Merge branch 'main' into codespaces-universe-megabranch

components/context/MainContext.tsx

@@ -3,7 +3,6 @@ import pick from 'lodash/pick'
 
 import type { BreadcrumbT } from 'components/page-header/Breadcrumbs'
 import type { FeatureFlags } from 'components/hooks/useFeatureFlags'
-import { ExcludesNull } from 'components/lib/ExcludesNull'
 
 export type ProductT = {
   external: boolean
@@ -27,14 +26,9 @@ type VersionItem = {
 }
 
 export type ProductTreeNode = {
-  page: {
-    hidden?: boolean
-    documentType: 'article' | 'mapTopic'
-    title: string
-    shortTitle: string
-  }
-  renderedShortTitle?: string
-  renderedFullTitle: string
+  documentType: 'article' | 'mapTopic'
+  title: string
+  shortTitle: string
   href: string
   childPages: Array<ProductTreeNode>
 }
@@ -178,9 +172,10 @@ export const getMainContext = async (req: any, res: any): Promise<MainContextT>
     enterpriseServerVersions: req.context.enterpriseServerVersions,
     allVersions: req.context.allVersions,
     currentVersion: req.context.currentVersion,
-    currentProductTree: req.context.currentProductTree
-      ? getCurrentProductTree(req.context.currentProductTree)
-      : null,
+    // This is a slimmed down version of `req.context.currentProductTree`
+    // that only has the minimal titles stuff needed for sidebars and
+    // any page that is hidden is omitted.
+    currentProductTree: req.context.currentProductTreeTitlesExcludeHidden || null,
     featureFlags: {},
     searchVersions: req.context.searchVersions,
     nonEnterpriseDefaultVersion: req.context.nonEnterpriseDefaultVersion,
@@ -189,26 +184,6 @@ export const getMainContext = async (req: any, res: any): Promise<MainContextT>
   }
 }
 
-// only pull things we need from the product tree, and make sure there are default values instead of `undefined`
-const getCurrentProductTree = (input: any): ProductTreeNode | null => {
-  if (input.page.hidden) {
-    return null
-  }
-
-  return {
-    href: input.href,
-    renderedShortTitle: input.renderedShortTitle || '',
-    renderedFullTitle: input.renderedFullTitle || '',
-    page: {
-      hidden: input.page.hidden || false,
-      documentType: input.page.documentType,
-      title: input.page.title,
-      shortTitle: input.page.shortTitle || '',
-    },
-    childPages: (input.childPages || []).map(getCurrentProductTree).filter(ExcludesNull),
-  }
-}
-
 export const MainContext = createContext<MainContextT | null>(null)
 
 export const useMainContext = (): MainContextT => {

components/context/ProductLandingContext.tsx

@@ -110,7 +110,7 @@ export const getProductLandingContextFromRequest = async (
     hasGuidesPage,
     product: {
       href: productTree.href,
-      title: productTree.renderedShortTitle || productTree.renderedFullTitle,
+      title: productTree.page.shortTitle || productTree.page.title,
     },
     whatsNewChangelog: req.context.whatsNewChangelog || [],
     changelogUrl: req.context.changelogUrl || [],

components/landing/ProductArticlesList.tsx

@@ -19,7 +19,7 @@ export const ProductArticlesList = () => {
   return (
     <div className="d-flex gutter flex-wrap" data-testid="product-articles-list">
       {currentProductTree.childPages.map((treeNode, i) => {
-        if (treeNode.page.documentType === 'article') {
+        if (treeNode.documentType === 'article') {
           return null
         }
 
@@ -36,7 +36,7 @@ const ProductTreeNodeList = ({ treeNode }: { treeNode: ProductTreeNode }) => {
     <div className="col-12 col-lg-4 mb-6 height-full">
       <h3 className="mb-3 f4">
         <Link className="color-unset text-underline" href={treeNode.href}>
-          {treeNode.renderedFullTitle}
+          {treeNode.title}
         </Link>
       </h3>
 
@@ -58,8 +58,8 @@ const ProductTreeNodeList = ({ treeNode }: { treeNode: ProductTreeNode }) => {
               }}
             >
               <Link className="d-block width-full" href={childNode.href}>
-                {childNode.renderedFullTitle}
-                {childNode.page.documentType === 'mapTopic' ? (
+                {childNode.title}
+                {childNode.documentType === 'mapTopic' ? (
                   <small className="color-fg-muted d-inline-block">
                     &nbsp;&bull; {childNode.childPages.length} articles
                   </small>

components/sidebar/ProductCollapsibleSection.tsx

@@ -29,7 +29,7 @@ export const ProductCollapsibleSection = (props: SectionProps) => {
 
   // The lowest level page link displayed in the tree
   const renderTerminalPageLink = (page: ProductTreeNode) => {
-    const title = page.renderedShortTitle || page.renderedFullTitle
+    const title = page.shortTitle || page.title
 
     const isCurrent = routePath === page.href
     return (
@@ -78,10 +78,10 @@ export const ProductCollapsibleSection = (props: SectionProps) => {
       {
         <>
           {/* <!-- some pages have nested child pages (formerly known as a mapTopic) --> */}
-          {page.childPages[0]?.page.documentType === 'mapTopic' ? (
+          {page.childPages[0]?.documentType === 'mapTopic' ? (
             <ul className="list-style-none position-relative">
               {page.childPages.map((childPage, i) => {
-                const childTitle = childPage.renderedShortTitle || childPage.renderedFullTitle
+                const childTitle = childPage.shortTitle || childPage.title
 
                 const isActive = routePath.includes(childPage.href)
                 const isCurrent = routePath === childPage.href
@@ -108,7 +108,7 @@ export const ProductCollapsibleSection = (props: SectionProps) => {
                 )
               })}
             </ul>
-          ) : page.childPages[0]?.page.documentType === 'article' ? (
+          ) : page.childPages[0]?.documentType === 'article' ? (
             <div data-testid="sidebar-article-group" className="pb-0">
               <ActionList variant="full" className="my-2">
                 {page.childPages.map(renderTerminalPageLink)}

components/sidebar/RestCollapsibleSection.tsx

@@ -181,7 +181,7 @@ export const RestCollapsibleSection = (props: SectionProps) => {
               </div>
             ) : (
               page.childPages.map((childPage, i) => {
-                const childTitle = childPage.renderedShortTitle || childPage.renderedFullTitle
+                const childTitle = childPage.shortTitle || childPage.title
                 const isActive = routePath.includes(childPage.href)
                 const isCurrent = routePath === childPage.href
 

components/sidebar/SidebarProduct.tsx

@@ -36,16 +36,16 @@ export const SidebarProduct = () => {
     routePath.includes(href)
   )
 
-  const productTitle = currentProductTree.renderedShortTitle || currentProductTree.renderedFullTitle
+  const productTitle = currentProductTree.shortTitle || currentProductTree.title
 
   const productSection = () => (
     <li className="my-3" data-testid="product-sidebar-items">
       <ul className="list-style-none">
         {currentProductTree &&
           currentProductTree.childPages.map((childPage, i) => {
-            const isStandaloneCategory = childPage.page.documentType === 'article'
+            const isStandaloneCategory = childPage.documentType === 'article'
 
-            const childTitle = childPage.renderedShortTitle || childPage.renderedFullTitle
+            const childTitle = childPage.shortTitle || childPage.title
             const isActive =
               routePath.includes(childPage.href + '/') || routePath === childPage.href
             const defaultOpen = hasExactCategory ? isActive : false
@@ -96,8 +96,8 @@ export const SidebarProduct = () => {
         <li className="my-3">
           <ul className="list-style-none">
             {conceptualPages.map((childPage, i) => {
-              const isStandaloneCategory = childPage.page.documentType === 'article'
-              const childTitle = childPage.renderedShortTitle || childPage.renderedFullTitle
+              const isStandaloneCategory = childPage.documentType === 'article'
+              const childTitle = childPage.shortTitle || childPage.title
               const isActive =
                 routePath.includes(childPage.href + '/') || routePath === childPage.href
               const defaultOpen = hasExactCategory ? isActive : false
@@ -145,9 +145,8 @@ export const SidebarProduct = () => {
         <li className="my-3">
           <ul className="list-style-none">
             {restPages.map((childPage, i) => {
-              const isStandaloneCategory = childPage.page.documentType === 'article'
-
-              const childTitle = childPage.renderedShortTitle || childPage.renderedFullTitle
+              const isStandaloneCategory = childPage.documentType === 'article'
+              const childTitle = childPage.shortTitle || childPage.title
               const isActive =
                 routePath.includes(childPage.href + '/') || routePath === childPage.href
               const defaultOpen = hasExactCategory ? isActive : false
@@ -178,19 +177,15 @@ export const SidebarProduct = () => {
     <ul data-testid="sidebar" className={styles.container}>
       <AllProductsLink />
 
-      {!currentProductTree.page.hidden && (
-        <>
-          <li data-testid="sidebar-product" title={productTitle} className="my-2">
-            <Link
-              href={currentProductTree.href}
-              className="pl-4 pr-5 pb-1 f4 color-fg-default no-underline"
-            >
-              {productTitle}
-            </Link>
-          </li>
-          {currentProduct && currentProduct.id === 'rest' ? restSection() : productSection()}
-        </>
-      )}
+      <li data-testid="sidebar-product" title={productTitle} className="my-2">
+        <Link
+          href={currentProductTree.href}
+          className="pl-4 pr-5 pb-1 f4 color-fg-default no-underline"
+        >
+          {productTitle}
+        </Link>
+      </li>
+      {currentProduct && currentProduct.id === 'rest' ? restSection() : productSection()}
     </ul>
   )
 }

content/README.md

@@ -326,14 +326,36 @@ When adding a new article, make sure the filename is a [kebab-cased](https://en.
 
 ## Whitespace control
 
-When using Liquid conditionals in lists or tables, you can use [whitespace control](https://shopify.github.io/liquid/basics/whitespace/) characters to prevent the addition of newlines that would break the list or table rendering.
+When using Liquid conditionals in lists or tables, you can use [whitespace control](https://shopify.github.io/liquid/basics/whitespace/) characters to prevent the addition of newlines and other whitespace that would break the list or table rendering.
 
-Just add a hyphen on either the left, right, or both sides to indicate that there should be no newline on that side. For example, this statement removes a newline on the left side:
+You can add a hyphen (`-`) on either the left, right, or both sides to indicate that there should be no newline or other whitespace on that side.
 
 ```
 {%- ifversion fpt %}
 ```
 
+For example, to version a table row, instead of adding liquid versioning for the row starting at the end of the previous row, like this:
+
+```
+Column A | Column B | Column C
+---------|----------|---------
+This row is for all versions | B1 | C1{% ifversion ghes %}
+This row is for GHES only | B2 | C2{% endif %}
+This row is for all versions | B3 | C3
+```
+
+You can include the liquid versioning on its own line and use whitespace control to strip the newline to the left of the liquid tag. This makes reading the source much easier, without breaking the rendering of the table:
+
+```
+Column A | Column B | Column C
+---------|----------|---------
+This row is for all versions | B1 | C1
+{%- ifversion ghes %}
+This row is for GHES only | B2 | C2
+{%- endif %}
+This row is for all versions | B3 | C3
+```
+
 ## Links
 
 Links to docs in the `docs-internal` repository must start with a product ID (like `/actions` or `/admin`) and contain the entire filepath, but not the file extension. For example, `/actions/creating-actions/about-custom-actions`.

content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-personal-account-settings/permission-levels-for-a-personal-account-repository.md

@@ -50,7 +50,7 @@ The repository owner has full control of the repository. In addition to the acti
 | Manage data use for a private repository | "[Managing data use settings for your private repository](/get-started/privacy-on-github/managing-data-use-settings-for-your-private-repository)"|{% endif %}
 | Define code owners for the repository | "[About code owners](/github/creating-cloning-and-archiving-repositories/about-code-owners)" |
 | Archive the repository | "[Archiving repositories](/repositories/archiving-a-github-repository/archiving-repositories)" |{% ifversion fpt or ghec %}
-| Create security advisories | "[About {% data variables.product.prodname_security_advisories %}](/github/managing-security-vulnerabilities/about-github-security-advisories)" |
+| Create security advisories | "[About repository security advisories](/github/managing-security-vulnerabilities/about-github-security-advisories)" |
 | Display a sponsor button | "[Displaying a sponsor button in your repository](/github/administering-a-repository/displaying-a-sponsor-button-in-your-repository)" |{% endif %}
 | Allow or disallow auto-merge for pull requests | "[Managing auto-merge for pull requests in your repository](/github/administering-a-repository/managing-auto-merge-for-pull-requests-in-your-repository)" | 
 | Manage webhooks and deploy keys	| "[Managing deploy keys](/developers/overview/managing-deploy-keys#deploy-keys)" |

content/actions/creating-actions/setting-exit-codes-for-actions.md

@@ -21,7 +21,7 @@ type: how_to
 
 Exit status | Check run status | Description
 ------------|------------------|------------
-`0` | `success` | The action completed successfully and other tasks that depends on it can begin.
+`0` | `success` | The action completed successfully and other tasks that depend on it can begin.
 Nonzero value (any integer but 0)| `failure` | Any other exit code indicates the action failed. When an action fails, all concurrent actions are canceled and future actions are skipped. The check run and check suite both get a `failure` status.
 
 ## Setting a failure exit code in a JavaScript action

content/actions/security-guides/security-hardening-for-github-actions.md

@@ -215,6 +215,12 @@ For more information on how to configure this setting, see {% ifversion allow-ac
 
 These sections consider some of the steps an attacker can take if they're able to run malicious commands on a {% data variables.product.prodname_actions %} runner.
 
+{% note %}
+
+**Note:** {% data variables.product.prodname_dotcom %}-hosted runners do not scan for malicious code downloaded by a user during their job, such as a compromised third party library.
+
+{% endnote %}
+
 ### Accessing secrets
 
 Workflows triggered using the `pull_request` event have read-only permissions and have no access to secrets. However, these permissions differ for various event triggers such as `issue_comment`, `issues` and `push`, where the attacker could attempt to steal repository secrets or use the write permission of the job's [`GITHUB_TOKEN`](/actions/reference/authentication-in-a-workflow#permissions-for-the-github_token).

content/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/getting-started-with-github-actions-for-github-enterprise-server.md

@@ -77,9 +77,15 @@ Maximum concurrency was measured using multiple repositories, job duration of ap
 
 {%- endif %}
 
-{%- ifversion ghes = 3.6 %}
+{%- ifversion ghes > 3.5 %}
 
-{% data reusables.actions.hardware-requirements-3.6 %}
+
+| vCPUs | Memory | Maximum Connected Runners |
+| :---| :--- | :--- |
+| 8   | 64 GB  | 740  runners |
+| 32  | 160 GB | 2700 runners |
+| 96  | 384 GB | 7000 runners |
+| 128 | 512 GB | 7000 runners |
 
 {% data variables.product.company_short %} measured maximum connected runners using multiple repositories, job duration of approximately 10 minutes, and 10 MB artifact uploads. You may experience different performance depending on the overall levels of activity on your instance.
 

content/code-security/dependabot/dependabot-alerts/editing-security-advisories-in-the-github-advisory-database.md

@@ -1,55 +0,0 @@
----
-title: Editing security advisories in the GitHub Advisory Database
-intro: 'You can submit improvements to any advisory published in the {% data variables.product.prodname_advisory_database %}.'
-redirect_from:
-  - /code-security/security-advisories/editing-security-advisories-in-the-github-advisory-database
-  - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/editing-security-advisories-in-the-github-advisory-database
-versions:
-  fpt: '*'
-  ghec: '*'
-  ghes: '*'
-  ghae: '*'
-type: how_to
-topics:
-  - Security advisories
-  - Alerts
-  - Dependabot
-  - Vulnerabilities
-  - CVEs
-shortTitle: Edit Advisory Database
----
-
-## About editing advisories in the {% data variables.product.prodname_advisory_database %}
-Security advisories in the {% data variables.product.prodname_advisory_database %} at [github.com/advisories](https://github.com/advisories) are considered global advisories. Anyone can suggest improvements on any global security advisory in the {% data variables.product.prodname_advisory_database %}. You can edit or add any detail, including additionally affected ecosystems, severity level or description of who is impacted. The {% data variables.product.prodname_security %} curation team will review the submitted improvements and publish them onto the {% data variables.product.prodname_advisory_database %} if accepted.
-{% ifversion fpt or ghec %}
-Only repository owners and administrators can edit repository-level security advisories. For more information, see "[Editing a repository security advisory](/code-security/security-advisories/editing-a-security-advisory)."{% endif %}
-
-## Editing advisories in the GitHub Advisory Database
-
-1. Navigate to https://github.com/advisories.
-1. Select the security advisory you would like to contribute to.
-1. On the right-hand side of the page, click the **Suggest improvements for this vulnerability** link.
-   
-   ![Screenshot of the suggest improvements link](/assets/images/help/security/suggest-improvements-to-advisory.png)
-
-1. In the "Improve security advisory" form, make the desired improvements. You can edit or add any detail.{% ifversion fpt or ghec %} For information about correctly specifying information on the form, including affected versions, see "[Best practices for writing repository security advisories](/code-security/repository-security-advisories/best-practices-for-writing-repository-security-advisories)."{% endif %}{% ifversion security-advisories-reason-for-change %}
-1. Under **Reason for change**, explain why you want to make this improvement. If you include links to supporting material this will help our reviewers.
-   
-   ![Screenshot of the reason for change field](/assets/images/help/security/security-advisories-suggest-improvement-reason.png){% endif %}
-
-1. When you finish editing the advisory, click **Submit improvements**.
-1. Once you submit your improvements, a pull request containing your changes will be created for review in [github/advisory-database](https://github.com/github/advisory-database) by the {% data variables.product.prodname_security %} curation team. If the advisory originated from a {% data variables.product.prodname_dotcom %} repository, we will also tag the original publisher for optional commentary. You can view the pull request and get notifications when it is updated or closed.
-
-You can also open a pull request directly on an advisory file in the [github/advisory-database](https://github.com/github/advisory-database) repository. For more information, see the [contribution guidelines](https://github.com/github/advisory-database/blob/main/CONTRIBUTING.md). 
-
-{% ifversion security-advisories-ghes-ghae %}
-## Editing advisories from {% data variables.location.product_location %}
-
-If you have {% data variables.product.prodname_github_connect %} enabled for {% data variables.location.product_location %}, you will be able to see advisories by adding `/advisories` to the instance url. 
-
-1. Navigate to `https://HOSTNAME/advisories`.
-2. Select the security advisory you would like to contribute to.
-3. On the right-hand side of the page, click the **Suggest improvements for this vulnerability on {% data variables.product.prodname_dotcom_the_website %}.** link. A new tab opens with the same security advisory on {% data variables.product.prodname_dotcom_the_website %}.
-![Suggest improvements link](/assets/images/help/security/suggest-improvements-to-advisory-on-github-com.png)
-4. Edit the advisory, following steps four through six in "[Editing advisories in the GitHub Advisory Database](#editing-advisories-in-the-github-advisory-database)" above.
-{% endif %}

content/code-security/dependabot/dependabot-alerts/index.md

@@ -15,8 +15,6 @@ topics:
   - Repositories
   - Dependencies
 children:
-  - /browsing-security-advisories-in-the-github-advisory-database
-  - /editing-security-advisories-in-the-github-advisory-database
   - /about-dependabot-alerts
   - /configuring-dependabot-alerts
   - /viewing-and-updating-dependabot-alerts

content/code-security/getting-started/adding-a-security-policy-to-your-repository.md

@@ -35,7 +35,7 @@ You can create a default security policy for your organization or personal accou
 {% endtip %}
 
 {% ifversion fpt or ghec %}
-After someone reports a security vulnerability in your project, you can use {% data variables.product.prodname_security_advisories %} to disclose, fix, and publish information about the vulnerability. For more information about the process of reporting and disclosing vulnerabilities in {% data variables.product.prodname_dotcom %}, see "[About coordinated disclosure of security vulnerabilities](/code-security/security-advisories/about-coordinated-disclosure-of-security-vulnerabilities#about-reporting-and-disclosing-vulnerabilities-in-projects-on-github)." For more information about {% data variables.product.prodname_security_advisories %}, see "[About {% data variables.product.prodname_security_advisories %}](/github/managing-security-vulnerabilities/about-github-security-advisories)."
+After someone reports a security vulnerability in your project, you can use {% data variables.product.prodname_security_advisories %} to disclose, fix, and publish information about the vulnerability. For more information about the process of reporting and disclosing vulnerabilities in {% data variables.product.prodname_dotcom %}, see "[About coordinated disclosure of security vulnerabilities](/code-security/security-advisories/about-coordinated-disclosure-of-security-vulnerabilities#about-reporting-and-disclosing-vulnerabilities-in-projects-on-github)." For more information about repository security advisories, see "[About repository security advisories](/github/managing-security-vulnerabilities/about-github-security-advisories)."
 
 {% data reusables.repositories.github-security-lab %}
 {% endif %}

content/code-security/getting-started/github-security-features.md

@@ -28,7 +28,7 @@ Make it easy for your users to confidentially report security vulnerabilities th
 {% ifversion fpt or ghec %}
 ### Security advisories
 
-Privately discuss and fix security vulnerabilities in your repository's code. You can then publish a security advisory to alert your community to the vulnerability and encourage community members to upgrade. For more information, see "[About {% data variables.product.prodname_security_advisories %}](/github/managing-security-vulnerabilities/about-github-security-advisories)."
+Privately discuss and fix security vulnerabilities in your repository's code. You can then publish a security advisory to alert your community to the vulnerability and encourage community members to upgrade. For more information, see "[About repository security advisories](/github/managing-security-vulnerabilities/about-github-security-advisories)."
 
 {% endif %}
 {% ifversion fpt or ghec or ghes %}

content/code-security/getting-started/securing-your-organization.md

@@ -125,7 +125,7 @@ For more information, see "[Managing security and analysis settings for your org
 ## Next steps
 You can view and manage alerts from security features to address dependencies and vulnerabilities in your code. For more information, see {% ifversion fpt or ghes or ghec %} "[Viewing and updating {% data variables.product.prodname_dependabot_alerts %}](/code-security/dependabot/dependabot-alerts/viewing-and-updating-dependabot-alerts),"{% endif %} {% ifversion fpt or ghec or ghes %}"[Managing pull requests for dependency updates](/code-security/supply-chain-security/managing-pull-requests-for-dependency-updates)," {% endif %}"[Managing {% data variables.product.prodname_code_scanning %} for your repository](/code-security/secure-coding/managing-code-scanning-alerts-for-your-repository)," and "[Managing alerts from {% data variables.product.prodname_secret_scanning %}](/code-security/secret-security/managing-alerts-from-secret-scanning)."
 
-{% ifversion fpt or ghec %}If you have a security vulnerability, you can create a security advisory to privately discuss and fix the vulnerability. For more information, see "[About {% data variables.product.prodname_security_advisories %}](/code-security/security-advisories/about-github-security-advisories)" and "[Creating a security advisory](/code-security/security-advisories/creating-a-security-advisory)."
+{% ifversion fpt or ghec %}If you have a security vulnerability, you can create a security advisory to privately discuss and fix the vulnerability. For more information, see "[About repository security advisories](/code-security/security-advisories/about-github-security-advisories)" and "[Creating a security advisory](/code-security/security-advisories/creating-a-security-advisory)."
 {% endif %}
 
 {% ifversion ghes or ghec or ghae %}You{% elsif fpt %}Organizations that use {% data variables.product.prodname_ghe_cloud %}{% endif %} can view, filter, and sort security alerts for repositories owned by {% ifversion ghes or ghec or ghae %}your{% elsif fpt %}their{% endif %} organization in the security overview. For more information, see{% ifversion ghes or ghec or ghae %} "[About the security overview](/code-security/security-overview/about-the-security-overview)."{% elsif fpt %} "[About the security overview](/enterprise-cloud@latest/code-security/security-overview/about-the-security-overview)" in the {% data variables.product.prodname_ghe_cloud %} documentation.{% endif %}

content/code-security/getting-started/securing-your-repository.md

@@ -133,5 +133,5 @@ You can set up {% data variables.product.prodname_code_scanning %} to automatica
 ## Next steps
 You can view and manage alerts from security features to address dependencies and vulnerabilities in your code. For more information, see {% ifversion fpt or ghes or ghec %} "[Viewing and updating {% data variables.product.prodname_dependabot_alerts %}](/code-security/dependabot/dependabot-alerts/viewing-and-updating-dependabot-alerts),"{% endif %} {% ifversion fpt or ghec or ghes %}"[Managing pull requests for dependency updates](/code-security/supply-chain-security/managing-pull-requests-for-dependency-updates)," {% endif %}"[Managing {% data variables.product.prodname_code_scanning %} for your repository](/code-security/secure-coding/managing-code-scanning-alerts-for-your-repository)," and "[Managing alerts from {% data variables.product.prodname_secret_scanning %}](/code-security/secret-security/managing-alerts-from-secret-scanning)."
 
