程序的警报。 更多信息请参阅“[{% data variables.product.prodname_secret_scanning_caps %} 模式](/code-security/secret-scanning/secret-scanning-patterns)”。                         |
-| `secret-type:CUSTOM-PATTERN`   | 显示与指定自定义模式匹配的机密的警报。 For more information, see "[Defining custom patterns for secret scanning](/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning)." |
+| 限定符                            | 描述                                                                                                                                                   |
+| ------------------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------- |
+| `secret-type:SERVICE_PROVIDER` | 显示指定机密和提供程序的警报。 更多信息请参阅“[{% data variables.product.prodname_secret_scanning_caps %} 模式](/code-security/secret-scanning/secret-scanning-patterns)”。 |
+| `secret-type:CUSTOM-PATTERN`   | 显示与指定自定义模式匹配的机密的警报。 更多信息请参阅“[定义机密扫描的自定义模式](/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning)”。                            |
 
 ## 按提供商筛选
 

translations/zh-CN/content/code-security/security-overview/viewing-the-security-overview.md

@@ -17,7 +17,9 @@ topics:
 shortTitle: 查看安全性概述
 ---
 
+{% ifversion ghes < 3.5 or ghae-issue-4554 %}
 {% data reusables.security-center.beta %}
+{% endif %}
 
 ## 查看组织的安全概述
 
@@ -39,7 +41,7 @@ shortTitle: 查看安全性概述
 ## 查看企业的安全性概述
 
 {% data reusables.enterprise-accounts.access-enterprise-on-dotcom %}
-1. 在左侧边栏中，单击 {% octicon "shield" aria-label="The shield icon" %}** 安全性**。
+1. 在左侧边栏中，单击 {% octicon "shield" aria-label="The shield icon" %} **代码安全性**。
 {% endif %}
 
 ## 查看仓库的警报

translations/zh-CN/content/code-security/supply-chain-security/end-to-end-supply-chain/end-to-end-supply-chain-overview.md

@@ -1,8 +1,8 @@
 ---
-title: Securing your end-to-end supply chain
+title: 保护您的端到端供应链
 shortTitle: 概览
 allowTitleToDifferFromFilename: true
-intro: 'Introducing best practice guides on complete end-to-end supply chain security including personal accounts, code, and build processes.'
+intro: 介绍有关完整端到端供应链安全性（包括个人帐户、代码和构建流程）的最佳实践指南。
 versions:
   fpt: '*'
   ghec: '*'
@@ -15,24 +15,24 @@ topics:
   - Advanced Security
 ---
 
-## What is the end-to-end supply chain?
+## 什么是端到端供应链？
 
-At its core, end-to-end software supply chain security is about making sure the code you distribute hasn't been tampered with. Previously, attackers focused on targeting dependencies you use, for example libraries and frameworks. Attackers have now expanded their focus to include targeting user accounts and build processes, and so those systems must be defended as well.
+端到端软件供应链安全的核心是确保您分发的代码未被篡改。 以前，攻击者专注于针对您使用的依赖项，例如库和框架。 攻击者现在已经扩大了他们的关注点，包括针对用户帐户和构建过程，因此这些系统也必须得到保护。
 
-## About these guides
+## 关于这些指南
 
-This series of guides explains how to think about securing your end-to-end supply chain: personal account, code, and build processes. Each guide explains the risk to that area, and introduces the {% data variables.product.product_name %} features that can help you address that risk.
+本系列指南介绍了如何考虑保护端到端供应链：个人帐户、代码和构建流程。 每本指南都解释了该领域的风险，并介绍可帮助您解决该风险的 {% data variables.product.product_name %} 功能。
 