-{% ifversion fpt or ghec %}If you have a security vulnerability, you can create a security advisory to privately discuss and fix the vulnerability. For more information, see "[About {% data variables.product.prodname_security_advisories %}](/code-security/security-advisories/about-github-security-advisories)" and "[Creating a security advisory](/code-security/security-advisories/creating-a-security-advisory)."
+{% ifversion fpt or ghec %}If you have a security vulnerability, you can create a security advisory to privately discuss and fix the vulnerability. For more information, see "[About repository security advisories](/code-security/security-advisories/about-github-security-advisories)" and "[Creating a security advisory](/code-security/security-advisories/creating-a-security-advisory)."
 {% endif %}

content/code-security/index.md

@@ -53,7 +53,7 @@ children:
   - /adopting-github-advanced-security-at-scale
   - /secret-scanning
   - /code-scanning
-  - /repository-security-advisories
+  - /security-advisories
   - /supply-chain-security
   - /dependabot
   - /security-overview

content/code-security/repository-security-advisories/about-coordinated-disclosure-of-security-vulnerabilities.md

@@ -1,71 +0,0 @@
----
-title: About coordinated disclosure of security vulnerabilities
-intro: Vulnerability disclosure is a coordinated effort between security reporters and repository maintainers.
-redirect_from:
-  - /code-security/security-advisories/about-coordinated-disclosure-of-security-vulnerabilities
-miniTocMaxHeadingLevel: 3
-versions:
-  fpt: '*'
-  ghec: '*'
-type: overview
-topics:
-  - Security advisories
-  - Vulnerabilities
-shortTitle: Coordinated disclosure
----
-
-## About disclosing vulnerabilities in the industry
-
-{% data reusables.security-advisory.disclosing-vulnerabilities %}
-
-The initial report of a vulnerability is made privately, and the full details are only published once the maintainer has acknowledged the issue, and ideally made remediations or a patch available, sometimes with a delay to allow more time for the patches to be installed. For more information, see the "[OWASP Cheat Sheet Series about vulnerability disclosure](https://cheatsheetseries.owasp.org/cheatsheets/Vulnerability_Disclosure_Cheat_Sheet.html#commercial-and-open-source-software)" on the OWASP Cheat Sheet Series website.
-
-### Best practices for vulnerability reporters
-
-It's good practice to report vulnerabilities privately to maintainers. When possible, as a vulnerability reporter, we recommend you avoid:
-- Disclosing the vulnerability publicly without giving maintainers a chance to remediate.
-- Bypassing the maintainers.
-- Disclosing the vulnerability before a fixed version of the code is available.
-- Expecting to be compensated for reporting an issue, where no public bounty program exists.
-
-It's acceptable for vulnerability reporters to disclose a vulnerability publicly after a period of time, if they have tried to contact the maintainers and not received a response, or contacted them and been asked to wait too long to disclose it. 
-
-We recommend vulnerability reporters clearly state the terms of their disclosure policy as part of their reporting process. Even if the vulnerability reporter does not adhere to a strict policy, it's a good idea to set clear expectations for maintainers in terms of timelines on intended vulnerability disclosures. For an example of disclosure policy, see the "[Security Lab's disclosure policy](https://securitylab.github.com/advisories#policy)" on the GitHub Security Lab website.
-
-### Best practices for maintainers
-
-As a maintainer, it's good practice to clearly indicate how and where you want to receive reports for vulnerabilities. If this information is not clearly available, vulnerability reporters don't know how to contact you, and may resort to extracting developer email addresses from git commit histories to try to find an appropriate security contact. This can lead to friction, lost reports, or the publication of unresolved reports.
-
-Maintainers should disclose vulnerabilities in a timely manner. If there is a security vulnerability in your repository, we recommend you:
-- Treat the vulnerability as a security issue rather than a simple bug, both in your response and your disclosure. For example, you'll need to explicitly mention that the issue is a security vulnerability in the release notes.
-- Acknowledge receipt of the vulnerability report as quickly as possible, even if no immediate resources are available for investigation. This sends the message that you are quick to respond and act, and it sets a positive tone for the rest of the interaction between you and the vulnerability reporter.
-- Involve the vulnerability reporter when you verify the impact and veracity of the report. It's likely the vulnerability reporter has already spent time considering the vulnerability in a variety of scenarios, some of which you may have not considered yourself.
-- Remediate the issue in a way that you see fit, taking any concerns and advice provided by the vulnerability reporter into careful consideration. Often the vulnerability reporter will have knowledge of certain corner cases and remediation bypasses that are easy to miss without a security research background.
-- Always acknowledge the vulnerability reporter when you credit the discovery.
-- Aim to publish a fix as soon as you can.
-- Ensure that you make the wider ecosystem aware of the issue and its remediation when you disclose the vulnerability. It is not uncommon to see cases where a recognized security issue is fixed in the current development branch of a project, but the commit or subsequent release is not explicitly marked as a security fix or release. This can cause problems with downstream consumers.
-
-Publishing the details of a security vulnerability doesn't make maintainers look bad. Security vulnerabilities are present everywhere in software, and users will trust maintainers who have a clear and established process for disclosing security vulnerabilities in their code.
-
-## About reporting and disclosing vulnerabilities in projects on {% data variables.product.prodname_dotcom %}
-
-The process for reporting and disclosing vulnerabilities for projects on {% data variables.product.prodname_dotcom_the_website %} is as follows:
-
- If you are a vulnerability reporter (for example, a security researcher) who would like report a vulnerability, first check if there is a security policy for the related repository. For more information, see "[About security policies](/code-security/getting-started/adding-a-security-policy-to-your-repository#about-security-policies)." If there is one, follow it to understand the process before contacting the security team for that repository. 
- 
- If there isn't a security policy in place, the most efficient way to establish a private means of communication with maintainers is to create an issue asking for a preferred security contact. It's worth noting that the issue will be immediately publicly visible, so it should not include any information about the bug. Once communication is established, you can suggest the maintainers define a security policy for future use.
-
-{% note %}
-
-**Note**: _For npm only_ - If we receive a report of malware in an npm package, we try to contact you privately. If you don't address the issue in a timely manner, we will disclose it. For more information, see "[Reporting malware in an npm package](https://docs.npmjs.com/reporting-malware-in-an-npm-package)" on the npm Docs website.
-
-{% endnote %}
-
- If you've found a security vulnerability in {% data variables.product.prodname_dotcom_the_website %}, please report the vulnerability through our coordinated disclosure process. For more information, see the [{% data variables.product.prodname_dotcom %} Security Bug Bounty](https://bounty.github.com/) website.
-
- If you are a maintainer, you can take ownership of the process at the very beginning of the pipeline by setting up a security policy for your repository, or otherwise making security reporting instructions clearly available, for example in your project’s README file. For information about adding a security policy, see "[About security policies](/code-security/getting-started/adding-a-security-policy-to-your-repository#about-security-policies)." If there is no security policy, it's likely that a vulnerability reporter will try to email you or otherwise privately contact you. Alternatively, someone may open a (public) issue with details of a security issue.
-
- As a maintainer, to disclose a vulnerability in your code, you first create a draft security advisory in the package's repository in {% data variables.product.prodname_dotcom %}. {% data reusables.security-advisory.security-advisory-overview %} For more information, see "[About {% data variables.product.prodname_security_advisories %} for repositories](/code-security/repository-security-advisories/about-github-security-advisories-for-repositories)."
-
-
- To get started, see "[Creating a repository security advisory](/code-security/repository-security-advisories/creating-a-repository-security-advisory)."

content/code-security/security-advisories/global-security-advisories/about-global-security-advisories.md

@@ -0,0 +1,33 @@
+---
+title: About global security advisories
+intro: 'Global security database live in the {% data variables.product.prodname_advisory_database %}, which contains CVEs and {% data variables.product.company_short %}-originated security advisories affecting the open source world. You can contribute to improving global advisories.'
+versions:
+  fpt: '*'
+  ghec: '*'
+  ghes: '*'
+  ghae: '*'
+type: overview
+topics:
+  - Security advisories
+  - Alerts
+  - Vulnerabilities
+  - CVEs
+---
+
+## About global security advisories
+
+{% ifversion fpt or ghec %}There are two types of advisories: global security advisories and repository security advisories. For more information about repository security advisories, see "[About repository security advisories](/code-security/security-advisories/repository-security-advisories/about-repository-security-advisories)."{% endif %}
+
+Global security advisories are grouped into two categories: {% data variables.product.company_short %}-reviewed advisories and unreviewed advisories.
+- {% data variables.product.company_short %}-reviewed advisories are security vulnerabilities{% ifversion GH-advisory-db-supports-malware %} or malware{% endif %} that have been mapped to packages in ecosystems we support.
+- Unreviewed advisories are security vulnerabilites that we publish automatically into the {% data variables.product.prodname_advisory_database %}, directly from the National Vulnerability Database feed. 
+
+For more information about the {% data variables.product.prodname_advisory_database %}, see "[About the {% data variables.product.prodname_advisory_database %}](/code-security/security-advisories/global-security-advisories/about-the-github-advisory-database)."
+
+{% data reusables.security-advisory.global-advisories %}
+
+Every repository advisory is reviewed by the {% data variables.product.prodname_security %} curation team for consideration as a global advisory. We publish security advisories for any of the ecosystems supported by the dependency graph to the {% data variables.product.prodname_advisory_database %} on [github.com/advisories](https://github.com/advisories).
+
+You can access any advisory in the {% data variables.product.prodname_advisory_database %}. For more information, see "[Browsing security advisories in the GitHub Advisory Database](/code-security/security-advisories/global-security-advisories/browsing-security-advisories-in-the-github-advisory-database)."
+
+You can suggest improvements to any advisory in the {% data variables.product.prodname_advisory_database %}. For more information, see "[Editing security advisories in the {% data variables.product.prodname_advisory_database %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/editing-security-advisories-in-the-github-advisory-database)."

content/code-security/security-advisories/global-security-advisories/about-the-github-advisory-database.md

@@ -0,0 +1,82 @@
+---
+title: About the GitHub Advisory database
+intro: 'The {% data variables.product.prodname_advisory_database %} contains a list of known security vulnerabilities {% ifversion GH-advisory-db-supports-malware %}and malware, {% endif %}grouped in two categories: {% data variables.product.company_short %}-reviewed advisories and unreviewed advisories.'
+miniTocMaxHeadingLevel: 3
+versions:
+  fpt: '*'
+  ghec: '*'
+  ghes: '*'
+  ghae: '*'
+type: overview
+topics:
+  - Security advisories
+  - Alerts
+  - Vulnerabilities
+  - CVEs
+---
+
+## About the {% data variables.product.prodname_advisory_database %}
+
+{% data reusables.repositories.tracks-vulnerabilities %}
+
+## About types of security advisories
+
+{% data reusables.advisory-database.beta-malware-advisories %}
+
+Each advisory in the {% data variables.product.prodname_advisory_database %} is for a vulnerability in open source projects{% ifversion GH-advisory-db-supports-malware %} or for malicious open source software{% endif %}. 
+
+{% data reusables.repositories.a-vulnerability-is %} Vulnerabilities in code are usually introduced by accident and fixed soon after they are discovered. You should update your code to use the fixed version of the dependency as soon as it is available.
+
+{% ifversion GH-advisory-db-supports-malware %}
+
+In contrast, malicious software, or malware, is code that is intentionally designed to perform unwanted or harmful functions. The malware may target hardware, software, confidential data, or users of any application that uses the malware. You need to remove the malware from your project and find an alternative, more secure replacement for the dependency.
+
+{% endif %}
+
+### {% data variables.product.company_short %}-reviewed advisories
+
+{% data variables.product.company_short %}-reviewed advisories are security vulnerabilities{% ifversion GH-advisory-db-supports-malware %} or malware{% endif %} that have been mapped to packages in ecosystems we support. We carefully review each advisory for validity and ensure that they have a full description, and contain both ecosystem and package information.
+
+Generally, we name our supported ecosystems after the software programming language's associated package registry. We review advisories if they are for a vulnerability in a package that comes from a supported registry.
+
+- Composer (registry: https://packagist.org/){% ifversion GH-advisory-db-erlang-support %}
+- Erlang (registry: https://hex.pm/){% endif %}
+- Go (registry: https://pkg.go.dev/)
+{%- ifversion fpt or ghec or ghes > 3.6 or ghae > 3.6 %}
+- GitHub Actions (https://github.com/marketplace?type=actions/) {% endif %}
+- Maven (registry: https://repo.maven.apache.org/maven2)
+- npm (registry: https://www.npmjs.com/)
+- NuGet (registry: https://www.nuget.org/)
+- pip (registry: https://pypi.org/){% ifversion dependency-graph-dart-support %}
+- pub (registry: https://pub.dev/packages/registry){% endif %}
+- RubyGems (registry: https://rubygems.org/)
+- Rust (registry: https://crates.io/)
+
+If you have a suggestion for a new ecosystem we should support, please open an [issue](https://github.com/github/advisory-database/issues) for discussion.
+
+If you enable {% data variables.product.prodname_dependabot_alerts %} for your repositories, you are automatically notified when a new {% data variables.product.company_short %}-reviewed advisory reports a vulnerability {% ifversion GH-advisory-db-supports-malware %}or malware{% endif %} for a package you depend on. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)."
+
+### Unreviewed advisories
+
+Unreviewed advisories are security vulnerabilites that we publish automatically into the {% data variables.product.prodname_advisory_database %}, directly from the National Vulnerability Database feed. 
+
+{% data variables.product.prodname_dependabot %} doesn't create {% data variables.product.prodname_dependabot_alerts %} for unreviewed advisories as this type of advisory isn't checked for validity or completion.
+
+## About information in security advisories
+
+Each security advisory contains information about the vulnerability{% ifversion GH-advisory-db-supports-malware %} or malware,{% endif %} which may include the description, severity, affected package, package ecosystem, affected versions and patched versions, impact, and optional information such as references, workarounds, and credits. In addition, advisories from the National Vulnerability Database list contain a link to the CVE record, where you can read more details about the vulnerability, its CVSS scores, and its qualitative severity level. For more information, see the "[National Vulnerability Database](https://nvd.nist.gov/)" from the National Institute of Standards and Technology.
+
+The severity level is one of four possible levels defined in the "[Common Vulnerability Scoring System (CVSS), Section 5](https://www.first.org/cvss/specification-document)."
+- Low
+- Medium/Moderate
+- High
+- Critical
+
+The {% data variables.product.prodname_advisory_database %} uses the CVSS levels described above. If {% data variables.product.company_short %} obtains a CVE, the {% data variables.product.prodname_advisory_database %} uses CVSS version 3.1. If the CVE is imported, the {% data variables.product.prodname_advisory_database %} supports both CVSS versions 3.0 and 3.1.
+
+{% data reusables.repositories.github-security-lab %}
+
+## Further reading
+
+- "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/dependabot/dependabot-alerts/about-dependabot-alerts)"
+- MITRE's [definition of "vulnerability"](https://www.cve.org/ResourcesSupport/Glossary#vulnerability)

content/code-security/security-advisories/global-security-advisories/browsing-security-advisories-in-the-github-advisory-database.md

@@ -8,6 +8,7 @@ redirect_from:
   - /code-security/supply-chain-security/browsing-security-vulnerabilities-in-the-github-advisory-database
   - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/browsing-security-vulnerabilities-in-the-github-advisory-database
   - /code-security/dependabot/dependabot-alerts/browsing-security-vulnerabilities-in-the-github-advisory-database
+  - /code-security/dependabot/dependabot-alerts/browsing-security-advisories-in-the-github-advisory-database
 versions:
   fpt: '*'
   ghec: '*'
@@ -23,71 +24,10 @@ topics:
 ---
 <!--Marketing-LINK: From /features/security/software-supply-chain page "Browsing security vulnerabilities in the GitHub Advisory Database".-->
 
-## About the {% data variables.product.prodname_advisory_database %}
-
-The {% data variables.product.prodname_advisory_database %} contains a list of known security vulnerabilities {% ifversion GH-advisory-db-supports-malware %}and malware, {% endif %}grouped in two categories: {% data variables.product.company_short %}-reviewed advisories and unreviewed advisories.
-
-{% data reusables.repositories.tracks-vulnerabilities %}
-
-## About types of security advisories
-
-{% data reusables.advisory-database.beta-malware-advisories %}
-
-Each advisory in the {% data variables.product.prodname_advisory_database %} is for a vulnerability in open source projects{% ifversion GH-advisory-db-supports-malware %} or for malicious open source software{% endif %}. 
-
-{% data reusables.repositories.a-vulnerability-is %} Vulnerabilities in code are usually introduced by accident and fixed soon after they are discovered. You should update your code to use the fixed version of the dependency as soon as it is available.
-
-{% ifversion GH-advisory-db-supports-malware %}
-
-In contrast, malicious software, or malware, is code that is intentionally designed to perform unwanted or harmful functions. The malware may target hardware, software, confidential data, or users of any application that uses the malware. You need to remove the malware from your project and find an alternative, more secure replacement for the dependency.
-
-{% endif %}
-
-### {% data variables.product.company_short %}-reviewed advisories
-
-{% data variables.product.company_short %}-reviewed advisories are security vulnerabilities{% ifversion GH-advisory-db-supports-malware %} or malware{% endif %} that have been mapped to packages in ecosystems we support. We carefully review each advisory for validity and ensure that they have a full description, and contain both ecosystem and package information.
-
-Generally, we name our supported ecosystems after the software programming language's associated package registry. We review advisories if they are for a vulnerability in a package that comes from a supported registry.
-
-- Composer (registry: https://packagist.org/){% ifversion GH-advisory-db-erlang-support %}
-- Erlang (registry: https://hex.pm/){% endif %}
-- Go (registry: https://pkg.go.dev/)
-{%- ifversion fpt or ghec or ghes > 3.6 or ghae > 3.6 %}
-- GitHub Actions (https://github.com/marketplace?type=actions/) {% endif %}
-- Maven (registry: https://repo.maven.apache.org/maven2)
-- npm (registry: https://www.npmjs.com/)
-- NuGet (registry: https://www.nuget.org/)
-- pip (registry: https://pypi.org/){% ifversion dependency-graph-dart-support %}
-- pub (registry: https://pub.dev/packages/registry){% endif %}
-- RubyGems (registry: https://rubygems.org/)
-- Rust (registry: https://crates.io/)
-
-If you have a suggestion for a new ecosystem we should support, please open an [issue](https://github.com/github/advisory-database/issues) for discussion.
-
-If you enable {% data variables.product.prodname_dependabot_alerts %} for your repositories, you are automatically notified when a new {% data variables.product.company_short %}-reviewed advisory reports a vulnerability {% ifversion GH-advisory-db-supports-malware %}or malware{% endif %} for a package you depend on. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)."
-
-### Unreviewed advisories
-
-Unreviewed advisories are security vulnerabilites that we publish automatically into the {% data variables.product.prodname_advisory_database %}, directly from the National Vulnerability Database feed. 
-
-{% data variables.product.prodname_dependabot %} doesn't create {% data variables.product.prodname_dependabot_alerts %} for unreviewed advisories as this type of advisory isn't checked for validity or completion.
-
-## About information in security advisories
-
-Each security advisory contains information about the vulnerability{% ifversion GH-advisory-db-supports-malware %} or malware,{% endif %} which may include the description, severity, affected package, package ecosystem, affected versions and patched versions, impact, and optional information such as references, workarounds, and credits. In addition, advisories from the National Vulnerability Database list contain a link to the CVE record, where you can read more details about the vulnerability, its CVSS scores, and its qualitative severity level. For more information, see the "[National Vulnerability Database](https://nvd.nist.gov/)" from the National Institute of Standards and Technology.
-
-The severity level is one of four possible levels defined in the "[Common Vulnerability Scoring System (CVSS), Section 5](https://www.first.org/cvss/specification-document)."
-- Low
-- Medium/Moderate
-- High
-- Critical
-
-The {% data variables.product.prodname_advisory_database %} uses the CVSS levels described above. If {% data variables.product.company_short %} obtains a CVE, the {% data variables.product.prodname_advisory_database %} uses CVSS version 3.1. If the CVE is imported, the {% data variables.product.prodname_advisory_database %} supports both CVSS versions 3.0 and 3.1.
-
-{% data reusables.repositories.github-security-lab %}
-
 ## Accessing an advisory in the {% data variables.product.prodname_advisory_database %}
 
+You can access any advisory in the {% data variables.product.prodname_advisory_database %}.
+
 1. Navigate to https://github.com/advisories.
 2. Optionally, to filter the list, use any of the drop-down menus.
   ![Dropdown filters](/assets/images/help/security/advisory-database-dropdown-filters.png)
@@ -182,7 +122,3 @@ In the local advisory database, you can see which repositories are affected by e
 5. For more details about the advisory, and for advice on how to fix the vulnerable repository, click the repository name.
 
 {% endif %}
-
-## Further reading
-
-- MITRE's [definition of "vulnerability"](https://www.cve.org/ResourcesSupport/Glossary#vulnerability)

content/code-security/security-advisories/global-security-advisories/editing-security-advisories-in-the-github-advisory-database.md

@@ -4,6 +4,7 @@ intro: 'You can submit improvements to any advisory published in the {% data var
 redirect_from:
   - /code-security/security-advisories/editing-security-advisories-in-the-github-advisory-database
   - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/editing-security-advisories-in-the-github-advisory-database
+  - /code-security/dependabot/dependabot-alerts/editing-security-advisories-in-the-github-advisory-database
 versions:
   fpt: '*'
   ghec: '*'
@@ -19,12 +20,14 @@ topics:
 shortTitle: Edit Advisory Database
 ---
 
-## About editing advisories in the {% data variables.product.prodname_advisory_database %}
-Security advisories in the {% data variables.product.prodname_advisory_database %} at [github.com/advisories](https://github.com/advisories) are considered global advisories. Anyone can suggest improvements on any global security advisory in the {% data variables.product.prodname_advisory_database %}. You can edit or add any detail, including additionally affected ecosystems, severity level or description of who is impacted. The {% data variables.product.prodname_security %} curation team will review the submitted improvements and publish them onto the {% data variables.product.prodname_advisory_database %} if accepted.
+## Editing advisories in the {% data variables.product.prodname_advisory_database %}
+
+The advisories in the {% data variables.product.prodname_advisory_database %} are global security advisories. For more information about global security advisories, see "[About global security advisories](/code-security/security-advisories/global-security-advisories/about-global-security-advisories)."
+
+Anyone can suggest improvements on any global security advisory in the {% data variables.product.prodname_advisory_database %}. You can edit or add any detail, including additionally affected ecosystems, severity level or description of who is impacted. The {% data variables.product.prodname_security %} curation team will review the submitted improvements and publish them onto the {% data variables.product.prodname_advisory_database %} if accepted.
 {% ifversion fpt or ghec %}
 Only repository owners and administrators can edit repository-level security advisories. For more information, see "[Editing a repository security advisory](/code-security/security-advisories/editing-a-security-advisory)."{% endif %}
 
-## Editing advisories in the GitHub Advisory Database
 
 1. Navigate to https://github.com/advisories.
 1. Select the security advisory you would like to contribute to.

content/code-security/security-advisories/global-security-advisories/index.md

@@ -0,0 +1,21 @@
+---
+title: Working with global security advisories from the GitHub Advisory Database
+shortTitle: Global security advisories
+intro: 'Browse the {% data variables.product.prodname_advisory_database %} and submit improvements to any global security advisory.'
+versions:
+  fpt: '*'
+  ghes: '*'
+  ghae: '*'
+  ghec: '*'
+topics:
+  - Security advisories
+  - Vulnerabilities
+  - Repositories
+  - CVEs
+children:
+  - /about-the-github-advisory-database
+  - /about-global-security-advisories
+  - /browsing-security-advisories-in-the-github-advisory-database
+  - /editing-security-advisories-in-the-github-advisory-database
+---
+

content/code-security/security-advisories/guidance-on-reporting-and-writing/best-practices-for-writing-repository-security-advisories.md

@@ -10,6 +10,8 @@ topics:
   - Security advisories
   - Vulnerabilities
 shortTitle: Best practices
+redirect_from:
+  - /code-security/repository-security-advisories/best-practices-for-writing-repository-security-advisories
 ---
 
 Anyone with admin permissions to a repository can create and edit a security advisory.
@@ -18,7 +20,7 @@ Anyone with admin permissions to a repository can create and edit a security adv
 
 ## About security advisories for repositories
 
-{% data reusables.security-advisory.security-advisory-overview %} For more information, see "[About GitHub Security Advisories for repositories](/code-security/repository-security-advisories/about-github-security-advisories-for-repositories)."
+{% data reusables.security-advisory.security-advisory-overview %} For more information, see "[About repository security advisories](/code-security/repository-security-advisories/about-github-security-advisories-for-repositories)."
 
 ## Best practices
 

content/code-security/security-advisories/guidance-on-reporting-and-writing/index.md

@@ -0,0 +1,16 @@
+---
+title: Guidance on reporting and writing information about vulnerabilities
+shortTitle: Guidance on reporting and writing
+intro: Best practices for writing security advisories and managing privately reported security vulnerabilities.
+versions:
+  fpt: '*'
+  ghec: '*'
+topics:
+  - Security advisories
+  - Vulnerabilities
+  - Repositories
+  - CVEs
+children:
+  - /best-practices-for-writing-repository-security-advisories
+---
+

content/code-security/security-advisories/index.md

@@ -0,0 +1,19 @@
+---
+title: Working with security advisories
+shortTitle: Security advisories
+intro: 'Learn how to work with security advisories on {% data variables.product.prodname_dotcom %},{% ifversion fpt or ghec %} whether you want to contribute to an existing global advisory, or create a security advisory for a repository,{% endif %} improving collaboration between repository maintainers and security researchers.'
+versions:
+  fpt: '*'
+  ghec: '*'
+  ghes: '*'
+  ghae: '*'
+topics:
+  - Security advisories
+  - Vulnerabilities
+  - Repositories
+  - CVEs
+children:
+- /global-security-advisories
+- /repository-security-advisories
+- /guidance-on-reporting-and-writing
+---

content/code-security/security-advisories/repository-security-advisories/about-coordinated-disclosure-of-security-vulnerabilities.md

@@ -3,6 +3,7 @@ title: About coordinated disclosure of security vulnerabilities
 intro: Vulnerability disclosure is a coordinated effort between security reporters and repository maintainers.
 redirect_from:
   - /code-security/security-advisories/about-coordinated-disclosure-of-security-vulnerabilities
+  - /code-security/repository-security-advisories/about-coordinated-disclosure-of-security-vulnerabilities
 miniTocMaxHeadingLevel: 3
 versions:
   fpt: '*'
@@ -65,7 +66,7 @@ The process for reporting and disclosing vulnerabilities for projects on {% data
 
  If you are a maintainer, you can take ownership of the process at the very beginning of the pipeline by setting up a security policy for your repository, or otherwise making security reporting instructions clearly available, for example in your project’s README file. For information about adding a security policy, see "[About security policies](/code-security/getting-started/adding-a-security-policy-to-your-repository#about-security-policies)." If there is no security policy, it's likely that a vulnerability reporter will try to email you or otherwise privately contact you. Alternatively, someone may open a (public) issue with details of a security issue.
 
- As a maintainer, to disclose a vulnerability in your code, you first create a draft security advisory in the package's repository in {% data variables.product.prodname_dotcom %}. {% data reusables.security-advisory.security-advisory-overview %} For more information, see "[About {% data variables.product.prodname_security_advisories %} for repositories](/code-security/repository-security-advisories/about-github-security-advisories-for-repositories)."
+ As a maintainer, to disclose a vulnerability in your code, you first create a draft security advisory in the package's repository in {% data variables.product.prodname_dotcom %}. {% data reusables.security-advisory.security-advisory-overview %} For more information, see "[About repository security advisories](/code-security/repository-security-advisories/about-github-security-advisories-for-repositories)."
 
 
  To get started, see "[Creating a repository security advisory](/code-security/repository-security-advisories/creating-a-repository-security-advisory)."

content/code-security/security-advisories/repository-security-advisories/about-repository-security-advisories.md

@@ -1,11 +1,13 @@
 ---
-title: About GitHub Security Advisories for repositories
-intro: 'You can use {% data variables.product.prodname_security_advisories %} to privately discuss, fix, and publish information about security vulnerabilities in your repository.'
+title: About repository security advisories
+intro: 'You can use repository security advisories to privately discuss, fix, and publish information about security vulnerabilities in your repository.'
+shortTitle: About repository security advisories
 redirect_from:
   - /articles/about-maintainer-security-advisories
   - /github/managing-security-vulnerabilities/about-maintainer-security-advisories
   - /github/managing-security-vulnerabilities/about-github-security-advisories
   - /code-security/security-advisories/about-github-security-advisories
+  - /code-security/repository-security-advisories/about-github-security-advisories-for-repositories
 versions:
   fpt: '*'
   ghec: '*'
@@ -14,20 +16,19 @@ topics:
   - Security advisories
   - Vulnerabilities
   - CVEs
-shortTitle: Repository security advisories
 ---
 
 {% data reusables.repositories.security-advisory-admin-permissions %}
 
 {% data reusables.security-advisory.security-researcher-cannot-create-advisory %}
 
-## About {% data variables.product.prodname_security_advisories %}
+## About repository security advisories
 
 {% data reusables.security-advisory.disclosing-vulnerabilities %} For more information, see "[About coordinated disclosure of security vulnerabilities](/code-security/repository-security-advisories/about-coordinated-disclosure-of-security-vulnerabilities)."
 
 {% data reusables.security-advisory.security-advisory-overview %}
 
-With {% data variables.product.prodname_security_advisories %}, you can:
+With repository security advisories, you can:
 
 1. Create a draft security advisory, and use the draft to privately discuss the impact of the vulnerability on your project. For more information, see "[Creating a repository security advisory](/code-security/repository-security-advisories/creating-a-repository-security-advisory)."
 2. Privately collaborate to fix the vulnerability in a temporary private fork.

content/code-security/security-advisories/repository-security-advisories/adding-a-collaborator-to-a-repository-security-advisory.md

@@ -6,6 +6,7 @@ redirect_from:
   - /github/managing-security-vulnerabilities/adding-a-collaborator-to-a-maintainer-security-advisory
   - /github/managing-security-vulnerabilities/adding-a-collaborator-to-a-security-advisory
   - /code-security/security-advisories/adding-a-collaborator-to-a-security-advisory
+  - /code-security/repository-security-advisories/adding-a-collaborator-to-a-repository-security-advisory
 versions:
   fpt: '*'
   ghec: '*'

content/code-security/security-advisories/repository-security-advisories/collaborating-in-a-temporary-private-fork-to-resolve-a-repository-security-vulnerability.md

@@ -5,6 +5,7 @@ redirect_from:
   - /articles/collaborating-in-a-temporary-private-fork-to-resolve-a-security-vulnerability
   - /github/managing-security-vulnerabilities/collaborating-in-a-temporary-private-fork-to-resolve-a-security-vulnerability
   - /code-security/security-advisories/collaborating-in-a-temporary-private-fork-to-resolve-a-security-vulnerability
+  - /code-security/repository-security-advisories/collaborating-in-a-temporary-private-fork-to-resolve-a-repository-security-vulnerability
 versions:
   fpt: '*'
   ghec: '*'

content/code-security/security-advisories/repository-security-advisories/creating-a-repository-security-advisory.md

@@ -6,6 +6,7 @@ redirect_from:
   - /github/managing-security-vulnerabilities/creating-a-maintainer-security-advisory
   - /github/managing-security-vulnerabilities/creating-a-security-advisory
   - /code-security/security-advisories/creating-a-security-advisory
+  - /code-security/repository-security-advisories/creating-a-repository-security-advisory
 versions:
   fpt: '*'
   ghec: '*'

content/code-security/security-advisories/repository-security-advisories/editing-a-repository-security-advisory.md

@@ -4,6 +4,7 @@ intro: You can edit the metadata and description for a repository security advis
 redirect_from:
   - /github/managing-security-vulnerabilities/editing-a-security-advisory
   - /code-security/security-advisories/editing-a-security-advisory
+  - /code-security/repository-security-advisories/editing-a-repository-security-advisory
 versions:
   fpt: '*'
   ghec: '*'

content/code-security/security-advisories/repository-security-advisories/index.md

@@ -1,11 +1,11 @@
 ---
-title: Managing repository security advisories for vulnerabilities in your project
+title: Working with repository security advisories
 shortTitle: Repository security advisories
 intro: 'Discuss, fix, and disclose security vulnerabilities in your repositories using repository security advisories.'
 redirect_from:
   - /articles/managing-security-vulnerabilities-in-your-project
   - /github/managing-security-vulnerabilities/managing-security-vulnerabilities-in-your-project
-  - /code-security/security-advisories
+  - /code-security/repository-security-advisories
 versions:
   fpt: '*'
   ghec: '*'
@@ -16,15 +16,14 @@ topics:
   - CVEs
 children:
   - /about-coordinated-disclosure-of-security-vulnerabilities
-  - /about-github-security-advisories-for-repositories
+  - /about-repository-security-advisories
   - /permission-levels-for-repository-security-advisories
   - /creating-a-repository-security-advisory
-  - /adding-a-collaborator-to-a-repository-security-advisory
-  - /removing-a-collaborator-from-a-repository-security-advisory
+  - /editing-a-repository-security-advisory
   - /collaborating-in-a-temporary-private-fork-to-resolve-a-repository-security-vulnerability
   - /publishing-a-repository-security-advisory
-  - /editing-a-repository-security-advisory
+  - /adding-a-collaborator-to-a-repository-security-advisory
+  - /removing-a-collaborator-from-a-repository-security-advisory
   - /withdrawing-a-repository-security-advisory
-  - /best-practices-for-writing-repository-security-advisories
 ---
 

content/code-security/security-advisories/repository-security-advisories/permission-levels-for-repository-security-advisories.md

@@ -6,6 +6,7 @@ redirect_from:
   - /github/managing-security-vulnerabilities/permission-levels-for-maintainer-security-advisories
   - /github/managing-security-vulnerabilities/permission-levels-for-security-advisories
   - /code-security/security-advisories/permission-levels-for-security-advisories
+  - /code-security/repository-security-advisories/permission-levels-for-repository-security-advisories
 versions:
   fpt: '*'
   ghec: '*'

content/code-security/security-advisories/repository-security-advisories/publishing-a-repository-security-advisory.md

@@ -6,6 +6,7 @@ redirect_from:
   - /github/managing-security-vulnerabilities/publishing-a-maintainer-security-advisory
   - /github/managing-security-vulnerabilities/publishing-a-security-advisory
   - /code-security/security-advisories/publishing-a-security-advisory
+  - /code-security/repository-security-advisories/publishing-a-repository-security-advisory
 versions:
   fpt: '*'
   ghec: '*'
@@ -82,7 +83,7 @@ Publishing a security advisory deletes the temporary private fork for the securi
 
 ## Requesting a CVE identification number (Optional)
 
-{% data reusables.repositories.request-security-advisory-cve-id %} For more information, see "[About {% data variables.product.prodname_security_advisories %} for repositories](/code-security/repository-security-advisories/about-github-security-advisories-for-repositories#cve-identification-numbers)."
+{% data reusables.repositories.request-security-advisory-cve-id %} For more information, see "[About repository security advisories](/code-security/repository-security-advisories/about-github-security-advisories-for-repositories#cve-identification-numbers)."
 
 {% data reusables.repositories.navigate-to-repo %}
 {% data reusables.repositories.sidebar-security %}

content/code-security/security-advisories/repository-security-advisories/removing-a-collaborator-from-a-repository-security-advisory.md

@@ -4,6 +4,7 @@ intro: 'When you remove a collaborator from a repository security advisory, they
 redirect_from:
   - /github/managing-security-vulnerabilities/removing-a-collaborator-from-a-security-advisory
   - /code-security/security-advisories/removing-a-collaborator-from-a-security-advisory
+  - /code-security/repository-security-advisories/removing-a-collaborator-from-a-repository-security-advisory
 versions:
   fpt: '*'
   ghec: '*'

content/code-security/security-advisories/repository-security-advisories/withdrawing-a-repository-security-advisory.md

@@ -4,6 +4,7 @@ intro: You can withdraw a repository security advisory that you've published.
 redirect_from:
   - /github/managing-security-vulnerabilities/withdrawing-a-security-advisory
   - /code-security/security-advisories/withdrawing-a-security-advisory
+  - /code-security/repository-security-advisories/withdrawing-a-repository-security-advisory
 versions:
   fpt: '*'
   ghec: '*'

content/code-security/security-overview/about-the-security-overview.md

@@ -67,17 +67,23 @@ The security overview displays active alerts raised by security features. If the
 
 At the organization-level, the security overview displays aggregate and repository-specific security information for repositories owned by your organization. You can filter information by security features at the organization-level.
 
+Organization owners and security managers for organizations have access to the organization-level security overview. {% ifversion ghec or ghes > 3.6 or ghae > 3.6 %}Organization members can access the organization-level security overview to view results for repositories where they have admin privileges or have been granted access to security alerts. For more information on managing security alert access, see "[Managing security and analysis settings for your repository](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository)".{% endif %}
+
 {% ifversion ghec or ghes > 3.4 or ghae > 3.4 %}
 ### About the enterprise-level security overview
 At the enterprise-level, the security overview displays aggregate and repository-specific security information for your enterprise. You can view repositories owned by your enterprise that have security alerts, view all security alerts, or security feature-specific alerts from across your enterprise.
 
-Organization owners and security managers for organizations in your enterprise also have limited access to the enterprise-level security overview. They can only view repositories and alerts for the organizations that they have full access to.
+Organization owners and security managers for organizations in your enterprise have access to the enterprise-level security overview. They can view repositories and alerts for the organizations that they have full access to.
+
+Enterprise owners can only see alerts for organizations that they are an owner or a security manager of.{% ifversion ghec or ghes > 3.5 or ghae > 3.5 %} Enterprise owners can join an organization as an organization owner to see all of its alerts in the enterprise-level security overview. For more information, see "[Managing your role in an organization owned by your enterprise](/admin/user-management/managing-organizations-in-your-enterprise/managing-your-role-in-an-organization-owned-by-your-enterprise)."{% endif %}
 
 {% elsif fpt %}
 ### About the enterprise-level security overview
 At the enterprise-level, the security overview displays aggregate and repository-specific information for an enterprise. For more information, see "[About the enterprise-level security overview](/enterprise-cloud@latest/code-security/security-overview/about-the-security-overview#about-the-enterprise-level-security-overview)" in the {% data variables.product.prodname_ghe_cloud %} documentation.
 {% endif %}
 
+{% ifversion ghes < 3.7 or ghae < 3.7 %}
 ### About the team-level security overview
 At the team-level, the security overview displays repository-specific security information for repositories that the team has admin privileges for. For more information, see "[Managing team access to an organization repository](/organizations/managing-access-to-your-organizations-repositories/managing-team-access-to-an-organization-repository)."
 {% endif %}
+{% endif %}

content/codespaces/codespaces-reference/allowing-your-codespace-to-access-a-private-image-registry.md

@@ -29,7 +29,7 @@ If you publish a container image to {% data variables.packages.prodname_ghcr_or_
 
 By default, when you publish a container image to {% data variables.packages.prodname_ghcr_or_npm_registry %}, the image inherits the access setting of the repository from which the image was published. For example, if the repository is public, the image is also public. If the repository is private, the image is also private, but is accessible from the repository.
 
-This behavior is controlled by the **Inherit access from repo** option. **Inherit access from repo** is selected by default when publishing via {% data variables.product.prodname_actions %}, but not when publishing directly to {% data variables.packages.prodname_ghcr_or_npm_registry %} using a % data variables.product.pat_generic %}.
+This behavior is controlled by the **Inherit access from repo** option. **Inherit access from repo** is selected by default when publishing via {% data variables.product.prodname_actions %}, but not when publishing directly to {% data variables.packages.prodname_ghcr_or_npm_registry %} using a {% data variables.product.pat_generic %}.
 
 If the **Inherit access from repo** option was not selected when the image was published, you can manually add the repository to the published container image's access controls. For more information, see "[Configuring a package's access control and visibility](/packages/learn-github-packages/configuring-a-packages-access-control-and-visibility#inheriting-access-for-a-container-image-from-a-repository)."
 

content/codespaces/guides.md

@@ -14,6 +14,8 @@ includeGuides:
   - /codespaces/setting-up-your-project-for-codespaces/setting-up-your-python-project-for-codespaces
   - /codespaces/setting-up-your-project-for-codespaces/setting-up-your-dotnet-project-for-codespaces
   - /codespaces/setting-up-your-project-for-codespaces/setting-up-your-java-project-for-codespaces
+  - /codespaces/setting-up-your-project-for-codespaces/setting-a-minimum-specification-for-codespace-machines
+  - /codespaces/setting-up-your-project-for-codespaces/automatically-opening-files-in-the-codespaces-for-a-repository
   - /codespaces/setting-up-your-project-for-codespaces/adding-a-codespaces-badge
   - /codespaces/setting-up-your-codespace/configuring-codespaces-for-your-project
   - /codespaces/setting-up-your-codespace/personalizing-codespaces-for-your-account

content/codespaces/setting-up-your-project-for-codespaces/automatically-opening-files-in-the-codespaces-for-a-repository.md

@@ -0,0 +1,50 @@
+---
+title: Automatically opening files in the codespaces for a repository
+shortTitle: Automatically opening files
+intro: 'You can set particular files to be opened automatically whenever someone creates a codespace for your repository and opens the codespace in the {% data variables.product.prodname_vscode %} web client.'
+permissions: People with write permissions to a repository can create or edit the codespace configuration.
+versions:
+  fpt: '*'
+  ghec: '*'
+type: how_to
+topics:
+  - Codespaces
+  - Set up
+---
+
+## Overview
+
+If there's a particular file that's useful for people to see when they create a codespace for your repository, you can set this file to be opened automatically in the {% data variables.product.prodname_vscode_shortname %} web client. You set this up in the dev container configuration file for your repository. 
+
+The file, or files, you specify are only opened the first time a codespace is opened in the web client. If the person closes the specified files, those files are not automatically reopened the next time that person opens or restarts the codespace.
+
+{% note %}
+
+**Note**: This automation only applies to the {% data variables.product.prodname_vscode_shortname %} web client, not to the {% data variables.product.prodname_vscode_shortname %} desktop application, or other supported editors.
+
+{% endnote %}
+
+## Setting files to be opened automatically
+
+{% data reusables.codespaces.edit-devcontainer-json %}
+1. Edit the `devcontainer.json` file, adding a `customizations.codespaces.openFiles` property. The `customizations` property resides at the top level of the file, within the enclosing JSON object. For example:
+
+   ```json{:copy}
+   "customizations": {
+     "codespaces": {
+       "openFiles": [
+         "README.md",
+         "scripts/tsconfig.json",
+         "docs/main/CODING_STANDARDS.md"
+       ]
+     }
+   }
+   ```
+
+   The value of the `openFiles` property is an array of one or more files in your repository. The paths are relative to the root of the repository (absolute paths are not supported). The files are opened in the web client in the order specified, with the first file in the array displayed in the editor.
+   
+1. Save the file and commit your changes to the required branch of the repository.
+
+## Further reading
+
+- "[Introduction to dev containers](/codespaces/setting-up-your-project-for-codespaces/introduction-to-dev-containers)"

content/codespaces/setting-up-your-project-for-codespaces/index.md

@@ -16,6 +16,7 @@ children:
   - /setting-up-your-java-project-for-codespaces
   - /setting-up-your-python-project-for-codespaces
   - /setting-a-minimum-specification-for-codespace-machines
+  - /automatically-opening-files-in-the-codespaces-for-a-repository
   - /adding-a-codespaces-badge
 ---
 

content/codespaces/setting-up-your-project-for-codespaces/setting-a-minimum-specification-for-codespace-machines.md

@@ -26,8 +26,8 @@ If your project needs a certain level of compute power, you can configure {% dat
 
 ## Setting a minimum machine specification
 
-1. {% data variables.product.prodname_github_codespaces %} for your repository are configured in a `devcontainer.json` file. If your repository does not already contain a `devcontainer.json` file, add one now. See "[Add a dev container configuration to your repository](/free-pro-team@latest/codespaces/setting-up-your-project-for-codespaces/setting-up-your-project-for-codespaces)."
-1. Edit the `devcontainer.json` file, adding a `hostRequirements` property such as this:
+{% data reusables.codespaces.edit-devcontainer-json %}
+1. Edit the `devcontainer.json` file, adding the `hostRequirements` property at the top level of the file, within the enclosing JSON object. For example:
 
    ```json{:copy}
    "hostRequirements": {

content/packages/working-with-a-github-packages-registry/working-with-the-npm-registry.md

@@ -142,14 +142,14 @@ You can use `publishConfig` element in the *package.json* file to specify the re
   {% endif %}
   ```shell
   "publishConfig": {
-    "registry":"https://{% ifversion fpt or ghec %}npm.pkg.github.com{% else %}npm.HOSTNAME/{% endif %}"
+    "registry": "https://{% ifversion fpt or ghec %}npm.pkg.github.com{% else %}npm.HOSTNAME/{% endif %}"
   },
   ```
   {% ifversion ghes %}
   If your instance has subdomain isolation disabled:
    ```shell
    "publishConfig": {
-     "registry":"https://HOSTNAME/_registry/npm/"
+     "registry": "https://HOSTNAME/_registry/npm/"
    },
   ```
   {% endif %}

content/repositories/creating-and-managing-repositories/renaming-a-repository.md

@@ -22,7 +22,7 @@ When you rename a repository, all existing information, with the exception of pr
 
 For more information on project sites, see "[About {% data variables.product.prodname_pages %}](/pages/getting-started-with-github-pages/about-github-pages#types-of-github-pages-sites)."
 
-In addition to redirecting web traffic, all `git clone`, `git fetch`, or `git push` operations targeting the previous location will continue to function as if made on the new location. However, to reduce confusion, we strongly recommend updating any existing local clones to point to the new repository URL. You can do this by using  `git remote` on the command line:
+In addition to redirecting web traffic, all `git clone`, `git fetch`, or `git push` operations targeting the previous location will continue to function as if made on the new location. However, to reduce confusion, we strongly recommend updating any existing local clones to point to the new repository URL. You can do this by using `git remote` on the command line:
 
 ```shell
 $ git remote set-url origin NEW_URL
@@ -44,7 +44,7 @@ If you plan to rename a repository that has a {% data variables.product.prodname
 
 {% warning %}
 
-**Warning**: If you create a new repository under your account in the future, do not reuse the original name of the renamed repository. If you do, redirects to the renamed repository will break.
+**Warning**: If you create a new repository under your account in the future, do not reuse the original name of the renamed repository. If you do, redirects to the renamed repository will no longer work.
 
 {% endwarning %}
 

content/repositories/creating-and-managing-repositories/transferring-a-repository.md

@@ -51,6 +51,12 @@ When you transfer a repository, its issues, pull requests, wiki, stars, and watc
   $ git remote set-url origin NEW_URL
   ```
 
+  {% warning %}
+
+  **Warning**: If you create a new repository under your account in the future, do not reuse the original name of the transferred repository. If you do, redirects to the transferred repository will no longer work.
+
+  {% endwarning %}
+
 - When you transfer a repository from an organization to a personal account, the repository's read-only collaborators will not be transferred. This is because collaborators can't have read-only access to repositories owned by a personal account. For more information about repository permission levels, see "[Permission levels for a personal account repository](/github/setting-up-and-managing-your-github-user-account/permission-levels-for-a-user-account-repository)" and "[Repository roles for an organization](/organizations/managing-access-to-your-organizations-repositories/repository-roles-for-an-organization)."{% ifversion fpt or ghec %}
 - Sponsors who have access to the repository through a sponsorship tier may be affected. For more information, see "[Adding a repository to a sponsorship tier](/sponsors/receiving-sponsorships-through-github-sponsors/managing-your-sponsorship-tiers#adding-a-repository-to-a-sponsorship-tier)".{% endif %}
 

content/rest/guides/traversing-with-pagination.md

@@ -12,6 +12,7 @@ versions:
 topics:
   - API
 shortTitle: Traverse with pagination
+miniTocMaxHeadingLevel: 3
 ---
 
 The {% ifversion fpt or ghec %}{% data variables.product.prodname_dotcom %}{% else %}{% data variables.product.product_name %}{% endif %} API provides a vast wealth of information for developers to consume.
@@ -24,10 +25,13 @@ in the [platform-samples][platform samples] repository.
 
 {% data reusables.rest-api.dotcom-only-guide-note %}
 
+
+
 ## Basics of Pagination
 
 To start with, it's important to know a few facts about receiving paginated items:
 
+
 1. Different API calls respond with different defaults. For example, a call to
 [List public repositories](/rest/reference/repos#list-public-repositories)
 provides paginated items in sets of 30, whereas a call to the GitHub Search API
@@ -37,55 +41,127 @@ provides items in sets of 100
 [events](/rest/reference/activity#events) won't let you set a maximum for items to receive.
 Be sure to read the documentation on how to handle paginated results for specific endpoints.
 
-Information about pagination is provided in [the Link header](https://datatracker.ietf.org/doc/html/rfc5988)
-of an API call. For example, let's make a curl request to the search API, to find
-out how many times Mozilla projects use the phrase `addClass`:
+{% note %}
+
+**Note**: You should always rely on URLs included in the link header. Don't try to guess or construct your own URLs.
+
+{% endnote %}
+
+
+### Link header
+
+The response header includes information about pagination. For more information about headers, see "[Getting started with the REST API](/rest/guides/getting-started-with-the-rest-api#about-the-response-code-and-headers)." To get the response header, include the `-I` flag in your request. For example:
+
+```shell 
+$ curl -I -H "Accept: application/vnd.github+json" -H "Authorization: Bearer YOUR_TOKEN"   https://api.github.com/enterprises/advacado-corp/audit-log
 
-```shell
-$ curl -I "https://api.github.com/search/code?q=addClass+user:mozilla"
 ```
 
-The `-I` parameter indicates that we only care about the headers, not the actual
-content. In examining the result, you'll notice some information in the Link header
-that looks like this:
+The `-I` flag returns only the response header. If the response is paginated, the response header will include a `link` header. The header will look something like this:
 
-    Link: <https://api.github.com/search/code?q=addClass+user%3Amozilla&page=2>; rel="next",
-      <https://api.github.com/search/code?q=addClass+user%3Amozilla&page=34>; rel="last"
+```
+link: <https://api.github.com/enterprises/13827/audit-log?after=MS42NjQzODM5MTkzNDdlKzEyfDM0MkI6NDdBNDo4RTFGMEM6NUIyQkZCMzo2MzM0N0JBRg%3D%3D&before=>; rel="next"
+```
 
-Let's break that down. `rel="next"` says that the next page is `page=2`. This makes
-sense, since by default, all paginated queries start at page `1.` `rel="last"`
-provides some more information, stating that the last page of results is on page `34`.
-Thus, we have 33 more pages of information about `addClass` that we can consume.
-Nice!
+or
 
-**Always** rely on these link relations provided to you. Don't try to guess or construct your own URL.
+```
+link: <https://api.github.com/repositories/1300192/issues?page=2>; rel="next", <https://api.github.com/repositories/1300192/issues?page=511>; rel="last"
+```
+### Types of pagination
 
-### Navigating through the pages
+{% data variables.product.company_short %}'s API uses two pagination methods: page-based pagination and cursor-based pagination. If the `link` header includes `page`, then the operation uses page-based pagination. If the `link` header includes `before` and `after`, then the operation uses cursor-based pagination.
 