-Everyone's needs are different, so each guide starts with the highest impact change, and continues from there with additional improvements you should consider. You should feel free to skip around and focus on improvements you think will have the biggest benefit. The goal isn't to do everything at once but to continuously improve security in your systems over time.
+每个人的需求都是不同的，因此每本指南都从影响最大的变化开始，然后从那里继续进行您应该考虑的其他改进。 您应该自由跳过，注重于您认为会带来最大好处的改进。 目标不是一次完成所有操作，而是随着时间的推移不断提高系统的安全性。
 
-- "[Best practices for securing accounts](/code-security/supply-chain-security/end-to-end-supply-chain/securing-accounts)"
+- “[保护帐户的最佳实践](/code-security/supply-chain-security/end-to-end-supply-chain/securing-accounts)”
 
-- "[Best practices for securing code in your supply chain](/code-security/supply-chain-security/end-to-end-supply-chain/securing-code)"
+- “[保护供应链中代码的最佳实践](/code-security/supply-chain-security/end-to-end-supply-chain/securing-code)”
 
-- "[Best practices for securing your build system](/code-security/supply-chain-security/end-to-end-supply-chain/securing-builds)"
+- “[保护构建系统的最佳实践](/code-security/supply-chain-security/end-to-end-supply-chain/securing-builds)”
 
 ## 延伸阅读
 
-- [Safeguarding artifact integrity across any software supply chain](https://slsa.dev/)
-- [Microsoft Supply Chain Integrity Model](https://github.com/microsoft/scim)
-- [Software Supply Chain Security Paper - CNCF Security Technical Advisory Group](https://github.com/cncf/tag-security/blob/main/supply-chain-security/supply-chain-security-paper/CNCF_SSCP_v1.pdf)
+- [保护任何软件供应链中的构件完整性](https://slsa.dev/)
+- [Microsoft 供应链诚信模型](https://github.com/microsoft/scim)
+- [软件供应链安全白皮书 - CNCF 安全技术咨询小组](https://github.com/cncf/tag-security/blob/main/supply-chain-security/supply-chain-security-paper/CNCF_SSCP_v1.pdf)

translations/zh-CN/content/code-security/supply-chain-security/end-to-end-supply-chain/index.md

@@ -1,6 +1,6 @@
 ---
-title: End-to-end supply chain
-intro: 'How to think about securing your user accounts, your code, and your build process'
+title: 端到端供应链
+intro: 如何考虑保护用户帐户、代码和构建过程
 versions:
   fpt: '*'
   ghec: '*'

translations/zh-CN/content/code-security/supply-chain-security/end-to-end-supply-chain/securing-accounts.md

@@ -15,7 +15,6 @@ topics:
   - Security
   - Accounts
 ---
-
 ## About this guide
 
 This guide describes the highest impact changes you can make to increase account security. Each section outlines a change you can make to your processes to improve the security. The highest impact changes are listed first.
@@ -35,7 +34,7 @@ You can configure SAML authentication for an enterprise or organization account.
 
 After you configure SAML authentication, when members request access to your resources, they'll be directed to your SSO flow to ensure they are still recognized by your IdP. If they are unrecognized, their request is declined.
 
-Some IdPs support a protocol called SCIM, which can automatically provision or deprovision access on {% data variables.product.product_name %} when you make changes on your IdP. With SCIM, you can simplify administration as your team grows, and you can quickly revoke access to accounts. SCIM is available for individual organizations on {% data variables.product.product_name %}, or for enterprises that use {% data variables.product.prodname_emus %}. 更多信息请参阅“[关于 SCIM](/organizations/managing-saml-single-sign-on-for-your-organization/about-scim)”。
+Some IdPs support a protocol called SCIM, which can automatically provision or deprovision access on {% data variables.product.product_name %} when you make changes on your IdP. With SCIM, you can simplify administration as your team grows, and you can quickly revoke access to accounts. SCIM is available for individual organizations on {% data variables.product.product_name %}, or for enterprises that use {% data variables.product.prodname_emus %}. For more information, see "[About SCIM](/organizations/managing-saml-single-sign-on-for-your-organization/about-scim)."
 {% endif %}
 