-Now that you know how many pages there are to receive, you can start navigating
-through the pages to consume the results. You do this by passing in a `page`
-parameter. By default, `page` always starts at `1`. Let's jump ahead to page 14
-and see what happens:
+
+#### Page based pagination
+
+The link header for page-based pagination will tell you information about the previous, next, first, and last pages. If you did not request a specific page, then the response will default to the first page and information about the first and previous pages will be omitted.
+
+For example, for a request that did not specify a page, this header states that the next page is `2` and the last page is `511`.
+
+```
+link: <https://api.github.com/repositories/1300192/issues?page=2>; rel="next", <https://api.github.com/repositories/1300192/issues?page=511>; rel="last"
+```
+
+For example, for a request that specified page 5, this header states that the previous page is `4`, the next page is `6`, the last page is `511`, and the first page is `1`.
+
+```
+link: <https://api.github.com/repositories/1300192/issues?page=4>; rel="prev", <https://api.github.com/repositories/1300192/issues?page=6>; rel="next", <https://api.github.com/repositories/1300192/issues?page=511>; rel="last", <https://api.github.com/repositories/1300192/issues?page=1>; rel="first"
+```
+
+#### Cursor based pagination
+
+Cursor pagination uses terms `before` and `after` in order to navigate through pages. `rel="next"` and `rel="prev"` this mark the cursor point in the data set and provides a reference for traveling to the page `before` and `after` the current page.  
+
+```
+link: <https://api.github.com/enterprises/13827/audit-log?after=MS42NjQzODMzMzk2MzZlKzEyfFdxSzIxdGU0MlBWNUp5UzhBWDF6LWc%3D&before=>; rel="next",
+<https://api.github.com/enterprises/13827/audit-log?after=&before=>; rel="first", 
+<https://api.github.com/enterprises/13827/audit-log?after=&before=MS42NjQzODM5MTcyMjllKzEyfDI4NDE6NEVFNDoxODBDRkM5OjY5REE0MzI6NjMzNDdCQUQ%3D>; rel="prev"
+```
+
+In this example, `rel=next` says that the next page is located at:
+
+```
+after=MS42NjQzODM5MTkzNDdlKzEyfDM0MkI6NDdBNDo4RTFGMEM6NUIyQkZCMzo2MzM0N0JBRg%3D%3D&before=>
+```
+
+
+
+
+### Using pagination
+
+#### Cursor based pagination
+
+Using cursor based pagination requires you to use the terms `before` and `after`. To navigate using `before` and `after`, copy the link header generated above into your curl request:
+
+```shell
+$ curl -I -H "Accept: application/vnd.github+json" -H "Authorization: Bearer YOUR_TOKEN"  https://api.github.com/enterprises/13827/audit-log?after=MS42NjQzODM5MTkzNDdlKzEyfDM0MkI6NDdBNDo4RTFGMEM6NUIyQkZCMzo2MzM0N0JBRg%3D%3D&before=>
+```
+
+The above example will generate a page of results and new header information that you can use to make the next request. `rel="next"` provides the next page of results. `rel="prev"` provides the previous page of results. The important part of the output here is the link header needs to be generated rather than manually imputed. Copy the entire link from the following output.
+
+```
+link: <https://api.github.com/enterprises/13827/audit-log?after=MS42NjQzODMzMzk2MzZlKzEyfFdxSzIxdGU0MlBWNUp5UzhBWDF6LWc%3D&before=>; rel="next", 
+<https://api.github.com/enterprises/13827/audit-log?after=&before=>; rel="first", 
+<https://api.github.com/enterprises/13827/audit-log?after=&before=MS42NjQzODM5MTcyMjllKzEyfDI4NDE6NEVFNDoxODBDRkM5OjY5REE0MzI6NjMzNDdCQUQ%3D>; rel="prev"
+```
+
+Unlike page-based pagination, the results will not return the last page number in the response.
+
+    link: <https://api.github.com/enterprises/13827/audit-log?after=MS42NjQzODMzMzk2MzZlKzEyfFdxSzIxdGU0MlBWNUp5UzhBWDF6LWc%3D&before=>; rel="next", 
+    <https://api.github.com/enterprises/13827/audit-log?after=&before=>; rel="first", 
+    <https://api.github.com/enterprises/13827/audit-log?after=&before=MS42NjQzODM5MTcyMjllKzEyfDI4NDE6NEVFNDoxODBDRkM5OjY5REE0MzI6NjMzNDdCQUQ%3D>; rel="prev"
+    
+Because cursor based pagination creates a reference point in the data set, it cannot calculate the total number of results.
+
+
+#### Page based pagination
+
+To navigate using page based pagination pass in a `page`
+parameter. By default, `page` always starts at `1`. In the following example, we have made a curl request to the search API Mozilla projects use the phrase `addClass`. Instead of starting at 1, lets jump to page 14. 
 
 ```shell
 $ curl -I "https://api.github.com/search/code?q=addClass+user:mozilla&page=14"
 ```
 
-Here's the link header once more:
+Here's an except of the link header in the HTTP request:
 
     Link: <https://api.github.com/search/code?q=addClass+user%3Amozilla&page=15>; rel="next",
       <https://api.github.com/search/code?q=addClass+user%3Amozilla&page=34>; rel="last",
       <https://api.github.com/search/code?q=addClass+user%3Amozilla&page=1>; rel="first",
       <https://api.github.com/search/code?q=addClass+user%3Amozilla&page=13>; rel="prev"
 
-As expected, `rel="next"` is at 15, and `rel="last"` is still 34. But now we've
+In this example, `rel="next"` is at 15, and `rel="last"` is 34. But now we've
 got some more information: `rel="first"` indicates the URL for the _first_ page,
 and more importantly, `rel="prev"` lets you know the page number of the previous
 page. Using this information, you could construct some UI that lets users jump
 between the first, previous, next, or last list of results in an API call.
 
+
 ### Changing the number of items received
 
+#### Page based pagination
+
 By passing the `per_page` parameter, you can specify how many items you want
 each page to return, up to 100 items. Let's try asking for 50 items about `addClass`:
 
@@ -102,6 +178,14 @@ As you might have guessed, the `rel="last"` information says that the last page
 is now 20. This is because we are asking for more information per page about
 our results.
 
+#### Cursor based pagination
+
+You can also pass the `per_page` parameter for cursor-based pagination. 
+
+```shell
+$ curl -I -H "Accept: application/vnd.github+json" -H "Authorization: Bearer YOUR_TOKEN"  https://api.github.com/enterprises/13827/audit-log?after=MS42NjQzODM5MTkzNDdlKzEyfDM0MkI6NDdBNDo4RTFGMEM6NUIyQkZCMzo2MzM0N0JBRg%3D%3D&before=>&per_page=50
+```
+
 ## Consuming the information
 
 You don't want to be making low-level curl calls just to be able to work with

data/learning-tracks/code-security.yml

@@ -4,15 +4,18 @@ security_advisories:
   description: 'Using repository security advisories to privately fix a reported vulnerability and get a CVE.'
   featured_track: '{% ifversion fpt or ghec %}true{% else %}false{% endif %}'
   guides:
-    - /code-security/repository-security-advisories/about-coordinated-disclosure-of-security-vulnerabilities
-    - /code-security/repository-security-advisories/creating-a-repository-security-advisory
-    - /code-security/repository-security-advisories/adding-a-collaborator-to-a-repository-security-advisory
-    - /code-security/repository-security-advisories/collaborating-in-a-temporary-private-fork-to-resolve-a-repository-security-vulnerability
-    - /code-security/repository-security-advisories/publishing-a-repository-security-advisory
-    - /code-security/repository-security-advisories/editing-a-repository-security-advisory
-    - /code-security/repository-security-advisories/withdrawing-a-repository-security-advisory
-    - /code-security/repository-security-advisories/removing-a-collaborator-from-a-repository-security-advisory
-    - /code-security/repository-security-advisories/best-practices-for-writing-repository-security-advisories
+    - /code-security/security-advisories/repository-security-advisories/about-coordinated-disclosure-of-security-vulnerabilities
+    - /code-security/security-advisories/global-security-advisories/about-the-github-advisory-database
+    - /code-security/security-advisories/global-security-advisories/about-global-security-advisories
+    - /code-security/security-advisories/repository-security-advisories/about-repository-security-advisories
+    - /code-security/security-advisories/repository-security-advisories/creating-a-repository-security-advisory
+    - /code-security/security-advisories/repository-security-advisories/adding-a-collaborator-to-a-repository-security-advisory
+    - /code-security/security-advisories/repository-security-advisories/collaborating-in-a-temporary-private-fork-to-resolve-a-repository-security-vulnerability
+    - /code-security/security-advisories/repository-security-advisories/publishing-a-repository-security-advisory
+    - /code-security/security-advisories/repository-security-advisories/editing-a-repository-security-advisory
+    - /code-security/security-advisories/repository-security-advisories/withdrawing-a-repository-security-advisory
+    - /code-security/security-advisories/repository-security-advisories/removing-a-collaborator-from-a-repository-security-advisory
+    - /code-security/security-advisories/guidance-on-reporting-and-writing/best-practices-for-writing-repository-security-advisories
 
 # Feature available on dotcom and GHES 3.3+, so articles available on GHAE and earlier GHES hidden to hide the learning track
 dependabot_alerts:

data/reusables/actions/hardware-requirements-3.6.md

@@ -1,6 +0,0 @@
-| vCPUs | Memory | Maximum Connected Runners |
-| :---| :--- | :--- |
-| 8   | 64 GB  | 740  runners |
-| 32  | 160 GB | 2700 runners |
-| 96  | 384 GB | 7000 runners |
-| 128 | 512 GB | 7000 runners |

data/reusables/codespaces/edit-devcontainer-json.md

@@ -0,0 +1 @@
+1. {% data variables.product.prodname_github_codespaces %} for your repository are configured in a `devcontainer.json` file. If your repository does not already contain a `devcontainer.json` file, add one now. See "[Add a dev container configuration to your repository](/free-pro-team@latest/codespaces/setting-up-your-project-for-codespaces/setting-up-your-project-for-codespaces)."

data/reusables/package_registry/authenticate_with_pat_for_v2_registry.md

@@ -1,6 +1,6 @@
 If your workflow is using a {% data variables.product.pat_generic %} to authenticate to a registry, then we highly recommend you update your workflow to use the `GITHUB_TOKEN`.
 
-{% ifversion fpt or ghec %}For guidance on updating your workflows that authenticate to a registry with a {% data variables.product.pat_generic %}, see "[Upgrading a workflow that accesses a registry using a {% data variables.product.pat_generic %}](/packages/managing-github-packages-using-github-actions-workflows/publishing-and-installing-a-package-with-github-actions#upgrading-a-workflow-that-accesses-a-registry-using-a-pat)."{% endif %}
+{% ifversion fpt or ghec %}For guidance on updating your workflows that authenticate to a registry with a {% data variables.product.pat_generic %}, see "[Upgrading a workflow that accesses a registry using a {% data variables.product.pat_generic %}](/packages/managing-github-packages-using-github-actions-workflows/publishing-and-installing-a-package-with-github-actions#upgrading-a-workflow-that-accesses-a-registry-using-a-personal-access-token)."{% endif %}
 
 For more information about the `GITHUB_TOKEN`, see "[Authentication in a workflow](/actions/reference/authentication-in-a-workflow#using-the-github_token-in-a-workflow)."
 

data/reusables/repositories/security-advisories-republishing.md

@@ -1 +1 @@
-You can also use {% data variables.product.prodname_security_advisories %} to republish the details of a security vulnerability that you have already disclosed elsewhere by copying and pasting the details of the vulnerability into a new security advisory.
+You can also use repository security advisories to republish the details of a security vulnerability that you have already disclosed elsewhere by copying and pasting the details of the vulnerability into a new security advisory.

data/reusables/security-advisory/global-advisories.md

@@ -0,0 +1 @@
+Security advisories in the {% data variables.product.prodname_advisory_database %} at [github.com/advisories](https://github.com/advisories) are considered global advisories. Anyone can suggest improvements on any global security advisory in the {% data variables.product.prodname_advisory_database %}. You can edit or add any detail, including additionally affected ecosystems, severity level or description of who is impacted. The {% data variables.product.prodname_security %} curation team will review the submitted improvements and publish them onto the {% data variables.product.prodname_advisory_database %} if accepted.

data/reusables/security-advisory/security-advisory-overview.md

@@ -1 +1 @@
-{% data variables.product.prodname_security_advisories %} allow repository maintainers to privately discuss and fix a security vulnerability in a project. After collaborating on a fix, repository maintainers can publish the security advisory to publicly disclose the security vulnerability to the project's community. By publishing security advisories, repository maintainers make it easier for their community to update package dependencies and research the impact of the security vulnerabilities.
+Repository security advisories allow repository maintainers to privately discuss and fix a security vulnerability in a project. After collaborating on a fix, repository maintainers can publish the security advisory to publicly disclose the security vulnerability to the project's community. By publishing security advisories, repository maintainers make it easier for their community to update package dependencies and research the impact of the security vulnerabilities.

data/reusables/security-overview/permissions.md

@@ -1 +1 @@
-Organization owners and security managers can access the security overview for organizations{% ifversion ghec or ghes > 3.4 or ghae > 3.4 %} and view their organization's repositories via the enterprise-level security overview. Enterprise owners can use the enterprise-level security overview to view all repositories in their enterprise's organizations{% endif %}. Members of a team can see the security overview for repositories that the team has admin privileges for.
+{% ifversion not fpt %}Organization owners and security managers can access the organization-level security overview{% ifversion ghec or ghes > 3.4 or ghae > 3.4 %} and view alerts across multiple organizations via the enterprise-level security overview. Enterprise owners can only view repositories and alerts for organizations where they are added as an organization owner or security manager{% endif %}. {% ifversion ghec or ghes > 3.6 or ghae > 3.6 %}Organization members can access the organization-level security overview to view results for repositories where they have admin privileges or have been granted access to security alerts.{% else %}Members of a team can see the security overview for repositories that the team has admin privileges for.{% endif %}{% endif %}

lib/page-data.js

@@ -3,16 +3,12 @@ import path from 'path'
 import languages from './languages.js'
 import { allVersions } from './all-versions.js'
 import createTree, { getBasePath } from './create-tree.js'
-import renderContent from './render-content/index.js'
 import loadSiteData from './site-data.js'
 import nonEnterpriseDefaultVersion from './non-enterprise-default-version.js'
 import Page from './page.js'
-import shortVersionsMiddleware from '../middleware/contextualizers/short-versions.js'
 
 const __dirname = path.dirname(fileURLToPath(import.meta.url))
 const versions = Object.keys(allVersions)
-const enterpriseServerVersions = versions.filter((v) => v.startsWith('enterprise-server@'))
-const renderOpts = { textOnly: true, encodeEntities: true }
 
 // These are the exceptions to the rule.
 // If a URI starts with one of these prefixes, it basically means we don't
@@ -103,31 +99,6 @@ export async function versionPages(obj, version, langCode, site) {
       (pl.pageVersion === 'homepage' && version === nonEnterpriseDefaultVersion)
   ).href
 
-  const req = {}
-
-  req.context = {
-    allVersions,
-    enterpriseServerVersions,
-    currentLanguage: langCode,
-    currentVersion: version,
-    site: site[langCode].site,
-  }
-
-  // The Liquid parseAndRender method is MUCH faster than renderContent or renderProp.
-  // This only works for titles and short titles, which have no other Markdown that needs
-  // to be converted to HTML, so we can get away with _only_ parsing Liquid.
-  await shortVersionsMiddleware(req, null, () => {})
-
-  obj.renderedFullTitle = obj.page.title.includes('{')
-    ? await renderContent.liquid.parseAndRender(obj.page.title, req.context, renderOpts)
-    : obj.page.title
-
-  if (obj.page.shortTitle) {
-    obj.renderedShortTitle = obj.page.shortTitle.includes('{')
-      ? await renderContent.liquid.parseAndRender(obj.page.shortTitle, req.context, renderOpts)
-      : obj.page.shortTitle
-  }
-
   if (!obj.childPages) return obj
   const versionedChildPages = await Promise.all(
     obj.childPages

lib/rest/static/dereferenced/api.github.com.deref.json

@@ -634841,7 +634841,7 @@
     },
     "fork": {
       "post": {
-        "summary": "Fork",
+        "summary": "This event occurs when someone forks a repository. For more information, see \"[Fork a repo](https://docs.github.com/get-started/quickstart/fork-a-repo).\" For information about the API, see \"[Forks](https://docs.github.com/rest/repos/forks)\" in the REST API documentation.\n\nTo subscribe to this event, a GitHub App must have at least read-level access for the \"Contents\" repository permission.",
         "operationId": "fork",
         "externalDocs": {
           "url": "https://docs.github.com/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#fork"
@@ -989809,7 +989809,7 @@
     },
     "push": {
       "post": {
-        "summary": "Push",
+        "summary": "This event occurs when a commit or tag is pushed.\n\nTo subscribe to this event, a GitHub App must have at least read-level access for the \"Contents\" repository permission.\n\n**Note**: An event will not be created when more than three tags are pushed at once.",
         "operationId": "push",
         "externalDocs": {
           "url": "https://docs.github.com/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#push"

lib/rest/static/dereferenced/ghec.deref.json

@@ -642513,7 +642513,7 @@
     },
     "fork": {
       "post": {
-        "summary": "Fork",
+        "summary": "This event occurs when someone forks a repository. For more information, see \"[Fork a repo](https://docs.github.com/enterprise-cloud@latest//get-started/quickstart/fork-a-repo).\" For information about the API, see \"[Forks](https://docs.github.com/enterprise-cloud@latest//rest/repos/forks)\" in the REST API documentation.\n\nTo subscribe to this event, a GitHub App must have at least read-level access for the \"Contents\" repository permission.",
         "operationId": "fork",
         "externalDocs": {
           "url": "https://docs.github.com/enterprise-cloud@latest//developers/webhooks-and-events/webhooks/webhook-events-and-payloads#fork"
@@ -997481,7 +997481,7 @@
     },
     "push": {
       "post": {
-        "summary": "Push",
+        "summary": "This event occurs when a commit or tag is pushed.\n\nTo subscribe to this event, a GitHub App must have at least read-level access for the \"Contents\" repository permission.\n\n**Note**: An event will not be created when more than three tags are pushed at once.",
         "operationId": "push",
         "externalDocs": {
           "url": "https://docs.github.com/enterprise-cloud@latest//developers/webhooks-and-events/webhooks/webhook-events-and-payloads#push"

lib/rest/static/dereferenced/ghes-3.7.deref.json

@@ -597170,7 +597170,7 @@
     },
     "fork": {
       "post": {
-        "summary": "Fork",
+        "summary": "This event occurs when someone forks a repository. For more information, see \"[Fork a repo](https://docs.github.com/enterprise-server@3.7/get-started/quickstart/fork-a-repo).\" For information about the API, see \"[Forks](https://docs.github.com/enterprise-server@3.7/rest/repos/forks)\" in the REST API documentation.\n\nTo subscribe to this event, a GitHub App must have at least read-level access for the \"Contents\" repository permission.",
         "operationId": "fork",
         "externalDocs": {
           "url": "https://docs.github.com/enterprise-server@3.7/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#fork"
@@ -938287,7 +938287,7 @@
     },
     "push": {
       "post": {
-        "summary": "Push",
+        "summary": "This event occurs when a commit or tag is pushed.\n\nTo subscribe to this event, a GitHub App must have at least read-level access for the \"Contents\" repository permission.\n\n**Note**: An event will not be created when more than three tags are pushed at once.",
         "operationId": "push",
         "externalDocs": {
           "url": "https://docs.github.com/enterprise-server@3.7/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#push"

lib/rest/static/dereferenced/github.ae.deref.json

@@ -513395,7 +513395,7 @@
     },
     "fork": {
       "post": {
-        "summary": "Fork",
+        "summary": "This event occurs when someone forks a repository. For more information, see \"[Fork a repo](https://docs.github.com/github-ae@latest/get-started/quickstart/fork-a-repo).\" For information about the API, see \"[Forks](https://docs.github.com/github-ae@latest/rest/repos/forks)\" in the REST API documentation.\n\nTo subscribe to this event, a GitHub App must have at least read-level access for the \"Contents\" repository permission.",
         "operationId": "fork",
         "externalDocs": {
           "url": "https://docs.github.com/github-ae@latest/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#fork"
@@ -840786,7 +840786,7 @@
     },
     "push": {
       "post": {
-        "summary": "Push",
+        "summary": "This event occurs when a commit or tag is pushed.\n\nTo subscribe to this event, a GitHub App must have at least read-level access for the \"Contents\" repository permission.\n\n**Note**: An event will not be created when more than three tags are pushed at once.",
         "operationId": "push",
         "externalDocs": {
           "url": "https://docs.github.com/github-ae@latest/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#push"

middleware/contextualizers/breadcrumbs.js

@@ -1,6 +1,4 @@
-import liquid from '../../lib/render-content/liquid.js'
-
-export default async function breadcrumbs(req, res, next) {
+export default function breadcrumbs(req, res, next) {
   if (!req.context.page) return next()
   const isEarlyAccess = req.context.page.relativePath.startsWith('early-access')
   if (req.context.page.hidden && !isEarlyAccess) return next()
@@ -12,76 +10,81 @@ export default async function breadcrumbs(req, res, next) {
     return next()
   }
 
-  req.context.breadcrumbs = await getBreadcrumbs(req, isEarlyAccess)
+  req.context.breadcrumbs = getBreadcrumbs(req, isEarlyAccess)
 
   return next()
 }
 
 const earlyAccessExceptions = ['insights', 'enterprise-importer']
 
-async function getBreadcrumbs(req, isEarlyAccess = false) {
-  const crumbs = []
-  const { currentPath, currentVersion } = req.context
-  const split = currentPath.split('/')
-  let cutoff = 2
+function getBreadcrumbs(req, isEarlyAccess) {
+  let cutoff = 0
+  // When in Early access docs consider the "root" be much higher.
+  // E.g. /en/early-access/github/migrating/understanding/about
+  // we only want it start at /migrating/understanding/about
+  // Essentially, we're skipping "/early-access" and its first
+  // top-level like "/github"
   if (isEarlyAccess) {
-    // When in Early access docs consider the "root" be much higher.
-    // E.g. /en/early-access/github/migrating/understanding/about
-    // we only want it start at /migrating/understanding/about
-    // Essentially, we're skipping "/early-access" and its first
-    // top-level like "/github"
-    cutoff++
-
+    const split = req.context.currentPath.split('/')
     // There are a few exceptions to this rule for the
     // /{version}/early-access/<product-name>/... URLs because they're a
     // bit different.
     // If there are more known exceptions, add them to the array above.
-    if (!earlyAccessExceptions.some((product) => split.includes(product))) {
-      cutoff++
-    }
-
-    // If the URL is early access AND has a version in it, go even further
-    // E.g. /en/enterprise-server@3.3/early-access/admin/hosting/mysql
-    // should start at /hosting/mysql.
-    if (currentVersion !== 'free-pro-team@latest') {
-      cutoff++
-    }
-  }
-  while (split.length > cutoff && split[split.length - 1] !== currentVersion) {
-    const href = split.join('/')
-    const page = req.context.pages[href]
-    if (page) {
-      crumbs.push({
-        href,
-        title: await getShortTitle(page, req.context),
-      })
+    if (earlyAccessExceptions.some((product) => split.includes(product))) {
+      cutoff = 1
     } else {
-      console.warn(`No page found with for '${href}'`)
+      cutoff = 2
     }
-    split.pop()
   }
-  crumbs.reverse()
 
+  const breadcrumbs = traverseTreeTitles(
+    req.context.currentPath,
+    req.context.currentProductTreeTitles
+  )
+  ;[...Array(cutoff)].forEach(() => breadcrumbs.shift())
+
+  return breadcrumbs
+}
+
+// Return an array as if you'd traverse down a tree. Imagine a tree like
+//
+//            (root /)
+//           /       \
+//        (/foo)     (/bar)
+//       /      \
+//    (/foo/bar)  (/foo/buzz)
+//
+// If the "currentPath" is `/foo/buzz` what you want to return is:
+//
+//  [
+//    {href: /, title: TITLE},
+//    {href: /foo, title: TITLE}
+//    {href: /foo/buzz, title: TITLE}
+//  ]
+//
+function traverseTreeTitles(currentPath, tree) {
+  const { href, title, shortTitle } = tree
+  const crumbs = [
+    {
+      href,
+      title: shortTitle || title,
+    },
+  ]
+  const currentPathSplit = Array.isArray(currentPath) ? currentPath : currentPath.split('/')
+  for (const child of tree.childPages) {
+    if (isParentOrEqualArray(child.href.split('/'), currentPathSplit)) {
+      crumbs.push(...traverseTreeTitles(currentPathSplit, child))
+      // Only ever going down 1 of the children
+      break
+    }
+  }
   return crumbs
 }
 