 {% ifversion ghes %}
@@ -128,7 +127,7 @@ Another option is to generate SSH keys on a hardware security key. You could use
 Hardware-backed SSH keys are quite secure, but the hardware requirement might not work for some organizations. An alternative approach is to use SSH keys that are only valid for a short period of time, so even if the private key is compromised it can't be exploited for very long. This is the concept behind running your own SSH certificate authority. While this approach gives you a lot of control over how users authenticate, it also comes with the responsibility of maintaining an SSH certificate authority yourself. For more information, see "[About SSH certificate authorities](/organizations/managing-git-access-to-your-organizations-repositories/about-ssh-certificate-authorities)."
 {% endif %}
 
-## 后续步骤
+## Next steps
 
 - "[Securing your end-to-end supply chain](/code-security/supply-chain-security/end-to-end-supply-chain/end-to-end-supply-chain-overview)"
 

translations/zh-CN/content/code-security/supply-chain-security/end-to-end-supply-chain/securing-builds.md

@@ -1,8 +1,8 @@
 ---
-title: Best practices for securing your build system
-shortTitle: Securing builds
+title: 保护构建系统的最佳做法
+shortTitle: 保护构建
 allowTitleToDifferFromFilename: true
-intro: Guidance on how to protect the end of your supply chain—the systems you use to build and distribute artifacts.
+intro: 有关如何保护供应链末端（用于构建和分发构件的系统）的指南。
 versions:
   fpt: '*'
   ghec: '*'
@@ -15,48 +15,48 @@ topics:
   - CD
 ---
 
-## About this guide
+## 关于本指南
 
-This guide describes the highest impact changes you can make to improve the security of your build systems. Each section outlines a change you can make to your processes to improve security. The highest impact changes are listed first.
+本指南介绍为提高构建系统的安全性而可以进行的影响最大的更改。 每个部分都概述了为提高安全性而可以对流程进行的更改。 影响最大的更改列在最前面。
 
-## What's the risk?
+## 风险是什么？
 
-Some attacks on software supply chains target the build system directly. If an attacker can modify the build process, they can exploit your system without the effort of compromising personal accounts or code. It's important to make sure that you don't forget to protect the build system as well as personal accounts and code.
+对软件供应链的一些攻击直接针对构建系统。 如果攻击者可以修改构建过程，他们就可以利用您的系统，而无需攻击个人帐户或代码。 请务必确保不要忘记保护构建系统以及个人帐户和代码。
 
-## Secure your build system
+## 保护构建系统
 
-There are several security capabilities a build system should have:
+构建系统应具有以下几种安全功能：
 
-1. The build steps should be clear and repeatable.
+1. 构建步骤应清晰且可重复。
 
-2. You should know exactly what was running during the build process.
+2. 您应该确切地知道在构建过程中运行的内容。
 
-3. Each build should start in a fresh environment, so a compromised build doesn't persist to affect future builds.
+3. 每个构建都应在新的环境中启动，这样受损的构建不会持续影响将来的构建。
 
-{% data variables.product.prodname_actions %} can help you meet these capabilities. Build instructions are stored in your repository, alongside your code. You choose what environment your build runs on, including Windows, Mac, Linux, or runners you host yourself. Each build starts with a fresh virtual environment, making it difficult for an attack to persist in your build environment.
+{% data variables.product.prodname_actions %} 可以帮助您满足这些功能。 构建说明与代码一起存储在存储库中。 您可以选择在哪个环境中运行构建，包括 Windows、Mac、Linux 或您自己托管的运行器。 每个构建都从一个新的虚拟环境开始，这使得攻击很难在构建环境中持续存在。
 
-In addition to the security benefits, {% data variables.product.prodname_actions %} lets you trigger builds manually, periodically, or on git events in your repository for frequent and fast builds.
+除了安全优势之外， {% data variables.product.prodname_actions %} 还允许您手动、定期或在存储库中的 git 事件上触发构建，以实现频繁、快速的构建。
 
-{% data variables.product.prodname_actions %} is a big topic, but a good place to get started is "[Understanding GitHub Actions](/actions/learn-github-actions/understanding-github-actions)," as well as "[Choosing GitHub-hosted runners](/actions/using-workflows/workflow-syntax-for-github-actions#choosing-github-hosted-runners)," and "[Triggering a workflow](/actions/using-workflows/triggering-a-workflow)."
+{% data variables.product.prodname_actions %} 是一个很大的话题，但良好的开始是“[了解 GitHub Actions](/actions/learn-github-actions/understanding-github-actions)”以及“[选择 GitHub 托管的运行器](/actions/using-workflows/workflow-syntax-for-github-actions#choosing-github-hosted-runners)”和“[触发工作流程](/actions/using-workflows/triggering-a-workflow)”。
 
-## Sign your builds
+## 对构建签名
 
-After your build process is secure, you want to prevent someone from tampering with the end result of your build process. A great way to do this is to sign your builds. When distributing software publicly, this is often done with a public/private cryptographic key pair. You use the private key to sign the build, and you publish your public key so users of your software can verify the signature on the build before they use it. If the bytes of the build are modified, the signature will not verify.
+在构建过程安全之后，你希望防止有人篡改构建过程的最终结果。 执行此操作的好方法是对内部版本签名。 公开分发软件时，通常使用公共/私有加密密钥对来完成此操作。 使用私钥对构建签名，并发布公钥，以便软件用户可以在使用构建之前验证上面的签名。 如果修改了构建的字节，则不会验证签名。
 
-How exactly you sign your build will depend on what sort of code you're writing, and who your users are. Often it's difficult to know how to securely store the private key. One basic option here is to use {% data variables.product.prodname_actions %} encrypted secrets, although you'll need to be careful to limit who has access to those {% data variables.product.prodname_actions %} workflows. {% ifversion fpt or ghec %}If your private key is stored in another system accessible over the public internet (like Microsoft Azure, or HashiCorp Vault), a more advanced option is to authenticate with OpenID Connect, so you don't have to share secrets across systems.{% endif %} If your private key is only accessible from a private network, another option is to use self-hosted runners for {% data variables.product.prodname_actions %}.
+如何对构建签名取决于您编写的代码类型以及用户是谁。 通常很难知道如何安全地存储私钥。 此处的一个基本选项是使用 {% data variables.product.prodname_actions %} 加密机密，但您需要小心地限制谁有权访问这些 {% data variables.product.prodname_actions %} 工作流程。 {% ifversion fpt or ghec %}如果您的私钥存储在可通过公共互联网访问的另一个系统中（如 Microsoft Azure 或 HashiCorp Vault），则更高级的选择是使用 OpenID Connect 进行身份验证，因此您不必在系统之间共享机密。{% endif %} 如果您的私钥只能从专用网络访问，则另一种选择是对 {% data variables.product.prodname_actions %} 使用自托管运行器。
 
-For more information, see "[Encrypted secrets](/actions/security-guides/encrypted-secrets)"{% ifversion fpt or ghec %}, "[About security hardening with OpenID Connect](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect)",{% endif %} and "[About self-hosted runners](/actions/hosting-your-own-runners/about-self-hosted-runners)."
+更多信息请参阅“[加密机密](/actions/security-guides/encrypted-secrets){% ifversion fpt or ghec %}”、“[关于使用 OpenID Connect 进行安全强化](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect)”、{% endif %} 和“[关于自托管运行器](/actions/hosting-your-own-runners/about-self-hosted-runners)”。
 
-## Harden security for {% data variables.product.prodname_actions %}
+## 强化 {% data variables.product.prodname_actions %} 的安全性
 