-async function getShortTitle(page, context) {
-  // Note! Don't use `page.title` or `page.shortTitle` because if they get
-  // set during rendering, they become the HTML entities encoded string.
-  // E.g. "Delete &amp; restore a package"
-
-  if (page.rawShortTitle) {
-    if (page.rawShortTitle.includes('{')) {
-      // Can't easily cache this because the `page` is reused for multiple
-      // permalinks. We could do what the `Page.render()` method does which
-      // specifically caches based on the `context.currentPath` but at
-      // this point it's probably not worth it.
-      return await liquid.parseAndRender(page.rawShortTitle, context)
-    }
-    return page.rawShortTitle
-  }
-  if (page.rawTitle.includes('{')) {
-    return await liquid.parseAndRender(page.rawTitle, context)
-  }
-  return page.rawTitle
+// Return true if an array is part of another array or equal.
+// Like `/foo/bar` is part of `/foo/bar/buzz`.
+// But also include `/foo/bar/buzz`.
+// Don't include `/foo/ba` if the final path is `/foo/baring`.
+function isParentOrEqualArray(base, final) {
+  return base.every((part, i) => part === final[i])
 }

middleware/contextualizers/current-product-tree.js

@@ -1,9 +1,10 @@
 import path from 'path'
+import liquid from '../../lib/render-content/liquid.js'
 import findPageInSiteTree from '../../lib/find-page-in-site-tree.js'
 import removeFPTFromPath from '../../lib/remove-fpt-from-path.js'
 
 // This module adds currentProductTree to the context object for use in layouts.
-export default function currentProductTree(req, res, next) {
+export default async function currentProductTree(req, res, next) {
   if (!req.context.page) return next()
   if (req.context.page.documentType === 'homepage') return next()
 
@@ -20,13 +21,68 @@ export default function currentProductTree(req, res, next) {
       req.context.currentProduct
     )
   )
-  const currentProductTree = findPageInSiteTree(
+  req.context.currentProductTree = findPageInSiteTree(
     currentRootTree,
     req.context.currentEnglishTree,
     currentProductPath
   )
 
-  req.context.currentProductTree = currentProductTree
+  // First make a slim tree of just the 'href', 'title', 'shortTitle'
+  // 'documentType' and 'childPages' (which is recursive).
+  // This gets used for map topic and category pages.
+  req.context.currentProductTreeTitles = await getCurrentProductTreeTitles(
+    req.context.currentProductTree,
+    req.context
+  )
+  // Now make an even slimmer version that excludes all hidden pages.
+  // This is i used for sidebars.
+  req.context.currentProductTreeTitlesExcludeHidden = excludeHidden(
+    req.context.currentProductTreeTitles
+  )
 
   return next()
 }
+
+// Return a nested object that contains the bits and pieces we need
+// for the tree which is used for sidebars and listing
+async function getCurrentProductTreeTitles(input, context) {
+  const { page } = input
+  const childPages = await Promise.all(
+    (input.childPages || []).map((child) => getCurrentProductTreeTitles(child, context))
+  )
+
+  const renderedFullTitle = page.rawTitle.includes('{')
+    ? await liquid.parseAndRender(page.rawTitle, context)
+    : page.rawTitle
+  let renderedShortTitle = ''
+  if (page.rawShortTitle) {
+    renderedShortTitle = page.rawShortTitle.includes('{')
+      ? await liquid.parseAndRender(page.rawShortTitle, context)
+      : page.rawShortTitle
+  }
+
+  const node = {
+    href: input.href,
+    title: renderedFullTitle,
+    shortTitle:
+      renderedShortTitle && (renderedShortTitle || '') !== renderedFullTitle
+        ? renderedShortTitle
+        : '',
+    documentType: page.documentType,
+    childPages: childPages.filter(Boolean),
+  }
+  if (page.hidden) node.hidden = true
+  return node
+}
+
+function excludeHidden(tree) {
+  if (tree.hidden) return null
+  const newTree = {
+    href: tree.href,
+    title: tree.title,
+    shortTitle: tree.shortTitle,
+    documentType: tree.documentType,
+    childPages: tree.childPages.map(excludeHidden).filter(Boolean),
+  }
+  return newTree
+}

middleware/contextualizers/generic-toc.js

@@ -1,4 +1,5 @@
 import findPageInSiteTree from '../../lib/find-page-in-site-tree.js'
+import { liquid } from '../../lib/render-content/index.js'
 
 // This module adds either flatTocItems or nestedTocItems to the context object for
 // product, categorie, and map topic TOCs that don't have other layouts specified.
@@ -47,7 +48,7 @@ export default async function genericToc(req, res, next) {
   const isEarlyAccess = req.context.currentPath.includes('/early-access/')
   const isArticlesCategory = req.context.currentPath.endsWith('/articles')
 
-  req.context.showHiddenTocItems =
+  const includeHidden =
     earlyAccessToc || (isCategoryOrMapTopic && isEarlyAccess && !isArticlesCategory)
 
   // Conditionally run getTocItems() recursively.
@@ -59,49 +60,67 @@ export default async function genericToc(req, res, next) {
   if (currentTocType === 'flat' && !isOneOffProductToc) {
     isRecursive = false
     renderIntros = true
-    req.context.genericTocFlat = await getTocItems(
-      treePage.childPages,
-      req.context,
-      isRecursive,
-      renderIntros
-    )
+    req.context.genericTocFlat = []
+    req.context.genericTocFlat = await getTocItems(treePage, req.context, {
+      recurse: isRecursive,
+      renderIntros,
+      includeHidden,
+    })
   }
 
   // Get an array of child map topics and their child articles and add it to the context object.
   if (currentTocType === 'nested' || isOneOffProductToc) {
     isRecursive = !isOneOffProductToc
     renderIntros = false
-    req.context.genericTocNested = await getTocItems(
-      treePage.childPages,
-      req.context,
-      isRecursive,
-      renderIntros
-    )
+    req.context.genericTocNested = await getTocItems(treePage, req.context, {
+      recurse: isRecursive,
+      renderIntros,
+      includeHidden,
+    })
   }
 
   return next()
 }
 
-async function getTocItems(pagesArray, context, isRecursive, renderIntros) {
-  return (
-    await Promise.all(
-      pagesArray.map(async (child) => {
-        // only include a hidden page if showHiddenTocItems is true
-        if (child.page.hidden && !context.showHiddenTocItems) return
+// Return a nested object that contains the bits and pieces we need
+// for the tree which is used for sidebars and listing
+async function getTocItems(node, context, opts) {
+  // Cleaner than trying to be too terse inside the `.filter()` inline callback.
+  function filterHidden(child) {
+    return opts.includeHidden || !child.page.hidden
+  }
 
-        return {
-          title: child.renderedFullTitle,
-          fullPath: child.href,
-          // renderProp is the most expensive part of this function.
-          intro: renderIntros
-            ? await child.page.renderProp('intro', context, { unwrap: true })
-            : null,
-          childTocItems:
-            isRecursive && child.childPages
-              ? await getTocItems(child.childPages, context, isRecursive, renderIntros)
-              : null,
+  return await Promise.all(
+    node.childPages.filter(filterHidden).map(async (child) => {
+      const { page } = child
+      const title = page.rawTitle.includes('{')
+        ? await liquid.parseAndRender(page.rawTitle, context)
+        : page.rawTitle
+      let intro = null
+      if (opts.renderIntros) {
+        intro = ''
+        if (page.rawIntro) {
+          intro = page.rawIntro.includes('{')
+            ? await liquid.parseAndRender(page.rawIntro, context)
+            : page.rawIntro
         }
-      })
-    )
-  ).filter(Boolean)
+      }
+
+      let childTocItems = null
+      if (opts.recurse) {
+        childTocItems = []
+        if (child.childPages) {
+          childTocItems.push(...(await getTocItems(child, context, opts)))
+        }
+      }
+
+      const fullPath = child.href
+      return {
+        title,
+        fullPath,
+        intro,
+        childTocItems,
+      }
+    })
+  )
 }

middleware/index.js

@@ -263,9 +263,9 @@ export default function (app) {
   app.use(instrument(webhooks, './contextualizers/webhooks'))
   app.use(asyncMiddleware(instrument(whatsNewChangelog, './contextualizers/whats-new-changelog')))
   app.use(instrument(layout, './contextualizers/layout'))
-  app.use(instrument(currentProductTree, './contextualizers/current-product-tree'))
+  app.use(asyncMiddleware(instrument(currentProductTree, './contextualizers/current-product-tree')))
   app.use(asyncMiddleware(instrument(genericToc, './contextualizers/generic-toc')))
-  app.use(asyncMiddleware(instrument(breadcrumbs, './contextualizers/breadcrumbs')))
+  app.use(instrument(breadcrumbs, './contextualizers/breadcrumbs'))
   app.use(instrument(features, './contextualizers/features'))
   app.use(asyncMiddleware(instrument(productExamples, './contextualizers/product-examples')))
   app.use(asyncMiddleware(instrument(productGroups, './contextualizers/product-groups')))

tests/content/site-tree.js

@@ -41,9 +41,6 @@ describe('siteTree', () => {
       expect(pageWithDynamicTitle.page.title).toEqual(
         'Installing {% data variables.product.prodname_enterprise %}'
       )
-
-      // Confirm a new property contains the rendered title
-      expect(pageWithDynamicTitle.renderedFullTitle).toEqual('Installing GitHub Enterprise')
     })
   })
 

tests/rendering/sidebar.js

@@ -173,4 +173,16 @@ describe('sidebar', () => {
       }
     }
   })
+  test("test a page where there's known sidebar short titles that use Liquid and ampersands", async () => {
+    const url =
+      '/en/issues/organizing-your-work-with-project-boards/tracking-work-with-project-boards'
+    const $ = await getDOM(url)
+    const linkTexts = []
+    $('[data-testid=sidebar]  a').each((i, element) => {
+      linkTexts.push($(element).text())
+    })
+    // This makes sure that none of the texts in there has their final HTML
+    // to be HTML entity encoded.
+    expect(linkTexts.filter((text) => text.includes('&')).length).toBe(0)
+  })
 })

translations/es-ES/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-personal-account-settings/permission-levels-for-a-personal-account-repository.md

@@ -1,6 +1,6 @@
 ---
-title: Niveles de permisos para un repositorio de una cuenta personal
-intro: 'Un repositorio que pertenece a una cuenta personal tiene dos niveles de permiso: propietario del repositorio y colaboradores.'
+title: Permission levels for a personal account repository
+intro: 'A repository owned by a personal account has two permission levels: the repository owner and collaborators.'
 redirect_from:
   - /articles/permission-levels-for-a-user-account-repository
   - /github/setting-up-and-managing-your-github-user-account/permission-levels-for-a-user-account-repository
@@ -14,84 +14,79 @@ versions:
 topics:
   - Accounts
 shortTitle: Repository permissions
-ms.openlocfilehash: e7c7a542204c7b1ce69bc19ac326fb248bbbff12
-ms.sourcegitcommit: 47bd0e48c7dba1dde49baff60bc1eddc91ab10c5
-ms.translationtype: HT
-ms.contentlocale: es-ES
-ms.lasthandoff: 09/05/2022
-ms.locfileid: '147066310'
 ---
-## Acerca de los niveles de permisos para un repositorio de una cuenta personal
+## About permissions levels for a personal account repository
 
-Los repositorios propiedad de las cuentas personales tienen un propietario. Los permisos de propiedad no se pueden compartir con otra cuenta personal.
+Repositories owned by personal accounts have one owner. Ownership permissions can't be shared with another personal account.
 
-También puede {% ifversion fpt or ghec %}invitar{% else %}agregar{% endif %} usuarios de {% data variables.product.product_name %} al repositorio como colaboradores. Para más información, vea "[Invitación de colaboradores a un repositorio personal](/github/setting-up-and-managing-your-github-user-account/inviting-collaborators-to-a-personal-repository)".
+You can also {% ifversion fpt or ghec %}invite{% else %}add{% endif %} users on {% data variables.product.product_name %} to your repository as collaborators. For more information, see "[Inviting collaborators to a personal repository](/github/setting-up-and-managing-your-github-user-account/inviting-collaborators-to-a-personal-repository)."
 
 {% tip %}
 
-**Sugerencia:** si necesitas un acceso más pormenorizado a un repositorio propiedad de tu cuenta personal, considera la posibilidad de transferir el repositorio a una organización. Para más información, vea "[Transferencia de un repositorio](/github/administering-a-repository/transferring-a-repository#transferring-a-repository-owned-by-your-personal-account)".
+**Tip:** If you require more granular access to a repository owned by your personal account, consider transferring the repository to an organization. For more information, see "[Transferring a repository](/github/administering-a-repository/transferring-a-repository#transferring-a-repository-owned-by-your-personal-account)."
 
 {% endtip %}
 
-## Acceso de propietarios a un repositorio propiedad de una cuenta personal
+## Owner access for a repository owned by a personal account
 
-El propietario del repositorio tiene control completo del repositorio. Adicionalmente a las acciones que pudiera realizar cualquier colaborador, el propietario del repositorio puede realizar las siguientes.
+The repository owner has full control of the repository. In addition to the actions that any collaborator can perform, the repository owner can perform the following actions.
 
-| Acción | Más información |
+| Action | More information |
 | :- | :- |
-| {% ifversion fpt or ghec %}Invitación a colaboradores{% else %}Adición de colaboradores{% endif %} | "[Invitación a colaboradores a un repositorio personal](/github/setting-up-and-managing-your-github-user-account/inviting-collaborators-to-a-personal-repository)" |
-| Cambiar la visibilidad del repositorio | "[Configuración de la visibilidad de un repositorio](/github/administering-a-repository/setting-repository-visibility)" |{% ifversion fpt or ghec %}
-| Limitar las interacciones con el repositorio | "[Limitación de las interacciones en el repositorio](/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository)" |{% endif %}
-| Renombrar una rama, incluyendo la rama predeterminada | "[Cambio del nombre de una rama](/github/administering-a-repository/renaming-a-branch)" |
-| Fusionar una solicitud de extracción sobre una rama protegida, incluso si no hay revisiones de aprobación | "[Acerca de las ramas protegidas](/github/administering-a-repository/about-protected-branches)" |
-| Eliminar el repositorio | "[Eliminación de un repositorio](/repositories/creating-and-managing-repositories/deleting-a-repository)" |
-| Administrar los temas del repositorio | "[Clasificación del repositorio con temas](/github/administering-a-repository/classifying-your-repository-with-topics)" |{% ifversion fpt or ghec %}
-| Administrar la seguridad y la configuración de análisis del repositorio | "[Administración de la configuración de seguridad y análisis para el repositorio](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository)" |{% endif %}{% ifversion fpt or ghec %}
-| Habilitar la gráfica de dependencias para un repositorio privado | "[Exploración de las dependencias de un repositorio](/github/visualizing-repository-data-with-graphs/exploring-the-dependencies-of-a-repository#enabling-and-disabling-the-dependency-graph-for-a-private-repository)" |{% endif %}
-| Borrar y restaurar paquetes | "[Eliminación y restauración de un paquete](/packages/learn-github-packages/deleting-and-restoring-a-package)" |
-| Personalizar la vista previa de las redes sociales de un repositorio | "[Personalización de la vista previa de las redes sociales del repositorio ](/github/administering-a-repository/customizing-your-repositorys-social-media-preview)" |
-| Crear una plantilla del repositorio | "[Creación de un repositorio de plantillas](/github/creating-cloning-and-archiving-repositories/creating-a-template-repository)" |
-| Controlar el acceso a las {% data variables.product.prodname_dependabot_alerts %}| "[Administración de la configuración de seguridad y análisis para el repositorio](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository#granting-access-to-security-alerts)" |{% ifversion fpt or ghec %}
-| Descartar las {% data variables.product.prodname_dependabot_alerts %} en el repositorio | "[Visualización y actualización de {% data variables.product.prodname_dependabot_alerts %}](/code-security/dependabot/dependabot-alerts/viewing-and-updating-dependabot-alerts)" |
-| Administrar el uso de datos para un repositorio privado | "[Administración de la configuración de uso de datos para el repositorio privado](/get-started/privacy-on-github/managing-data-use-settings-for-your-private-repository)"|{% endif %}
-| Definir propietarios del código para un repositorio | "[Acerca de los propietarios de código](/github/creating-cloning-and-archiving-repositories/about-code-owners)" |
-| Archivar el repositorio | "[Archivado de repositorios](/repositories/archiving-a-github-repository/archiving-repositories)" |{% ifversion fpt or ghec %}
-| Creación de avisos de seguridad | "[Acerca de {% data variables.product.prodname_security_advisories %}](/github/managing-security-vulnerabilities/about-github-security-advisories)" |
-| Representación de un botón de patrocinador | "[Representación de un botón de patrocinador en el repositorio](/github/administering-a-repository/displaying-a-sponsor-button-in-your-repository)" |{% endif %}
-| Permitir o dejar de permitir la fusión automática para las solicitudes de cambios | "[Administración de la combinación automática para las solicitudes de incorporación de cambios en el repositorio](/github/administering-a-repository/managing-auto-merge-for-pull-requests-in-your-repository)" | 
+| {% ifversion fpt or ghec %}Invite collaborators{% else %}Add collaborators{% endif %} | "[Inviting collaborators to a personal repository](/github/setting-up-and-managing-your-github-user-account/inviting-collaborators-to-a-personal-repository)" |
+| Change the visibility of the repository | "[Setting repository visibility](/github/administering-a-repository/setting-repository-visibility)" |{% ifversion fpt or ghec %}
+| Limit interactions with the repository | "[Limiting interactions in your repository](/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository)" |{% endif %}
+| Rename a branch, including the default branch | "[Renaming a branch](/github/administering-a-repository/renaming-a-branch)" |
+| Merge a pull request on a protected branch, even if there are no approving reviews | "[About protected branches](/github/administering-a-repository/about-protected-branches)" |
+| Delete the repository | "[Deleting a repository](/repositories/creating-and-managing-repositories/deleting-a-repository)" |
+| Manage the repository's topics | "[Classifying your repository with topics](/github/administering-a-repository/classifying-your-repository-with-topics)" |{% ifversion fpt or ghec %}
+| Manage security and analysis settings for the repository | "[Managing security and analysis settings for your repository](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository)" |{% endif %}{% ifversion fpt or ghec %}
+| Enable the dependency graph for a private repository | "[Exploring the dependencies of a repository](/github/visualizing-repository-data-with-graphs/exploring-the-dependencies-of-a-repository#enabling-and-disabling-the-dependency-graph-for-a-private-repository)" |{% endif %}
+| Delete and restore packages | "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" |
+| Customize the repository's social media preview | "[Customizing your repository's social media preview](/github/administering-a-repository/customizing-your-repositorys-social-media-preview)" |
+| Create a template from the repository | "[Creating a template repository](/github/creating-cloning-and-archiving-repositories/creating-a-template-repository)" |
+| Control access to {% data variables.product.prodname_dependabot_alerts %}| "[Managing security and analysis settings for your repository](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository#granting-access-to-security-alerts)" |{% ifversion fpt or ghec %}
+| Dismiss {% data variables.product.prodname_dependabot_alerts %} in the repository | "[Viewing and updating {% data variables.product.prodname_dependabot_alerts %}](/code-security/dependabot/dependabot-alerts/viewing-and-updating-dependabot-alerts)" |
+| Manage data use for a private repository | "[Managing data use settings for your private repository](/get-started/privacy-on-github/managing-data-use-settings-for-your-private-repository)"|{% endif %}
+| Define code owners for the repository | "[About code owners](/github/creating-cloning-and-archiving-repositories/about-code-owners)" |
+| Archive the repository | "[Archiving repositories](/repositories/archiving-a-github-repository/archiving-repositories)" |{% ifversion fpt or ghec %}
+| Create security advisories | "[About repository security advisories](/github/managing-security-vulnerabilities/about-github-security-advisories)" |
+| Display a sponsor button | "[Displaying a sponsor button in your repository](/github/administering-a-repository/displaying-a-sponsor-button-in-your-repository)" |{% endif %}
+| Allow or disallow auto-merge for pull requests | "[Managing auto-merge for pull requests in your repository](/github/administering-a-repository/managing-auto-merge-for-pull-requests-in-your-repository)" | 
+| Manage webhooks and deploy keys	| "[Managing deploy keys](/developers/overview/managing-deploy-keys#deploy-keys)" |
 
-## Acceso de colaboradores a un repositorio propiedad de una cuenta personal
+## Collaborator access for a repository owned by a personal account
 
-Los colaboradores de un repositorio personal pueden extraer (leer) el contienido del mismo y subir (escribir) los cambios al repositorio.
+Collaborators on a personal repository can pull (read) the contents of the repository and push (write) changes to the repository.
 
 {% note %}
 
-**Nota:** En un repositorio privado, los propietarios del repositorio solo pueden conceder acceso de escritura a los colaboradores. Los colaboradores no pueden tener acceso de solo lectura a los repositorios propiedad de una cuenta personal.
+**Note:** In a private repository, repository owners can only grant write access to collaborators. Collaborators can't have read-only access to repositories owned by a personal account.
 
 {% endnote %}
 
-Los colaboradores también pueden realizar las siguientes acciones.
+Collaborators can also perform the following actions.
 
-| Acción | Más información |
+| Action | More information |
 | :- | :- |
-| Bifurcar el repositorio | "[Acerca de las bifurcaciones](/pull-requests/collaborating-with-pull-requests/working-with-forks/about-forks)" |
-| Renombrar una rama diferente a la predeterminada | "[Cambio del nombre de una rama](/github/administering-a-repository/renaming-a-branch)" |
-| Crear, editar, y borrar comentarios en las confirmaciones, solicitudes de cambios y propuestas del repositorio | <ul><li>"[Acerca de las incidencias](/github/managing-your-work-on-github/about-issues)"</li><li>"[Comentario de una solicitud de incorporación de cambios](/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/commenting-on-a-pull-request)"</li><li>"[Administración de comentarios negativos](/communities/moderating-comments-and-conversations/managing-disruptive-comments)"</li></ul> |
-| Crear, asignar, cerrar y volver a abrir las propuestas en el repositorio | "[Administración del trabajo con incidencias](/github/managing-your-work-on-github/managing-your-work-with-issues)" |
-| Administrar las etiquetas para las propuestas y solicitudes de cambios en el repositorio | "[Etiquetado de incidencias y solicitudes de incorporación de cambios](/github/managing-your-work-on-github/labeling-issues-and-pull-requests)" |
-| Administrar hitos para las propuestas y solicitudes de cambios en el repositorio | "[Creación y edición de hitos para incidencias y solicitudes de incorporación de cambios](/github/managing-your-work-on-github/creating-and-editing-milestones-for-issues-and-pull-requests)" |
-| Marcar una propuesta o solicitud de cambios en el repositorio como duplicada | "[Acerca de incidencias duplicadas y solicitudes de incorporación de cambios](/github/managing-your-work-on-github/about-duplicate-issues-and-pull-requests)" |
-| Crear, fusionar y cerrar las solicitudes de cambios en el repositorio | "[Propuesta de cambios en el trabajo con solicitudes de incorporación de cambios](/github/collaborating-with-issues-and-pull-requests/proposing-changes-to-your-work-with-pull-requests)" |
-| Habilitar e inhabilitar la fusión automática para una solicitud de cambios | "[Combinación automática de una solicitud de incorporación de cambios](/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/automatically-merging-a-pull-request)"
-| Aplicar los cambios sugeridos a las solicitudes de cambios en el repositorio |"[Incorporación de comentarios en la solicitud de incorporación de cambios](/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/incorporating-feedback-in-your-pull-request)" |
-| Crear una solicitud de cambios desde una bifurcación del repositorio | "[Creación de una solicitud de incorporación de cambios desde una bifurcación](/github/collaborating-with-issues-and-pull-requests/creating-a-pull-request-from-a-fork)" |
-| Emitir una revisión de una solicitud de cambios que afecte la capacidad de fusión de una solicitud de cambios | "[Revisión de los cambios propuestos en una solicitud de incorporación de cambios](/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-proposed-changes-in-a-pull-request)" |
-| Crear y editar un wiki para el repositorio | "[Acerca de las wikis](/communities/documenting-your-project-with-wikis/about-wikis)" |
-| Crear y editar los lanzamientos del repositorio | "[Administración de versiones en un repositorio](/github/administering-a-repository/managing-releases-in-a-repository)" |
-| Actuar como propietario del código del repositorio | "[Acerca de los propietarios de código](/articles/about-code-owners)" |{% ifversion fpt or ghae or ghec %}
-| Publicar, ver o instalar paquetes | "[Publicación y administración de paquetes](/github/managing-packages-with-github-packages/publishing-and-managing-packages)" |{% endif %}
-| Eliminarse como colaboradores del repositorio | "[Eliminarse del repositorio de un colaborador](/github/setting-up-and-managing-your-github-user-account/removing-yourself-from-a-collaborators-repository)" |
+| Fork the repository | "[About forks](/pull-requests/collaborating-with-pull-requests/working-with-forks/about-forks)" |
+| Rename a branch other than the default branch | "[Renaming a branch](/github/administering-a-repository/renaming-a-branch)" |
+| Create, edit, and delete comments on commits, pull requests, and issues in the repository | <ul><li>"[About issues](/github/managing-your-work-on-github/about-issues)"</li><li>"[Commenting on a pull request](/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/commenting-on-a-pull-request)"</li><li>"[Managing disruptive comments](/communities/moderating-comments-and-conversations/managing-disruptive-comments)"</li></ul> |
+| Create, assign, close, and re-open issues in the repository | "[Managing your work with issues](/github/managing-your-work-on-github/managing-your-work-with-issues)" |
+| Manage labels for issues and pull requests in the repository | "[Labeling issues and pull requests](/github/managing-your-work-on-github/labeling-issues-and-pull-requests)" |
+| Manage milestones for issues and pull requests in the repository | "[Creating and editing milestones for issues and pull requests](/github/managing-your-work-on-github/creating-and-editing-milestones-for-issues-and-pull-requests)" |
+| Mark an issue or pull request in the repository as a duplicate | "[About duplicate issues and pull requests](/github/managing-your-work-on-github/about-duplicate-issues-and-pull-requests)" |
+| Create, merge, and close pull requests in the repository | "[Proposing changes to your work with pull requests](/github/collaborating-with-issues-and-pull-requests/proposing-changes-to-your-work-with-pull-requests)" |
+| Enable and disable auto-merge for a pull request | "[Automatically merging a pull request](/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/automatically-merging-a-pull-request)"
+| Apply suggested changes to pull requests in the repository |"[Incorporating feedback in your pull request](/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/incorporating-feedback-in-your-pull-request)" |
+| Create a pull request from a fork of the repository | "[Creating a pull request from a fork](/github/collaborating-with-issues-and-pull-requests/creating-a-pull-request-from-a-fork)" |
+| Submit a review on a pull request that affects the mergeability of the pull request | "[Reviewing proposed changes in a pull request](/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-proposed-changes-in-a-pull-request)" |
+| Create and edit a wiki for the repository | "[About wikis](/communities/documenting-your-project-with-wikis/about-wikis)" |
+| Create and edit releases for the repository | "[Managing releases in a repository](/github/administering-a-repository/managing-releases-in-a-repository)" |
+| Act as a code owner for the repository | "[About code owners](/articles/about-code-owners)" |{% ifversion fpt or ghae or ghec %}
+| Publish, view, or install packages | "[Publishing and managing packages](/github/managing-packages-with-github-packages/publishing-and-managing-packages)" |{% endif %}
+| Remove themselves as collaborators on the repository | "[Removing yourself from a collaborator's repository](/github/setting-up-and-managing-your-github-user-account/removing-yourself-from-a-collaborators-repository)" |
 
-## Información adicional
+## Further reading
 
-- "[Roles de repositorio para una organización](/organizations/managing-access-to-your-organizations-repositories/repository-roles-for-an-organization)"
+- "[Repository roles for an organization](/organizations/managing-access-to-your-organizations-repositories/repository-roles-for-an-organization)"

translations/es-ES/content/actions/examples/using-the-github-cli-on-a-runner.md

@@ -1,7 +1,7 @@
 ---
-title: Using the GitHub CLI on a runner
+title: Uso de la CLI de GitHub en un ejecutor
 shortTitle: Use the GitHub CLI on a runner
-intro: 'How to use advanced {% data variables.product.prodname_actions %} features for continuous integration (CI).'
+intro: 'Cómo usar características avanzadas de {% data variables.product.prodname_actions %} para la integración continua (CI).'
 versions:
   fpt: '*'
   ghes: '> 3.1'
@@ -10,40 +10,34 @@ versions:
 type: how_to
 topics:
   - Workflows
+ms.openlocfilehash: e0787d09cd194de0038d259c1aff777cc91a4a6a
+ms.sourcegitcommit: bf11c3e08cbb5eab6320e0de35b32ade6d863c03
+ms.translationtype: HT
+ms.contentlocale: es-ES
+ms.lasthandoff: 10/27/2022
+ms.locfileid: '148111589'
 ---
-
 {% data reusables.actions.enterprise-github-hosted-runners %}
 
-## Example overview
+## Información general de ejemplo
 
-{% data reusables.actions.example-workflow-intro-ci %} When this workflow is triggered, it automatically runs a script that checks whether the {% data variables.product.prodname_dotcom %} Docs site has any broken links. If any broken links are found, the workflow uses the {% data variables.product.prodname_dotcom %} CLI to create a {% data variables.product.prodname_dotcom %} issue with the details.
+{% data reusables.actions.example-workflow-intro-ci %} Cuando se desencadena este flujo de trabajo, ejecuta automáticamente un script que comprueba si el sitio de {% data variables.product.prodname_dotcom %} Docs tienen vínculos rotos. Si se encuentran vínculos rotos, el flujo de trabajo usa la CLI de {% data variables.product.prodname_dotcom %} para crear una incidencia de {% data variables.product.prodname_dotcom %} con los detalles.
 
 {% data reusables.actions.example-diagram-intro %}
 
-![Overview diagram of workflow steps](/assets/images/help/images/overview-actions-using-cli-ci-example.png)
+![Diagrama general de los pasos del flujo de trabajo](/assets/images/help/images/overview-actions-using-cli-ci-example.png)
 
-## Features used in this example
+## Características que se usan en este ejemplo
 
 {% data reusables.actions.example-table-intro %}
 
-| **Feature**  | **Implementation** |
+| **Característica**  | **Implementación** |
 | --- | --- |
-{% data reusables.actions.cron-table-entry %}
-{% data reusables.actions.permissions-table-entry %}
-{% data reusables.actions.if-conditions-table-entry %}
-{% data reusables.actions.secrets-table-entry %}
-{% data reusables.actions.checkout-action-table-entry %}
-{% data reusables.actions.setup-node-table-entry %}
-| Using a third-party action: | [`peter-evans/create-issue-from-file`](https://github.com/peter-evans/create-issue-from-file)|
-| Running shell commands on the runner: | [`run`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun) |
-| Running a script on the runner: | Using `script/check-english-links.js` |
-| Generating an output file: | Piping the output using the `>` operator |
-| Checking for existing issues using {% data variables.product.prodname_cli %}: | [`gh issue list`](https://cli.github.com/manual/gh_issue_list) |
-| Commenting on an issue using {% data variables.product.prodname_cli %}: | [`gh issue comment`](https://cli.github.com/manual/gh_issue_comment) |
+{% data reusables.actions.cron-table-entry %} {% data reusables.actions.permissions-table-entry %} {% data reusables.actions.if-conditions-table-entry %} {% data reusables.actions.secrets-table-entry %} {% data reusables.actions.checkout-action-table-entry %} {% data reusables.actions.setup-node-table-entry %} | Uso de una acción de terceros: | [`peter-evans/create-issue-from-file`](https://github.com/peter-evans/create-issue-from-file)| | Ejecución de comandos de shell en el ejecutor: | [`run`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun) | | Ejecución de un script en el ejecutor: | Uso de `script/check-english-links.js` | | Generación de un archivo de salida: | Canalización de la salida mediante el operador `>` | | Comprobación de incidencias existentes mediante la {% data variables.product.prodname_cli %}: | [`gh issue list`](https://cli.github.com/manual/gh_issue_list) | | Realización de comentarios sobre una incidencia mediante la {% data variables.product.prodname_cli %}: | [`gh issue comment`](https://cli.github.com/manual/gh_issue_comment) |
 
-## Example workflow
+## Flujo de trabajo de ejemplo
 
-{% data reusables.actions.example-docs-engineering-intro %} [`check-all-english-links.yml`](https://github.com/github/docs/blob/main/.github/workflows/check-all-english-links.yml).
+{% data reusables.actions.example-docs-engineering-intro %} [`check-all-english-links.yml`](https://github.com/github/docs/blob/6e01c0653836c10d7e092a17566a2c88b10504ce/.github/workflows/check-all-english-links.yml).
 
 {% data reusables.actions.note-understanding-example %}
 
@@ -178,15 +172,15 @@ jobs:
 </tbody>
 </table>
 
-## Understanding the example
+## Descripción del ejemplo
 
 {% data reusables.actions.example-explanation-table-intro %}
 
 <table style="table-layout: fixed;">
 <thead>
   <tr>
-    <th style="width:60%"><b>Code</b></th>
-    <th style="width:40%"><b>Explanation</b></th>
+    <th style="width:60%"><b>Código</b></th>
+    <th style="width:40%"><b>Explicación</b></th>
   </tr>
 </thead>
 <tbody>
@@ -214,10 +208,10 @@ on:
 </td>
 <td>
 
-Defines the `workflow_dispatch` and `scheduled` as triggers for the workflow:
+Define `workflow_dispatch` y `scheduled` como desencadenadores para el flujo de trabajo:
 
-* The `workflow_dispatch` lets you manually run this workflow from the UI. For more information, see [`workflow_dispatch`](/actions/using-workflows/events-that-trigger-workflows#workflow_dispatch).
-* The `schedule` event lets you use `cron` syntax to define a regular interval for automatically triggering the workflow. For more information, see [`schedule`](/actions/reference/events-that-trigger-workflows#schedule).
+* `workflow_dispatch` permite ejecutar manualmente este flujo de trabajo desde la interfaz de usuario. Para más información, vea [`workflow_dispatch`](/actions/using-workflows/events-that-trigger-workflows#workflow_dispatch).
+* El evento `schedule` permite usar la sintaxis `cron` para definir un intervalo regular para desencadenar automáticamente el flujo de trabajo. Para más información, vea [`schedule`](/actions/reference/events-that-trigger-workflows#schedule).
 </td>
 </tr>
 <tr>
@@ -231,7 +225,7 @@ permissions:
 </td>
 <td>
 
-Modifies the default permissions granted to `GITHUB_TOKEN`. This will vary depending on the needs of your workflow. For more information, see "[Assigning permissions to jobs](/actions/using-jobs/assigning-permissions-to-jobs)."
+Modifica los permisos predeterminados concedidos a `GITHUB_TOKEN`. Esto variará en función de las necesidades del flujo de trabajo. Para obtener más información, consulta "[Asignación de permisos a trabajos](/actions/using-jobs/assigning-permissions-to-jobs)".
 </td>
 </tr>
 <tr>
@@ -243,7 +237,7 @@ jobs:
 </td>
 <td>
 
-Groups together all the jobs that run in the workflow file.
+Agrupa todos los trabajos que se ejecutan en el archivo de flujo de trabajo.
 </td>
 </tr>
 <tr>
@@ -256,7 +250,7 @@ Groups together all the jobs that run in the workflow file.
 </td>
 <td>
 
-Defines a job with the ID `check_all_english_links`, and the name `Check all links`, that is stored within the `jobs` key.
+Define un trabajo con el identificador `check_all_english_links` y el nombre `Check all links`, que se almacena en la clave `jobs`.
 </td>
 </tr>
 <tr>
@@ -268,7 +262,7 @@ if: github.repository == 'github/docs-internal'
 </td>
 <td>
 
-Only run the `check_all_english_links` job if the repository is named `docs-internal` and is within the `github` organization. Otherwise, the job is marked as _skipped_.
+El trabajo `check_all_english_links` solo se ejecuta si el repositorio se denomina `docs-internal` y está dentro de la organización `github`. De lo contrario, el trabajo se marca como _omitido_.
 </td>
 </tr>
 <tr>
@@ -280,7 +274,7 @@ runs-on: ubuntu-latest
 </td>
 <td>
 
-Configures the job to run on an Ubuntu Linux runner. This means that the job will execute on a fresh virtual machine hosted by {% data variables.product.prodname_dotcom %}. For syntax examples using other runners, see "[Workflow syntax for {% data variables.product.prodname_actions %}](/actions/reference/workflow-syntax-for-github-actions#jobsjob_idruns-on)."
+Configura el job para ejecutarse en un ejecutor Ubuntu Linux. Esto significa que el trabajo se ejecutará en una máquina virtual nueva que se hospede en {% data variables.product.prodname_dotcom %}. Para obtener ejemplos de sintaxis con otros ejecutores, consulta «[Sintaxis de flujo de trabajo para {% data variables.product.prodname_actions %}](/actions/reference/workflow-syntax-for-github-actions#jobsjob_idruns-on)».
 </td>
 </tr>
 <tr>
@@ -296,7 +290,7 @@ Configures the job to run on an Ubuntu Linux runner. This means that the job wil
 </td>
 <td>
 
-Creates custom environment variables, and redefines the built-in `GITHUB_TOKEN` variable to use a custom [secret](/actions/security-guides/encrypted-secrets). These variables will be referenced later in the workflow.
+Crea variables de entorno personalizadas y vuelve a definir la variable `GITHUB_TOKEN` integrada para usar un [secreto](/actions/security-guides/encrypted-secrets) personalizado. Se hará referencia a estas variables más adelante en el flujo de trabajo.
 </td>
 </tr>
 <tr>
@@ -308,7 +302,7 @@ Creates custom environment variables, and redefines the built-in `GITHUB_TOKEN`
 </td>
 <td>
 
-Groups together all the steps that will run as part of the `check_all_english_links` job. Each job in the workflow has its own `steps` section.
+Agrupa todos los pasos que se ejecutarán como parte del trabajo `check_all_english_links`. Cada trabajo del flujo de trabajo tiene su propia sección `steps`.
 </td>
 </tr>
 <tr>
@@ -321,7 +315,7 @@ Groups together all the steps that will run as part of the `check_all_english_li
 </td>
 <td>
 
-The `uses` keyword tells the job to retrieve the action named `actions/checkout`. This is an action that checks out your repository and downloads it to the runner, allowing you to run actions against your code (such as testing tools). You must use the checkout action any time your workflow will run against the repository's code or you are using an action defined in the repository.
+La palabra clave `uses` le indica al trabajo que recupere la acción denominada `actions/checkout`. Esta es una acción que revisa tu repositorio y lo descarga al ejecutor, lo que te permite ejecutar acciones contra tu código (tales como las herramientas de prueba). Debes utilizar la acción de verificación cada que tu flujo de trabajo se ejecute contra el código del repositorio o cada que estés utilizando una acción definida en el repositorio.
 </td>
 </tr>
 <tr>
@@ -337,7 +331,7 @@ The `uses` keyword tells the job to retrieve the action named `actions/checkout`
 </td>
 <td>
 
-This step uses the `actions/setup-node` action to install the specified version of the `node` software package on the runner, which gives you access to the `npm` command.
+En este paso, se usa la acción `actions/setup-node` para instalar la versión especificada del paquete de software `node` en el ejecutor, lo que te da acceso al comando `npm`.
 </td>
 </tr>
 <tr>
@@ -352,7 +346,7 @@ This step uses the `actions/setup-node` action to install the specified version
 </td>
 <td>
 
-The `run` keyword tells the job to execute a command on the runner. In this case, the `npm ci` and `npm run build` commands are run as separate steps to install and build the Node.js application in the repository.
+La palabra clave `run` indica al trabajo que ejecute un comando en el ejecutor. En este caso, los comandos `npm ci` y `npm run build` se ejecutan como pasos independientes para instalar y compilar la aplicación Node.js en el repositorio.
 </td>
 </tr>
 <tr>
@@ -366,7 +360,7 @@ The `run` keyword tells the job to execute a command on the runner. In this case
 </td>
 <td>
 
-This `run` command executes a script that is stored in the repository at `script/check-english-links.js`, and pipes the output to a file called `broken_links.md`.
+Este comando `run` ejecuta un script que se almacena en el repositorio en `script/check-english-links.js` y canaliza la salida a un archivo denominado `broken_links.md`.
 </td>
 </tr>
 <tr>
@@ -385,7 +379,7 @@ This `run` command executes a script that is stored in the repository at `script
 </td>
 <td>
 
-If the `check-english-links.js` script detects broken links and returns a non-zero (failure) exit status, then use a [workflow command](/actions/using-workflows/workflow-commands-for-github-actions#setting-an-output-parameter) to set an output that has the value of the first line of the `broken_links.md` file (this is used the next step).
+Si el script `check-english-links.js` detecta vínculos rotos y devuelve un estado de salida distinto de cero (error), usa un [comando de flujo de trabajo](/actions/using-workflows/workflow-commands-for-github-actions#setting-an-output-parameter) para establecer una salida que tenga el valor de la primera línea del archivo `broken_links.md` (se usa el paso siguiente).
 </td>
 </tr>
 <tr>
@@ -407,7 +401,7 @@ If the `check-english-links.js` script detects broken links and returns a non-ze
 </td>
 <td>
 
-Uses the `peter-evans/create-issue-from-file` action to create a new {% data variables.product.prodname_dotcom %} issue. This example is pinned to a specific version of the action, using the `b4f9ee0a9d4abbfc6986601d9b1a4f8f8e74c77e` SHA.
+Usa la acción `peter-evans/create-issue-from-file` para crear una incidencia de {% data variables.product.prodname_dotcom %}. Este ejemplo se ancla a una versión específica de la acción mediante el SHA `b4f9ee0a9d4abbfc6986601d9b1a4f8f8e74c77e`.
 </td>
 </tr>
 <tr>
@@ -435,9 +429,9 @@ Uses the `peter-evans/create-issue-from-file` action to create a new {% data var
 </td>
 <td>
 
-Uses [`gh issue list`](https://cli.github.com/manual/gh_issue_list) to locate the previously created issue from earlier runs. This is [aliased](https://cli.github.com/manual/gh_alias_set) to `gh list-reports` for simpler processing in later steps. To get the issue URL, the `jq` expression processes the resulting JSON output.
+Usa [`gh issue list`](https://cli.github.com/manual/gh_issue_list) para buscar la incidencia creada previamente a partir de ejecuciones anteriores. Se le asigna el [alias](https://cli.github.com/manual/gh_alias_set) `gh list-reports` para facilitar el procesamiento en pasos posteriores. Para obtener la dirección URL de la incidencia, la expresión `jq` procesa la salida JSON resultante.
 
-[`gh issue comment`](https://cli.github.com/manual/gh_issue_comment) is then used to add a comment to the new issue that links to the previous one.
+Después, se usa [`gh issue comment`](https://cli.github.com/manual/gh_issue_comment) para agregar un comentario a la nueva incidencia que vincula a la anterior.
 </td>
 </tr>
 <tr>
@@ -455,7 +449,7 @@ Uses [`gh issue list`](https://cli.github.com/manual/gh_issue_list) to locate th
 </td>
 <td>
 
-If an issue from a previous run is open and assigned to someone, then use [`gh issue comment`](https://cli.github.com/manual/gh_issue_comment) to add a comment with a link to the new issue.
+Si una incidencia de una ejecución anterior está abierta y asignada a alguien, usa [`gh issue comment`](https://cli.github.com/manual/gh_issue_comment) para agregar un comentario con un vínculo a la nueva incidencia.
 </td>
 </tr>
 <tr>
@@ -476,16 +470,16 @@ If an issue from a previous run is open and assigned to someone, then use [`gh i
 </td>
 <td>
 
-If an issue from a previous run is open and is not assigned to anyone, then:
+Si una incidencia de una ejecución anterior está abierta y no está asignada a nadie, haz lo siguiente:
 
-* Use [`gh issue comment`](https://cli.github.com/manual/gh_issue_comment) to add a comment with a link to the new issue.
-* Use [`gh issue close`](https://cli.github.com/manual/gh_issue_close) to close the old issue.
-* Use [`gh issue edit`](https://cli.github.com/manual/gh_issue_edit) to edit the old issue to remove it from a specific {% data variables.product.prodname_dotcom %} project board.
+* Usa [`gh issue comment`](https://cli.github.com/manual/gh_issue_comment) para agregar un comentario con un vínculo a la nueva incidencia.
+* Usa [`gh issue close`](https://cli.github.com/manual/gh_issue_close) para cerrar la incidencia antigua.
+* Usa [`gh issue edit`](https://cli.github.com/manual/gh_issue_edit) para editar la incidencia antigua y quitarla de un panel de proyecto específico de {% data variables.product.prodname_dotcom %}.
 </td>
 </tr>
 </tbody>
 </table>
 
-## Next steps
+## Pasos siguientes
 
 {% data reusables.actions.learning-actions %}

translations/es-ES/content/actions/using-workflows/workflow-commands-for-github-actions.md

@@ -581,6 +581,8 @@ console.log("The running PID from the main action is: " +  process.env.STATE_pro
 
 During the execution of a workflow, the runner generates temporary files that can be used to perform certain actions. The path to these files are exposed via environment variables. You will need to use UTF-8 encoding when writing to these files to ensure proper processing of the commands. Multiple commands can be written to the same file, separated by newlines.
 
+Most commands in the following examples use double quotes for echoing strings, which will attempt to interpolate characters like `$` for shell variable names. To always use literal values in quoted strings, you can use single quotes instead.
+
 {% powershell %}
 
 {% note %}

translations/es-ES/content/admin/index.md

@@ -125,11 +125,11 @@ children:
   - /guides
   - /release-notes
   - /all-releases
-ms.openlocfilehash: ebd1473538d42928ff3d9abb3c0e2bd9f12767f5
-ms.sourcegitcommit: fb047f9450b41b24afc43d9512a5db2a2b750a2a
+ms.openlocfilehash: 3980ad01e56bf1e38dd6473c5e5246c6d45350eb
+ms.sourcegitcommit: 3268914369fb29540e4d88ee5e56bc7a41f2a60e
 ms.translationtype: HT
 ms.contentlocale: es-ES
-ms.lasthandoff: 09/11/2022
-ms.locfileid: '147881159'
+ms.lasthandoff: 10/26/2022
+ms.locfileid: '148111316'
 ---
 

translations/es-ES/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-the-codeql-workflow-for-compiled-languages.md

@@ -125,8 +125,8 @@ After removing the `autobuild` step, uncomment the `run` step and add build comm
 
 ``` yaml
 - run: |
-  make bootstrap
-  make release
+    make bootstrap
+    make release
 ```
 
 For more information about the `run` keyword, see "[Workflow syntax for {% data variables.product.prodname_actions %}](/actions/reference/workflow-syntax-for-github-actions#jobsjob_idstepsrun)."

translations/es-ES/content/code-security/dependabot/dependabot-alerts/browsing-security-advisories-in-the-github-advisory-database.md