-There are many further steps you can take to additionally secure {% data variables.product.prodname_actions %}. In particular, be careful when evaluating third-party workflows, and consider using `CODEOWNERS` to limit who can make changes to your workflows.
+您可以采取许多其他步骤来进一步保护 {% data variables.product.prodname_actions %}。 特别是，在评估第三方工作流程时要小心，并考虑使用 `CODEOWNERS` 来限制谁可以对您的工作流进行更改。
 
-For more information, see "[Security hardening for GitHub Actions](/actions/security-guides/security-hardening-for-github-actions);" particularly "[Using third-party actions](/actions/security-guides/security-hardening-for-github-actions#using-third-party-actions)" and "[Using `CODEOWNERS` to monitor changes](/actions/security-guides/security-hardening-for-github-actions#using-codeowners-to-monitor-changes)."
+更多信息请参阅“[GitHub 操作的安全性强化](/actions/security-guides/security-hardening-for-github-actions)”，特别是“[使用第三方操作](/actions/security-guides/security-hardening-for-github-actions#using-third-party-actions)”和“[使用 `CODEOWNERS` 监控更改](/actions/security-guides/security-hardening-for-github-actions#using-codeowners-to-monitor-changes)”。
 
 ## 后续步骤
 
-- "[Securing your end-to-end supply chain](/code-security/supply-chain-security/end-to-end-supply-chain/end-to-end-supply-chain-overview)"
+- “[保护您的端到端供应链](/code-security/supply-chain-security/end-to-end-supply-chain/end-to-end-supply-chain-overview)”
 
-- "[Best practices for securing accounts](/code-security/supply-chain-security/end-to-end-supply-chain/securing-accounts)"
+- “[保护帐户的最佳实践](/code-security/supply-chain-security/end-to-end-supply-chain/securing-accounts)”
 
-- "[Best practices for securing code in your supply chain](/code-security/supply-chain-security/end-to-end-supply-chain/securing-code)"
+- “[保护供应链中代码的最佳实践](/code-security/supply-chain-security/end-to-end-supply-chain/securing-code)”

translations/zh-CN/content/code-security/supply-chain-security/end-to-end-supply-chain/securing-code.md

@@ -16,11 +16,11 @@ topics:
   - Secret scanning
 ---
 
-## About this guide
+## 关于本指南
 
-This guide describes the highest impact changes you can make to improve the security of your code. Each section outlines a change you can make to your processes to improve security. The highest impact changes are listed first.
+This guide describes the highest impact changes you can make to improve the security of your code. 每个部分都概述了为提高安全性而可以对流程进行的更改。 影响最大的更改列在最前面。
 
-## What's the risk?
+## 风险是什么？
 
 Key risks in the development process include:
 
@@ -112,8 +112,8 @@ Insecure code patterns are often difficult for reviewers to spot unaided. In add
 
 ## 后续步骤
 
-- "[Securing your end-to-end supply chain](/code-security/supply-chain-security/end-to-end-supply-chain/end-to-end-supply-chain-overview)"
+- “[保护您的端到端供应链](/code-security/supply-chain-security/end-to-end-supply-chain/end-to-end-supply-chain-overview)”
 
-- "[Best practices for securing accounts](/code-security/supply-chain-security/end-to-end-supply-chain/securing-accounts)"
+- “[保护帐户的最佳实践](/code-security/supply-chain-security/end-to-end-supply-chain/securing-accounts)”
 
-- "[Best practices for securing your build system](/code-security/supply-chain-security/end-to-end-supply-chain/securing-builds)"
+- “[保护构建系统的最佳实践](/code-security/supply-chain-security/end-to-end-supply-chain/securing-builds)”

translations/zh-CN/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review.md

@@ -50,3 +50,17 @@ redirect_from:
 