@@ -1,188 +0,0 @@
----
-title: Browsing security advisories in the GitHub Advisory Database
-intro: 'You can browse the {% data variables.product.prodname_advisory_database %} to find advisories for security risks in open source projects that are hosted on {% data variables.product.company_short %}.'
-shortTitle: Browse Advisory Database
-miniTocMaxHeadingLevel: 3
-redirect_from:
-  - /github/managing-security-vulnerabilities/browsing-security-vulnerabilities-in-the-github-advisory-database
-  - /code-security/supply-chain-security/browsing-security-vulnerabilities-in-the-github-advisory-database
-  - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/browsing-security-vulnerabilities-in-the-github-advisory-database
-  - /code-security/dependabot/dependabot-alerts/browsing-security-vulnerabilities-in-the-github-advisory-database
-versions:
-  fpt: '*'
-  ghec: '*'
-  ghes: '*'
-  ghae: '*'
-type: how_to
-topics:
-  - Security advisories
-  - Alerts
-  - Dependabot
-  - Vulnerabilities
-  - CVEs
----
-<!--Marketing-LINK: From /features/security/software-supply-chain page "Browsing security vulnerabilities in the GitHub Advisory Database".-->
-
-## About the {% data variables.product.prodname_advisory_database %}
-
-The {% data variables.product.prodname_advisory_database %} contains a list of known security vulnerabilities {% ifversion GH-advisory-db-supports-malware %}and malware, {% endif %}grouped in two categories: {% data variables.product.company_short %}-reviewed advisories and unreviewed advisories.
-
-{% data reusables.repositories.tracks-vulnerabilities %}
-
-## About types of security advisories
-
-{% data reusables.advisory-database.beta-malware-advisories %}
-
-Each advisory in the {% data variables.product.prodname_advisory_database %} is for a vulnerability in open source projects{% ifversion GH-advisory-db-supports-malware %} or for malicious open source software{% endif %}. 
-
-{% data reusables.repositories.a-vulnerability-is %} Vulnerabilities in code are usually introduced by accident and fixed soon after they are discovered. You should update your code to use the fixed version of the dependency as soon as it is available.
-
-{% ifversion GH-advisory-db-supports-malware %}
-
-In contrast, malicious software, or malware, is code that is intentionally designed to perform unwanted or harmful functions. The malware may target hardware, software, confidential data, or users of any application that uses the malware. You need to remove the malware from your project and find an alternative, more secure replacement for the dependency.
-
-{% endif %}
-
-### {% data variables.product.company_short %}-reviewed advisories
-
-{% data variables.product.company_short %}-reviewed advisories are security vulnerabilities{% ifversion GH-advisory-db-supports-malware %} or malware{% endif %} that have been mapped to packages in ecosystems we support. We carefully review each advisory for validity and ensure that they have a full description, and contain both ecosystem and package information.
-
-Generally, we name our supported ecosystems after the software programming language's associated package registry. We review advisories if they are for a vulnerability in a package that comes from a supported registry.
-
-- Composer (registry: https://packagist.org/){% ifversion GH-advisory-db-erlang-support %}
-- Erlang (registry: https://hex.pm/){% endif %}
-- Go (registry: https://pkg.go.dev/)
-{%- ifversion fpt or ghec or ghes > 3.6 or ghae > 3.6 %}
-- GitHub Actions (https://github.com/marketplace?type=actions/) {% endif %}
-- Maven (registry: https://repo.maven.apache.org/maven2)
-- npm (registry: https://www.npmjs.com/)
-- NuGet (registry: https://www.nuget.org/)
-- pip (registry: https://pypi.org/){% ifversion dependency-graph-dart-support %}
-- pub (registry: https://pub.dev/packages/registry){% endif %}
-- RubyGems (registry: https://rubygems.org/)
-- Rust (registry: https://crates.io/)
-
-If you have a suggestion for a new ecosystem we should support, please open an [issue](https://github.com/github/advisory-database/issues) for discussion.
-
-If you enable {% data variables.product.prodname_dependabot_alerts %} for your repositories, you are automatically notified when a new {% data variables.product.company_short %}-reviewed advisory reports a vulnerability {% ifversion GH-advisory-db-supports-malware %}or malware{% endif %} for a package you depend on. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)."
-
-### Unreviewed advisories
-
-Unreviewed advisories are security vulnerabilites that we publish automatically into the {% data variables.product.prodname_advisory_database %}, directly from the National Vulnerability Database feed. 
-
-{% data variables.product.prodname_dependabot %} doesn't create {% data variables.product.prodname_dependabot_alerts %} for unreviewed advisories as this type of advisory isn't checked for validity or completion.
-
-## About information in security advisories
-
-Each security advisory contains information about the vulnerability{% ifversion GH-advisory-db-supports-malware %} or malware,{% endif %} which may include the description, severity, affected package, package ecosystem, affected versions and patched versions, impact, and optional information such as references, workarounds, and credits. In addition, advisories from the National Vulnerability Database list contain a link to the CVE record, where you can read more details about the vulnerability, its CVSS scores, and its qualitative severity level. For more information, see the "[National Vulnerability Database](https://nvd.nist.gov/)" from the National Institute of Standards and Technology.
-
-The severity level is one of four possible levels defined in the "[Common Vulnerability Scoring System (CVSS), Section 5](https://www.first.org/cvss/specification-document)."
-- Low
-- Medium/Moderate
-- High
-- Critical
-
-The {% data variables.product.prodname_advisory_database %} uses the CVSS levels described above. If {% data variables.product.company_short %} obtains a CVE, the {% data variables.product.prodname_advisory_database %} uses CVSS version 3.1. If the CVE is imported, the {% data variables.product.prodname_advisory_database %} supports both CVSS versions 3.0 and 3.1.
-
-{% data reusables.repositories.github-security-lab %}
-
-## Accessing an advisory in the {% data variables.product.prodname_advisory_database %}
-
-1. Navigate to https://github.com/advisories.
-2. Optionally, to filter the list, use any of the drop-down menus.
-  ![Dropdown filters](/assets/images/help/security/advisory-database-dropdown-filters.png)
-   {% tip %}
-
-   **Tip:** You can use the sidebar on the left to explore  {% data variables.product.company_short %}-reviewed and unreviewed advisories separately.
-
-   {% endtip %}
-3. Click an advisory to view details. By default, you will see {% data variables.product.company_short %}-reviewed advisories for security vulnerabilities. {% ifversion GH-advisory-db-supports-malware %}To show malware advisories, use `type:malware` in the search bar.{% endif %}
-
-
-{% note %}
-
-The database is also accessible using the GraphQL API. {% ifversion GH-advisory-db-supports-malware %}By default, queries will return {% data variables.product.company_short %}-reviewed advisories for security vulnerabilities unless you specify `type:malware`.{% endif %} For more information, see the "[`security_advisory` webhook event](/webhooks/event-payloads/#security_advisory)."
-
-{% endnote %}
-
-## Editing an advisory in the {% data variables.product.prodname_advisory_database %}
-You can suggest improvements to any advisory in the {% data variables.product.prodname_advisory_database %}. For more information, see "[Editing security advisories in the {% data variables.product.prodname_advisory_database %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/editing-security-advisories-in-the-github-advisory-database)."
-
-## Searching the {% data variables.product.prodname_advisory_database %}
-
-You can search the database, and use qualifiers to narrow your search. For example, you can search for advisories created on a certain date, in a specific ecosystem, or in a particular library.
-
-{% data reusables.time_date.date_format %} {% data reusables.time_date.time_format %}
-
-{% data reusables.search.date_gt_lt %}
-
-| Qualifier  | Example |
-| ------------- | ------------- |
-| `type:reviewed`| [**type:reviewed**](https://github.com/advisories?query=type%3Areviewed) will show {% data variables.product.company_short %}-reviewed advisories for security vulnerabilities. |
-{% ifversion GH-advisory-db-supports-malware %}| `type:malware` | [**type:malware**](https://github.com/advisories?query=type%3Amalware) will show {% data variables.product.company_short %}-reviewed advisories for malware. |
-{% endif %}| `type:unreviewed`| [**type:unreviewed**](https://github.com/advisories?query=type%3Aunreviewed) will show unreviewed advisories. |
-| `GHSA-ID`| [**GHSA-49wp-qq6x-g2rf**](https://github.com/advisories?query=GHSA-49wp-qq6x-g2rf) will show the advisory with this {% data variables.product.prodname_advisory_database %} ID. |
-| `CVE-ID`| [**CVE-2020-28482**](https://github.com/advisories?query=CVE-2020-28482) will show the advisory with this CVE ID number. |
-| `ecosystem:ECOSYSTEM`| [**ecosystem:npm**](https://github.com/advisories?utf8=%E2%9C%93&query=ecosystem%3Anpm) will show only advisories affecting NPM packages. |
-| `severity:LEVEL`| [**severity:high**](https://github.com/advisories?utf8=%E2%9C%93&query=severity%3Ahigh) will show only advisories with a high severity level. |
-| `affects:LIBRARY`| [**affects:lodash**](https://github.com/advisories?utf8=%E2%9C%93&query=affects%3Alodash) will show only advisories affecting the lodash library. |
-| `cwe:ID`| [**cwe:352**](https://github.com/advisories?query=cwe%3A352) will show only advisories with this CWE number. |
-| `credit:USERNAME`| [**credit:octocat**](https://github.com/advisories?query=credit%3Aoctocat) will show only advisories credited to the "octocat" user account. |
-| `sort:created-asc`| [**sort:created-asc**](https://github.com/advisories?utf8=%E2%9C%93&query=sort%3Acreated-asc) will sort by the oldest advisories first. |
-| `sort:created-desc`| [**sort:created-desc**](https://github.com/advisories?utf8=%E2%9C%93&query=sort%3Acreated-desc) will sort by the newest advisories first. |
-| `sort:updated-asc`| [**sort:updated-asc**](https://github.com/advisories?utf8=%E2%9C%93&query=sort%3Aupdated-asc) will sort by the least recently updated first. |
-| `sort:updated-desc`| [**sort:updated-desc**](https://github.com/advisories?utf8=%E2%9C%93&query=sort%3Aupdated-desc) will sort by the most recently updated first. |
-| `is:withdrawn`| [**is:withdrawn**](https://github.com/advisories?utf8=%E2%9C%93&query=is%3Awithdrawn) will show only advisories that have been withdrawn. |
-| `created:YYYY-MM-DD`| [**created:2021-01-13**](https://github.com/advisories?utf8=%E2%9C%93&query=created%3A2021-01-13) will show only advisories created on this date. |
-| `updated:YYYY-MM-DD`| [**updated:2021-01-13**](https://github.com/advisories?utf8=%E2%9C%93&query=updated%3A2021-01-13) will show only advisories updated on this date. |
-
-## Viewing your vulnerable repositories
-
-For any {% data variables.product.company_short %}-reviewed advisory in the {% data variables.product.prodname_advisory_database %}, you can see which of your repositories are affected by that security vulnerability{% ifversion GH-advisory-db-supports-malware %} or malware{% endif %}. To see a vulnerable repository, you must have access to {% data variables.product.prodname_dependabot_alerts %} for that repository. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies#access-to-dependabot-alerts)."
-
-1. Navigate to https://github.com/advisories.
-2. Click an advisory.
-3. At the top of the advisory page, click **Dependabot alerts**.
-   ![Dependabot alerts](/assets/images/help/security/advisory-database-dependabot-alerts.png)
-4. Optionally, to filter the list, use the search bar or the drop-down menus. The "Organization" drop-down menu allows you to filter the {% data variables.product.prodname_dependabot_alerts %} per owner (organization or user).
-   ![Search bar and drop-down menus to filter alerts](/assets/images/help/security/advisory-database-dependabot-alerts-filters.png)
-5. For more details about the advisory, and for advice on how to fix the vulnerable repository, click the repository name.
-
-{% ifversion security-advisories-ghes-ghae %}
-## Accessing the local advisory database on {% data variables.location.product_location %}
-
-If your site administrator has enabled {% data variables.product.prodname_github_connect %} for {% data variables.location.product_location %}, you can also browse reviewed advisories locally. For more information, see "[About {% data variables.product.prodname_github_connect %}](/admin/configuration/configuring-github-connect/about-github-connect)".
-
-You can use your local advisory database to check whether a specific security vulnerability is included, and therefore whether you'd get alerts for vulnerable dependencies. You can also view any vulnerable repositories. 
-
-1. Navigate to `https://HOSTNAME/advisories`.
-2. Optionally, to filter the list, use any of the drop-down menus.
-  ![Dropdown filters](/assets/images/help/security/advisory-database-dropdown-filters.png)
-   {% note %}
-
-   **Note:** Only reviewed advisories will be listed. Unreviewed advisories can be viewed in the {% data variables.product.prodname_advisory_database %} on {% data variables.product.prodname_dotcom_the_website %}. For more information, see "[Accessing an advisory in the GitHub Advisory Database](#accessing-an-advisory-in-the-github-advisory-database)". 
-
-   {% endnote %}
-3. Click an advisory to view details.{% ifversion GH-advisory-db-supports-malware %} By default, you will see {% data variables.product.company_short %}-reviewed advisories for security vulnerabilities. To show malware advisories, use `type:malware` in the search bar.{% endif %}
-
-You can also suggest improvements to any advisory directly from your local advisory database. For more information, see "[Editing advisories from {% data variables.location.product_location %}](/code-security/dependabot/dependabot-alerts/editing-security-advisories-in-the-github-advisory-database#editing-advisories-from-your-github-enterprise-server-instance)".
-
-### Viewing vulnerable repositories for {% data variables.location.product_location %}
-
-{% data reusables.repositories.enable-security-alerts %}
-
-In the local advisory database, you can see which repositories are affected by each security vulnerability{% ifversion GH-advisory-db-supports-malware %} or malware{% endif %}. To see a vulnerable repository, you must have access to {% data variables.product.prodname_dependabot_alerts %} for that repository. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies#access-to-dependabot-alerts)."
-
-1. Navigate to `https://HOSTNAME/advisories`.
-2. Click an advisory.
-3. At the top of the advisory page, click **Dependabot alerts**.
-   ![Dependabot alerts](/assets/images/help/security/advisory-database-dependabot-alerts.png)
-4. Optionally, to filter the list, use the search bar or the drop-down menus. The "Organization" drop-down menu allows you to filter the {% data variables.product.prodname_dependabot_alerts %} per owner (organization or user).
-   ![Search bar and drop-down menus to filter alerts](/assets/images/help/security/advisory-database-dependabot-alerts-filters.png)
-5. For more details about the advisory, and for advice on how to fix the vulnerable repository, click the repository name.
-
-{% endif %}
-
-## Further reading
-
-- MITRE's [definition of "vulnerability"](https://www.cve.org/ResourcesSupport/Glossary#vulnerability)

translations/es-ES/content/code-security/dependabot/dependabot-alerts/editing-security-advisories-in-the-github-advisory-database.md

@@ -1,55 +0,0 @@
----
-title: Editing security advisories in the GitHub Advisory Database
-intro: 'You can submit improvements to any advisory published in the {% data variables.product.prodname_advisory_database %}.'
-redirect_from:
-  - /code-security/security-advisories/editing-security-advisories-in-the-github-advisory-database
-  - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/editing-security-advisories-in-the-github-advisory-database
-versions:
-  fpt: '*'
-  ghec: '*'
-  ghes: '*'
-  ghae: '*'
-type: how_to
-topics:
-  - Security advisories
-  - Alerts
-  - Dependabot
-  - Vulnerabilities
-  - CVEs
-shortTitle: Edit Advisory Database
----
-
-## About editing advisories in the {% data variables.product.prodname_advisory_database %}
-Security advisories in the {% data variables.product.prodname_advisory_database %} at [github.com/advisories](https://github.com/advisories) are considered global advisories. Anyone can suggest improvements on any global security advisory in the {% data variables.product.prodname_advisory_database %}. You can edit or add any detail, including additionally affected ecosystems, severity level or description of who is impacted. The {% data variables.product.prodname_security %} curation team will review the submitted improvements and publish them onto the {% data variables.product.prodname_advisory_database %} if accepted.
-{% ifversion fpt or ghec %}
-Only repository owners and administrators can edit repository-level security advisories. For more information, see "[Editing a repository security advisory](/code-security/security-advisories/editing-a-security-advisory)."{% endif %}
-
-## Editing advisories in the GitHub Advisory Database
-
-1. Navigate to https://github.com/advisories.
-1. Select the security advisory you would like to contribute to.
-1. On the right-hand side of the page, click the **Suggest improvements for this vulnerability** link.
-   
-   ![Screenshot of the suggest improvements link](/assets/images/help/security/suggest-improvements-to-advisory.png)
-
-1. In the "Improve security advisory" form, make the desired improvements. You can edit or add any detail.{% ifversion fpt or ghec %} For information about correctly specifying information on the form, including affected versions, see "[Best practices for writing repository security advisories](/code-security/repository-security-advisories/best-practices-for-writing-repository-security-advisories)."{% endif %}{% ifversion security-advisories-reason-for-change %}
-1. Under **Reason for change**, explain why you want to make this improvement. If you include links to supporting material this will help our reviewers.
-   
-   ![Screenshot of the reason for change field](/assets/images/help/security/security-advisories-suggest-improvement-reason.png){% endif %}
-
-1. When you finish editing the advisory, click **Submit improvements**.
-1. Once you submit your improvements, a pull request containing your changes will be created for review in [github/advisory-database](https://github.com/github/advisory-database) by the {% data variables.product.prodname_security %} curation team. If the advisory originated from a {% data variables.product.prodname_dotcom %} repository, we will also tag the original publisher for optional commentary. You can view the pull request and get notifications when it is updated or closed.
-
-You can also open a pull request directly on an advisory file in the [github/advisory-database](https://github.com/github/advisory-database) repository. For more information, see the [contribution guidelines](https://github.com/github/advisory-database/blob/main/CONTRIBUTING.md). 
-
-{% ifversion security-advisories-ghes-ghae %}
-## Editing advisories from {% data variables.location.product_location %}
-
-If you have {% data variables.product.prodname_github_connect %} enabled for {% data variables.location.product_location %}, you will be able to see advisories by adding `/advisories` to the instance url. 
-
-1. Navigate to `https://HOSTNAME/advisories`.
-2. Select the security advisory you would like to contribute to.
-3. On the right-hand side of the page, click the **Suggest improvements for this vulnerability on {% data variables.product.prodname_dotcom_the_website %}.** link. A new tab opens with the same security advisory on {% data variables.product.prodname_dotcom_the_website %}.
-![Suggest improvements link](/assets/images/help/security/suggest-improvements-to-advisory-on-github-com.png)
-4. Edit the advisory, following steps four through six in "[Editing advisories in the GitHub Advisory Database](#editing-advisories-in-the-github-advisory-database)" above.
-{% endif %}

translations/es-ES/content/code-security/dependabot/dependabot-alerts/index.md

@@ -15,8 +15,6 @@ topics:
   - Repositories
   - Dependencies
 children:
-  - /browsing-security-advisories-in-the-github-advisory-database
-  - /editing-security-advisories-in-the-github-advisory-database
   - /about-dependabot-alerts
   - /configuring-dependabot-alerts
   - /viewing-and-updating-dependabot-alerts

translations/es-ES/content/code-security/getting-started/adding-a-security-policy-to-your-repository.md

@@ -1,6 +1,6 @@
 ---
-title: Agregar una política de seguridad a tu repositorio
-intro: Puedes dar instrucciones de cómo reportar una vulnerabilidad de seguridad en tu proyecto si agregas una política de seguridad a tu repositorio.
+title: Adding a security policy to your repository
+intro: You can give instructions for how to report a security vulnerability in your project by adding a security policy to your repository.
 redirect_from:
   - /articles/adding-a-security-policy-to-your-repository
   - /github/managing-security-vulnerabilities/adding-a-security-policy-to-your-repository
@@ -17,47 +17,49 @@ topics:
   - Repositories
   - Health
 shortTitle: Add a security policy
-ms.openlocfilehash: f081d6e6bd99f604e7e86bc094f76de9041adf4b
-ms.sourcegitcommit: fcf3546b7cc208155fb8acdf68b81be28afc3d2d
-ms.translationtype: HT
-ms.contentlocale: es-ES
-ms.lasthandoff: 09/10/2022
-ms.locfileid: '145091550'
 ---
-## Acerca de las políticas de seguridad
 
-Para proporcionar instrucciones sobre cómo notificar vulnerabilidades de seguridad en el proyecto,{% ifversion fpt or ghes or ghec %} puede agregar un archivo _SECURITY.md_ a la raíz, `docs`, o a la carpeta `.github` del repositorio.{% else %} puede agregar un archivo _SECURITY.md_ a la raíz o a la carpeta `docs` del repositorio.{% endif %} Cuando alguien cree una incidencia en el repositorio, verá un vínculo a la directiva de seguridad del proyecto.
+## About security policies
+
+To give people instructions for reporting security vulnerabilities in your project,{% ifversion fpt or ghes or ghec %} you can add a _SECURITY.md_ file to your repository's root, `docs`, or `.github` folder.{% else %} you can add a _SECURITY.md_ file to your repository's root, or `docs` folder.{% endif %} When someone creates an issue in your repository, they will see a link to your project's security policy.
 
 {% ifversion not ghae %}
 <!-- no public repos in GHAE -->
-Puedes crear una política de seguridad predeterminada para tu organización o cuenta personal. Para más información, vea "[Creación de un archivo de estado de la comunidad predeterminado](/communities/setting-up-your-project-for-healthy-contributions/creating-a-default-community-health-file)".
+You can create a default security policy for your organization or personal account. For more information, see "[Creating a default community health file](/communities/setting-up-your-project-for-healthy-contributions/creating-a-default-community-health-file)."
 {% endif %}
 
 {% tip %}
 
-**Sugerencia:** Para ayudar a los usuarios a encontrar su directiva de seguridad, puede vincular a su archivo _SECURITY.md_ desde otros lugares del repositorio, como un archivo Léame. Para más información, vea "[Acerca de los archivos Léame](/articles/about-readmes)".
+**Tip:** To help people find your security policy, you can link to your _SECURITY.md_ file from other places in your repository, such as your README file. For more information, see "[About READMEs](/articles/about-readmes)."
 
 {% endtip %}
 
-{% ifversion fpt or ghec %} Cuando alguien informa de una vulnerabilidad de seguridad en el proyecto, puede usar {% data variables.product.prodname_security_advisories %} para divulgar, corregir y publicar información sobre esta. Para obtener más información sobre el proceso de generación de informes y la divulgación de vulnerabilidades en {% data variables.product.prodname_dotcom %}, vea "[Acerca de la divulgación coordinada de vulnerabilidades de seguridad](/code-security/security-advisories/about-coordinated-disclosure-of-security-vulnerabilities#about-reporting-and-disclosing-vulnerabilities-in-projects-on-github)". Para más información sobre {% data variables.product.prodname_security_advisories %}, vea "[Acerca de {% data variables.product.prodname_security_advisories %}](/github/managing-security-vulnerabilities/about-github-security-advisories)".
+{% ifversion fpt or ghec %}
+After someone reports a security vulnerability in your project, you can use {% data variables.product.prodname_security_advisories %} to disclose, fix, and publish information about the vulnerability. For more information about the process of reporting and disclosing vulnerabilities in {% data variables.product.prodname_dotcom %}, see "[About coordinated disclosure of security vulnerabilities](/code-security/security-advisories/about-coordinated-disclosure-of-security-vulnerabilities#about-reporting-and-disclosing-vulnerabilities-in-projects-on-github)." For more information about repository security advisories, see "[About repository security advisories](/github/managing-security-vulnerabilities/about-github-security-advisories)."
 
-{% data reusables.repositories.github-security-lab %} {% endif %} {% ifversion ghes or ghae %}
+{% data reusables.repositories.github-security-lab %}
+{% endif %}
+{% ifversion ghes or ghae %}
 <!-- alternative to the content about GitHub Security Advisories in the dotcom article -->
-Cuando pones las instrucciones de reporte de seguridad claramente disponibles, facilitas a tus usurios el reportar cualquier vulnerabilidad de seguridad que encuentren en tu repositorio utilizando tu canal de comunicación preferido.
+By making security reporting instructions clearly available, you make it easy for your users to report any security vulnerabilities they find in your repository using your preferred communication channel.
 {% endif %}
 
-## Agregar una política de seguridad a tu repositorio
+## Adding a security policy to your repository
 
-{% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-security %}
-3. En la barra lateral izquierda, haga clic en **Security policy** (Directiva de seguridad).
-  ![Pestaña Security policy (Directiva de seguridad)](/assets/images/help/security/security-policy-tab.png)
-4. Haga clic en **Iniciar configuración**.
-  ![Botón Start setup (Iniciar configuración)](/assets/images/help/security/start-setup-security-policy-button.png)
-5. En el nuevo archivo _SECURITY.md_, agregue información sobre las versiones admitidas del proyecto y cómo notificar una vulnerabilidad.
-{% data reusables.files.write_commit_message %} {% data reusables.files.choose-commit-email %} {% data reusables.files.choose_commit_branch %} {% data reusables.files.propose_file_change %}
+{% data reusables.repositories.navigate-to-repo %}
+{% data reusables.repositories.sidebar-security %}
+3. In the left sidebar, click **Security policy**.
+  ![Security policy tab](/assets/images/help/security/security-policy-tab.png)
+4. Click **Start setup**.
+  ![Start setup button](/assets/images/help/security/start-setup-security-policy-button.png)
+5. In the new _SECURITY.md_ file, add information about supported versions of your project and how to report a vulnerability.
+{% data reusables.files.write_commit_message %}
+{% data reusables.files.choose-commit-email %}
+{% data reusables.files.choose_commit_branch %}
+{% data reusables.files.propose_file_change %}
 
-## Información adicional
+## Further reading
 
-- "[Protección del repositorio](/code-security/getting-started/securing-your-repository)"{% ifversion not ghae %}
-- "[Configuración del proyecto para contribuciones correctas](/communities/setting-up-your-project-for-healthy-contributions)"{% endif %}{% ifversion fpt or ghec %}
+- "[Securing your repository](/code-security/getting-started/securing-your-repository)"{% ifversion not ghae %}
+- "[Setting up your project for healthy contributions](/communities/setting-up-your-project-for-healthy-contributions)"{% endif %}{% ifversion fpt or ghec %}
 - [{% data variables.product.prodname_security %}]({% data variables.product.prodname_security_link %}){% endif %}

translations/es-ES/content/code-security/getting-started/github-security-features.md

@@ -28,7 +28,7 @@ Make it easy for your users to confidentially report security vulnerabilities th
 {% ifversion fpt or ghec %}
 ### Security advisories
 
-Privately discuss and fix security vulnerabilities in your repository's code. You can then publish a security advisory to alert your community to the vulnerability and encourage community members to upgrade. For more information, see "[About {% data variables.product.prodname_security_advisories %}](/github/managing-security-vulnerabilities/about-github-security-advisories)."
+Privately discuss and fix security vulnerabilities in your repository's code. You can then publish a security advisory to alert your community to the vulnerability and encourage community members to upgrade. For more information, see "[About repository security advisories](/github/managing-security-vulnerabilities/about-github-security-advisories)."
 
 {% endif %}
 {% ifversion fpt or ghec or ghes %}

translations/es-ES/content/code-security/getting-started/securing-your-organization.md

@@ -125,7 +125,7 @@ For more information, see "[Managing security and analysis settings for your org
 ## Next steps
 You can view and manage alerts from security features to address dependencies and vulnerabilities in your code. For more information, see {% ifversion fpt or ghes or ghec %} "[Viewing and updating {% data variables.product.prodname_dependabot_alerts %}](/code-security/dependabot/dependabot-alerts/viewing-and-updating-dependabot-alerts),"{% endif %} {% ifversion fpt or ghec or ghes %}"[Managing pull requests for dependency updates](/code-security/supply-chain-security/managing-pull-requests-for-dependency-updates)," {% endif %}"[Managing {% data variables.product.prodname_code_scanning %} for your repository](/code-security/secure-coding/managing-code-scanning-alerts-for-your-repository)," and "[Managing alerts from {% data variables.product.prodname_secret_scanning %}](/code-security/secret-security/managing-alerts-from-secret-scanning)."
 