 启用依赖关系图时，依赖项审查功能可用。 更多信息请参阅“{% ifversion ghec %}[启用依赖关系图](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph#enabling-the-dependency-graph){% elsif ghes %}[为企业启用依赖关系图](/admin/code-security/managing-supply-chain-security-for-your-enterprise/enabling-the-dependency-graph-for-your-enterprise){% endif %}”。
 {% endif %}
+
+{% ifversion fpt or ghec or ghes > 3.5 or ghae-issue-6396 %}
+## 依赖项审查实施
+
+{% data reusables.dependency-review.dependency-review-action-beta-note %}
+
+可以使用存储库中的依赖项审查 GitHub 操作对拉取请求强制执行依赖项审查。 该操作将扫描由拉取请求中的包版本更改是否引入有漏洞的依赖项版本，并向您示警相关的安全漏洞。 这便于您更好地了解拉取请求中发生的变化，并有助于防止将漏洞添加到存储库中。 更多信息请参阅 [`dependency-review-action`](https://github.com/actions/dependency-review-action)。
+
+![依赖项审查操作示例](/assets/images/help/graphs/dependency-review-action.png)
+
+依赖项审查 GitHub 操作检查在发现任何易受攻击的包时会失败，但只有在存储库所有者要求在合并之前通过检查时，才会阻止合并拉取请求。 更多信息请参阅“[关于受保护分支](/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/about-protected-branches#require-status-checks-before-merging)”。
+
+该操作使用依赖项审查 REST API 来获取基本提交和头部提交之间的依赖项更改差异。 您可以使用依赖项审查 API 来获取存储库上任意两个提交之间的依赖项更改差异（包括漏洞数据）。 更多信息请参阅“[依赖项审查](/rest/reference/dependency-graph#dependency-review)”。
+{% endif %}

translations/zh-CN/content/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository.md

@@ -76,7 +76,7 @@ shortTitle: 探索依赖项
 
 {% data reusables.repositories.navigate-to-repo %}
 {% data reusables.repositories.sidebar-settings %}
-{% data reusables.repositories.navigate-to-security-and-analysis %}
+{% data reusables.repositories.navigate-to-code-security-and-analysis %}
 4. 阅读有关授予 {% data variables.product.product_name %} 只读访问仓库数据的消息，以启用依赖关系图，然后在“Dependency Graph（依赖关系图）”旁边单击 **Enable（启用）**。 ![依赖关系图的"启用"按钮](/assets/images/help/repository/dependency-graph-enable-button.png)
 
 您可以随时单击 Security & analysis（安全性和分析）选项卡上“Dependency Graph（依赖关系图）”旁边的 **Disable（禁用）**来禁用依赖关系图。
@@ -98,7 +98,7 @@ shortTitle: 探索依赖项
 
 {% data reusables.repositories.navigate-to-repo %}
 {% data reusables.repositories.sidebar-settings %}
-{% data reusables.repositories.navigate-to-security-and-analysis %}
+{% data reusables.repositories.navigate-to-code-security-and-analysis %}
 4. 在“Code security and analysis（代码安全和分析）”下，单击“Used by counter（使用者计数）”部分中的下拉菜单并选择一个包。 ![选择"使用者"包](/assets/images/help/repository/choose-used-by-package.png)
 
 {% endif %}

translations/zh-CN/content/codespaces/codespaces-reference/security-in-codespaces.md

@@ -56,6 +56,8 @@ shortTitle: 代码空间中的安全性
 
 如果需要连接到在代码空间内运行的服务（如开发 Web 服务器），则可以配置端口转发以使该服务在互联网上可用。
 
+组织所有者可以限制公开或在组织内提供转发端口的能力。 更多信息请参阅“[限制转发端口的可见性](/codespaces/managing-codespaces-for-your-organization/restricting-the-visibility-of-forwarded-ports)”。
+
 **私密转发端口**：可在互联网上访问，但只有代码空间创建者在向 {% data variables.product.product_name %} 验证后才可访问它们。
 
 **组织内公开转发的端口**：在通过身份验证后，可在互联网上访问，但只能由与代码空间相同的组织的成员访问 {% data variables.product.product_name %}。