-{% ifversion fpt or ghec %}If you have a security vulnerability, you can create a security advisory to privately discuss and fix the vulnerability. For more information, see "[About {% data variables.product.prodname_security_advisories %}](/code-security/security-advisories/about-github-security-advisories)" and "[Creating a security advisory](/code-security/security-advisories/creating-a-security-advisory)."
+{% ifversion fpt or ghec %}If you have a security vulnerability, you can create a security advisory to privately discuss and fix the vulnerability. For more information, see "[About repository security advisories](/code-security/security-advisories/about-github-security-advisories)" and "[Creating a security advisory](/code-security/security-advisories/creating-a-security-advisory)."
 {% endif %}
 
 {% ifversion ghes or ghec or ghae %}You{% elsif fpt %}Organizations that use {% data variables.product.prodname_ghe_cloud %}{% endif %} can view, filter, and sort security alerts for repositories owned by {% ifversion ghes or ghec or ghae %}your{% elsif fpt %}their{% endif %} organization in the security overview. For more information, see{% ifversion ghes or ghec or ghae %} "[About the security overview](/code-security/security-overview/about-the-security-overview)."{% elsif fpt %} "[About the security overview](/enterprise-cloud@latest/code-security/security-overview/about-the-security-overview)" in the {% data variables.product.prodname_ghe_cloud %} documentation.{% endif %}

translations/es-ES/content/code-security/getting-started/securing-your-repository.md

@@ -133,5 +133,5 @@ You can set up {% data variables.product.prodname_code_scanning %} to automatica
 ## Next steps
 You can view and manage alerts from security features to address dependencies and vulnerabilities in your code. For more information, see {% ifversion fpt or ghes or ghec %} "[Viewing and updating {% data variables.product.prodname_dependabot_alerts %}](/code-security/dependabot/dependabot-alerts/viewing-and-updating-dependabot-alerts),"{% endif %} {% ifversion fpt or ghec or ghes %}"[Managing pull requests for dependency updates](/code-security/supply-chain-security/managing-pull-requests-for-dependency-updates)," {% endif %}"[Managing {% data variables.product.prodname_code_scanning %} for your repository](/code-security/secure-coding/managing-code-scanning-alerts-for-your-repository)," and "[Managing alerts from {% data variables.product.prodname_secret_scanning %}](/code-security/secret-security/managing-alerts-from-secret-scanning)."
 
-{% ifversion fpt or ghec %}If you have a security vulnerability, you can create a security advisory to privately discuss and fix the vulnerability. For more information, see "[About {% data variables.product.prodname_security_advisories %}](/code-security/security-advisories/about-github-security-advisories)" and "[Creating a security advisory](/code-security/security-advisories/creating-a-security-advisory)."
+{% ifversion fpt or ghec %}If you have a security vulnerability, you can create a security advisory to privately discuss and fix the vulnerability. For more information, see "[About repository security advisories](/code-security/security-advisories/about-github-security-advisories)" and "[Creating a security advisory](/code-security/security-advisories/creating-a-security-advisory)."
 {% endif %}

translations/es-ES/content/code-security/index.md

@@ -1,7 +1,7 @@
 ---
-title: Seguridad de código
+title: Code security
 shortTitle: Code security
-intro: 'Crea la seguridad de tu flujo de trabajo de {% data variables.product.prodname_dotcom %} con características para mantener tus secretos y vulnerabilidades fuera de tu codebase {% ifversion not ghae %}, y para mantener la cadena de suministro de tu software{% endif %}.'
+intro: 'Build security into your {% data variables.product.prodname_dotcom %} workflow with features to keep secrets and vulnerabilities out of your codebase{% ifversion not ghae %}, and to maintain your software supply chain{% endif %}.'
 introLinks:
   overview: /code-security/getting-started/github-security-features
 featuredLinks:
@@ -53,16 +53,10 @@ children:
   - /adopting-github-advanced-security-at-scale
   - /secret-scanning
   - /code-scanning
-  - /repository-security-advisories
+  - /security-advisories
   - /supply-chain-security
   - /dependabot
   - /security-overview
   - /guides
-ms.openlocfilehash: 90d3ad046a6531849edd8e783db265866f118d90
-ms.sourcegitcommit: 47bd0e48c7dba1dde49baff60bc1eddc91ab10c5
-ms.translationtype: HT
-ms.contentlocale: es-ES
-ms.lasthandoff: 09/05/2022
-ms.locfileid: '147145243'
 ---
 

translations/es-ES/content/code-security/repository-security-advisories/about-github-security-advisories-for-repositories.md

@@ -1,66 +0,0 @@
----
-title: Acerca de los avisos de seguridad de GitHub para repositorios
-intro: 'Puedes usar {% data variables.product.prodname_security_advisories %} para discutir, corregir y publicar información sobre vulnerabilidades de seguridad en tu repositorio.'
-redirect_from:
-  - /articles/about-maintainer-security-advisories
-  - /github/managing-security-vulnerabilities/about-maintainer-security-advisories
-  - /github/managing-security-vulnerabilities/about-github-security-advisories
-  - /code-security/security-advisories/about-github-security-advisories
-versions:
-  fpt: '*'
-  ghec: '*'
-type: overview
-topics:
-  - Security advisories
-  - Vulnerabilities
-  - CVEs
-shortTitle: Repository security advisories
-ms.openlocfilehash: 5c8ad99a2bee30f52a185fa15421bc6b23429fbf
-ms.sourcegitcommit: fcf3546b7cc208155fb8acdf68b81be28afc3d2d
-ms.translationtype: HT
-ms.contentlocale: es-ES
-ms.lasthandoff: 09/10/2022
-ms.locfileid: '145091532'
----
-{% data reusables.repositories.security-advisory-admin-permissions %}
-
-{% data reusables.security-advisory.security-researcher-cannot-create-advisory %}
-
-## About {% data variables.product.prodname_security_advisories %}
-
-{% data reusables.security-advisory.disclosing-vulnerabilities %} Para más información, vea "[Acerca de la divulgación coordinada de vulnerabilidades de seguridad](/code-security/repository-security-advisories/about-coordinated-disclosure-of-security-vulnerabilities)".
-
-{% data reusables.security-advisory.security-advisory-overview %}
-
-Con {% data variables.product.prodname_security_advisories %}, puedes:
-
-1. Crear un borrador de asesoría de seguridad y utilizarlo para debatir de manera privada sobre el impacto de la vulnerabilidad en tu proyecto. Para más información, vea "[Creación de un aviso de seguridad de repositorio](/code-security/repository-security-advisories/creating-a-repository-security-advisory)".
-2. Colaborar en privado para solucionar la vulnerabilidad en una bifurcación privada temporaria.
-3. Publica la asesoría de seguridad para alertar a tu comunidad sobre la vulnerabilidad una vez que se lance el parche. Para más información, vea "[Publicación de un aviso de seguridad de repositorio](/code-security/repository-security-advisories/publishing-a-repository-security-advisory)".
-
-{% data reusables.repositories.security-advisories-republishing %}
-
-Puedes dar crédito a los individuos que contribuyeron con una asesoría de seguridad. Para más información, vea "[Edición de un aviso de seguridad de repositorio](/code-security/repository-security-advisories/editing-a-repository-security-advisory#about-credits-for-security-advisories)".
-
-{% data reusables.repositories.security-guidelines %}
-
-Si creaste una asesoría de seguridad en tu repositorio, esta permanecerá en tu repositorio. Publicamos avisos de seguridad para todos los ecosistemas compatibles con el gráfico de dependencias en la {% data variables.product.prodname_advisory_database %} en [github.com/advisories](https://github.com/advisories). Cualquiera puede enviar un cambio de un aviso publicado en {% data variables.product.prodname_advisory_database %}. Para más información, vea "[Edición de avisos de seguridad en {% data variables.product.prodname_advisory_database %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/editing-security-advisories-in-the-github-advisory-database)".
-
-Si una asesoría de seguridad es específicamente para npm, también la publicamos en las asesorías de seguridad de npm. Para más información, vea [npmjs.com/advisories](https://www.npmjs.com/advisories).
-
-{% data reusables.repositories.github-security-lab %}
-
-## Números de identificación CVE
-
-Las {% data variables.product.prodname_security_advisories %} se construyen sobre las bases de la lista de Vulnerabilidades y Exposiciones Comunes (CVE, por sus siglas en inglés). El formato de asesoría de seguridad en {% data variables.product.prodname_dotcom %} es un formato estandarizado que coincide con el formato de descripción de CVE. 
-
-{% data variables.product.prodname_dotcom %} es una Autoridad de Numeración de CVE (CNA, por sus siglas en inglés) y está autorizado para asignar números de identificación de CVE. Para más información, vea "[Acerca de CVE](https://www.cve.org/About/Overview)" y "[Entidades de numeración de CVE](https://www.cve.org/ProgramOrganization/CNAs)" en el sitio web de CVE.
-
-Cuando creas una asesoría de seguridad para un repositorio público en {% data variables.product.prodname_dotcom %}, tienes la opción de proporcionar un número de identificación de CVE para la vulnerabilidad de seguridad. {% data reusables.repositories.request-security-advisory-cve-id %}
-
-Una vez que hayas publicado la asesoría de seguridad y que {% data variables.product.prodname_dotcom %} haya asignado un número de identificación CVE a la vulnerabilidad, {% data variables.product.prodname_dotcom %} publicará el CVE a la base de datos de MITRE.
-Para más información, vea "[Publicación de un aviso de seguridad de repositorio](/code-security/repository-security-advisories/publishing-a-repository-security-advisory)".
-
-## {% data variables.product.prodname_dependabot_alerts %} para las asesorías de seguridad publicadas
-
-{% data reusables.repositories.github-reviews-security-advisories %}

translations/es-ES/content/code-security/repository-security-advisories/adding-a-collaborator-to-a-repository-security-advisory.md

@@ -1,50 +0,0 @@
----
-title: Incorporación de un colaborador a un aviso de seguridad de repositorio
-intro: Puedes agregar otros usuarios o equipos para que colaboren contigo en un aviso de seguridad.
-redirect_from:
-  - /articles/adding-a-collaborator-to-a-maintainer-security-advisory
-  - /github/managing-security-vulnerabilities/adding-a-collaborator-to-a-maintainer-security-advisory
-  - /github/managing-security-vulnerabilities/adding-a-collaborator-to-a-security-advisory
-  - /code-security/security-advisories/adding-a-collaborator-to-a-security-advisory
-versions:
-  fpt: '*'
-  ghec: '*'
-type: how_to
-topics:
-  - Security advisories
-  - Vulnerabilities
-  - Collaboration
-shortTitle: Add collaborators
-ms.openlocfilehash: 6fa4062fab8e4ffc59724ceb0ba3b6b536871df9
-ms.sourcegitcommit: fcf3546b7cc208155fb8acdf68b81be28afc3d2d
-ms.translationtype: HT
-ms.contentlocale: es-ES
-ms.lasthandoff: 09/10/2022
-ms.locfileid: '147879428'
----
-Las personas con permisos de administrador en una asesoría de seguridad pueden añadir colaboradores a la misma.
-
-{% data reusables.security-advisory.repository-level-advisory-note %}
-
-## Añadir un colaborador a una asesoría de seguridad
-
-Los colaboradores tienen permisos de escritura para el aviso de seguridad. Para obtener más información, vea "[Niveles de permisos para avisos de seguridad del repositorio](/code-security/repository-security-advisories/permission-levels-for-repository-security-advisories)".
-
-{% note %}
-
-{% data reusables.repositories.security-advisory-collaborators-public-repositories %} Para obtener más información sobre cómo quitar un colaborador en un aviso de seguridad, vea "[Eliminación de un colaborador de un aviso de seguridad del repositorio](/code-security/repository-security-advisories/removing-a-collaborator-from-a-repository-security-advisory)".
-
-{% endnote %}
-
-{% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-security %} {% data reusables.repositories.sidebar-advisories %}
-4. En la lista de "Asesorías de Seguridad", da clic en la asesoría a la cual quieras añadir un colaborador.
-5. En la parte derecha de la página, debajo de "Colaboradores", teclea el nombre de usuario o equipo que quieras añadir a la asesoría de seguridad.
-  ![Campo para escribir el nombre del equipo o el usuario](/assets/images/help/security/add-collaborator-field.png)
-6. Haga clic en **Agregar**.
-  ![Botón Agregar](/assets/images/help/security/security-advisory-add-collaborator-button.png)
-
-## Información adicional
-
-- "[Niveles de permiso para avisos de seguridad de repositorios](/code-security/repository-security-advisories/permission-levels-for-repository-security-advisories)"
-- "[Colaboración en una bifurcación privada temporal para resolver una vulnerabilidad de seguridad del repositorio](/code-security/repository-security-advisories/collaborating-in-a-temporary-private-fork-to-resolve-a-repository-security-vulnerability)"
-- "[Eliminación de un colaborador de un aviso de seguridad del repositorio](/code-security/repository-security-advisories/removing-a-collaborator-from-a-repository-security-advisory)".

translations/es-ES/content/code-security/repository-security-advisories/collaborating-in-a-temporary-private-fork-to-resolve-a-repository-security-vulnerability.md

@@ -1,90 +0,0 @@
----
-title: Colaboración en una bifurcación privada temporal para resolver una vulnerabilidad de seguridad del repositorio
-intro: Puedes crear una bifurcación privada temporal para colaborar de manera privada en la resolución de una vulnerabilidad de seguridad en tu repositorio.
-redirect_from:
-  - /articles/collaborating-in-a-temporary-private-fork-to-resolve-a-security-vulnerability
-  - /github/managing-security-vulnerabilities/collaborating-in-a-temporary-private-fork-to-resolve-a-security-vulnerability
-  - /code-security/security-advisories/collaborating-in-a-temporary-private-fork-to-resolve-a-security-vulnerability
-versions:
-  fpt: '*'
-  ghec: '*'
-type: how_to
-topics:
-  - Security advisories
-  - Vulnerabilities
-  - Collaboration
-  - Forks
-shortTitle: Temporary private forks
-ms.openlocfilehash: c03892c3ad1bd7345a7a066c9a9564858db4b84d
-ms.sourcegitcommit: ac00e2afa6160341c5b258d73539869720b395a4
-ms.translationtype: HT
-ms.contentlocale: es-ES
-ms.lasthandoff: 09/09/2022
-ms.locfileid: '147878540'
----
-{% data reusables.security-advisory.repository-level-advisory-note %}
-
-## Prerrequisitos
-
-Antes de que puedas colaborar en una bifurcación privada temporal, debes crear un borrador de asesoría de seguridad. Para más información, vea "[Creación de un aviso de seguridad de repositorio](/code-security/repository-security-advisories/creating-a-repository-security-advisory)".
-
-## Crear una bifurcación privada temporal
-
-Cualquier persona con permisos de administración para un aviso de seguridad puede crear una bifurcación privada temporal.
-
-Para garantizar la seguridad de la información sobre vulnerabilidades, las integraciones, entre las que se incluye CI, no pueden acceder a las bifurcaciones privadas temporales.
-
-{% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-security %} {% data reusables.repositories.sidebar-advisories %}
-4. En la lista de "Asesorías de Seguridad", da clic en aquella en la cual desees crear una bifurcación privada temporal.
-  ![Aviso de seguridad en la lista](/assets/images/help/security/security-advisory-in-list.png)
-5. Haga clic en **Nueva bifurcación privada temporal**.
-  ![Botón Nueva bifurcación privada temporal](/assets/images/help/security/new-temporary-private-fork-button.png)
-
-## Añadir colaboradores a una bifurcación privada temporal
-
-Cualquiera con permisos de administrador en una asesoría de seguridad puede añadir colaboradores adicionales a la misma, y estos pueden acceder a la bifurcación privada temporal. Para más información, vea "[Adición de un colaborador a un aviso de seguridad de repositorio](/code-security/repository-security-advisories/adding-a-collaborator-to-a-repository-security-advisory)".
-
-## Agregar cambios a una bifurcación privada temporal
-
-Cualquier persona con permisos de escritura para un aviso de seguridad puede agregar cambios a una bifurcación privada temporal.
-
-{% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-security %} {% data reusables.repositories.sidebar-advisories %}
-4. En la lista de "Asesorías de Seguridad", da clic sobre aquella en la que quieras añadir cambios.
-  ![Aviso de seguridad en la lista](/assets/images/help/security/security-advisory-in-list.png)
-5. Agrega tus cambios en {% data variables.product.product_name %} o localmente:
-   - Para añadir cambios en {% data variables.product.product_name %}, debajo de "Añadir cambios a este aviso", haga clic en **la bifurcación privada temporal**. Luego, crea una nueva rama y edita los archivos. Para más información, vea "[Creación y eliminación de ramas dentro del repositorio](/articles/creating-and-deleting-branches-within-your-repository)" y "[Edición de archivos](/repositories/working-with-files/managing-files/editing-files)".
-   - Para añadir cambios localmente, sigue las instrucciones descritas en "Clonar y crear una nueva rama" y "Haz tus cambios, posteriormente, súbelos".
-   ![Adición de cambios en este cuadro de aviso](/assets/images/help/security/add-changes-to-this-advisory-box.png)
-
-## Crear una solicitud de extracción desde una bifurcación privada temporal
-
-Cualquier persona con permisos de escritura para un aviso de seguridad puede crear una solicitud de extracción desde una bifurcación privada temporal.
-
-{% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-security %} {% data reusables.repositories.sidebar-advisories %}
-4. En la lista de "Asesorías de Seguridad", da clic sobre aquella en la que desees crear una solicitud de extracción.
-  ![Aviso de seguridad en la lista](/assets/images/help/security/security-advisory-in-list.png)
-5. A la derecha del nombre de la rama, haga clic en **Comparar y solicitud de incorporación de cambios**.
-  ![Botón Comparar y solicitud de incorporación de cambios](/assets/images/help/security/security-advisory-compare-and-pr.png) {% data reusables.repositories.pr-title-description %} {% data reusables.repositories.create-pull-request %}
-
-{% data reusables.repositories.merge-all-pulls-together %} Para más información, vea "[Combinación de cambios en un aviso de seguridad](#merging-changes-in-a-security-advisory)".
-
-## Fusionar cambios en una asesoría de seguridad
-
-Cualquiera con permisos de administrador en una asesoría de seguridad puede fusionar los cambios en la misma.
-
-{% data reusables.repositories.merge-all-pulls-together %}
-
-Antes de que puedas fusionar cambios en una asesoría de seguridad, cada solicitud de extracción abierta en la bifurcación privada temporal debe ser fusionable. No puede haber conflictos de fusión, y se deben cumplir los requisitos de protección de la rama. Para garantizar la seguridad de la información sobre las vulnerabilidades, las verificaciones de estado no ejecutan solicitudes de extracción en bifurcaciones privadas temporales. Para más información, vea "[Acerca de las ramas protegidas](/articles/about-protected-branches)".
-
-{% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-security %} {% data reusables.repositories.sidebar-advisories %}
-4. En el listado de "Asesorías de Seguridad", da clic sobre aquella que tiene los cambios que quieras fusionar.
-  ![Aviso de seguridad en la lista](/assets/images/help/security/security-advisory-in-list.png)
-5. Para combinar todas las solicitudes de incorporación de cambios abiertas en la bifurcación privada temporal, haga clic en **Combinar solicitudes de incorporación de cambios**.
-  ![Botón Combinar solicitudes de incorporación de cambios](/assets/images/help/security/merge-pull-requests-button.png)
-
-Después de que fusiones cambios en una asesoría de seguridad, puedes publicarla para alertar a tu comunidad sobre las vulnerabilidades de seguridad en versiones previas de tu proyecto. Para más información, vea "[Publicación de un aviso de seguridad de repositorio](/code-security/repository-security-advisories/publishing-a-repository-security-advisory)".
-
-## Información adicional
-
-- "[Niveles de permiso para avisos de seguridad de repositorios](/code-security/repository-security-advisories/permission-levels-for-repository-security-advisories)"
-- "[Publicación de un aviso de seguridad de repositorio](/code-security/repository-security-advisories/publishing-a-repository-security-advisory)"

translations/es-ES/content/code-security/repository-security-advisories/creating-a-repository-security-advisory.md

@@ -1,44 +0,0 @@
----
-title: Creación de un aviso de seguridad de repositorio
-intro: Puedes crear un borrador de asesoría de seguridad para debatir en privado y arreglar una vulnerabilidad de seguridad en tu proyecto de código abierto.
-redirect_from:
-  - /articles/creating-a-maintainer-security-advisory
-  - /github/managing-security-vulnerabilities/creating-a-maintainer-security-advisory
-  - /github/managing-security-vulnerabilities/creating-a-security-advisory
-  - /code-security/security-advisories/creating-a-security-advisory
-versions:
-  fpt: '*'
-  ghec: '*'
-type: how_to
-topics:
-  - Security advisories
-  - Vulnerabilities
-shortTitle: Create repository advisories
-ms.openlocfilehash: d4b47f84b20873e97b18106448b768288fff3039
-ms.sourcegitcommit: fcf3546b7cc208155fb8acdf68b81be28afc3d2d
-ms.translationtype: HT
-ms.contentlocale: es-ES
-ms.lasthandoff: 09/10/2022
-ms.locfileid: '145119394'
----
-Cualquier usuario con permisos de administrador puede crear un aviso de seguridad.
-
-{% data reusables.security-advisory.security-researcher-cannot-create-advisory %}
-
-## Creación de un aviso de seguridad
-
-{% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-security %} {% data reusables.repositories.sidebar-advisories %}
-4. Haga clic en **New draft security advisory**.
-  ![Botón Open draft advisory](/assets/images/help/security/security-advisory-new-draft-security-advisory-button.png)
-5. Escribe un título para tu aviso de seguridad.
-{% data reusables.repositories.security-advisory-edit-details %} {% data reusables.repositories.security-advisory-edit-severity %} {% data reusables.repositories.security-advisory-edit-cwe-cve %} {% data reusables.repositories.security-advisory-edit-description %}
-11. Haga clic en **Create draft security advisory**.
-  ![Botón Create security advisory](/assets/images/help/security/security-advisory-create-security-advisory-button.png)
-
-## Pasos siguientes
-
-- Comentar en el borrador de asesoría de seguridad para debatir sobre la vulnerabilidad con tu equipo.
-- Añadir colaboradores a la asesoría de seguridad. Para obtener más información, consulte "[Adición de un colaborador a un aviso de seguridad de repositorio](/code-security/repository-security-advisories/adding-a-collaborator-to-a-repository-security-advisory)".
-- Colaborar en privado para solucionar la vulnerabilidad en una bifurcación privada temporaria. Para más información, vea "[Colaboración en una bifurcación privada temporal para resolver una vulnerabilidad de seguridad del repositorio](/code-security/repository-security-advisories/collaborating-in-a-temporary-private-fork-to-resolve-a-repository-security-vulnerability)".
-- Agregar individuos que deberían recibir crédito por contribuir con la asesoría de seguridad. Para más información, vea "[Edición de un aviso de seguridad de repositorio](/code-security/repository-security-advisories/editing-a-repository-security-advisory#about-credits-for-security-advisories)".
-- Publicar la asesoría de seguridad para notificar a tu comunidad sobre la vulnerabilidad de seguridad en cuestión. Para más información, vea "[Publicación de un aviso de seguridad de repositorio](/code-security/repository-security-advisories/publishing-a-repository-security-advisory)".

translations/es-ES/content/code-security/repository-security-advisories/editing-a-repository-security-advisory.md

@@ -1,48 +0,0 @@
----
-title: Edición de un aviso de seguridad de repositorio
-intro: Puedes editar los metadatos y la descripción de una asesoría de seguridad de repositorio si necesitas actualizar los detalles o corregir los errores en esta.
-redirect_from:
-  - /github/managing-security-vulnerabilities/editing-a-security-advisory
-  - /code-security/security-advisories/editing-a-security-advisory
-versions:
-  fpt: '*'
-  ghec: '*'
-type: how_to
-topics:
-  - Security advisories
-  - Vulnerabilities
-shortTitle: Edit repository advisories
-ms.openlocfilehash: 2ea2f588374d83be677589b4f3bf4e74a7fc6e91
-ms.sourcegitcommit: 47bd0e48c7dba1dde49baff60bc1eddc91ab10c5
-ms.translationtype: HT
-ms.contentlocale: es-ES
-ms.lasthandoff: 09/05/2022
-ms.locfileid: '145119386'
----
-Los usuarios con permisos de administrador para aviso de seguridad pueden editarlo.
-
-{% data reusables.security-advisory.repository-level-advisory-note %}
-
-## Acerca de los créditos para las asesorías de seguridad
-
-Puedes dar crédito a las personas que ayudaron a descubrir, reportar, o arreglar una vulnerabilidad de seguridad. Si le das crédito a alguien, ellos pueden elegir aceptarlo o declinarlo.
-
-Si alguien acepta el crédito, el nombre de usuario de la persona aparecerá en la sección "Créditos" de la asesoría de seguridad. Cualquiera con acceso de lectura al repositorio puede ver la asesoría y las personas que aceptaron el crédito por ella.
-
-Si crees que se te debería dar crédito por alguna asesoría de seguridad, por favor, contacta a la persona que la creó y pídele que edite la asesoría para incluir tu crédito. Solo el creador de la asesoría te puede dar crédito, asi que, por favor, no contactes al Soporte de GitHub pidiendo crédito para alguna asesoría de seguridad.
-
-## Editar una asesoría de seguridad
-
-{% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-security %} {% data reusables.repositories.sidebar-advisories %}
-4. En el listado de "Asesorías de Seguridad", da clic en aquella que quieras editar.
-5. En la esquina superior derecha de los detalles del aviso de seguridad, haga clic en {% octicon "pencil" aria-label="The edit icon" %}.
-  ![Botón de edición para un aviso de seguridad](/assets/images/help/security/security-advisory-edit-button.png) {% data reusables.repositories.security-advisory-edit-details %} {% data reusables.repositories.security-advisory-edit-severity %} {% data reusables.repositories.security-advisory-edit-cwe-cve %} {% data reusables.repositories.security-advisory-edit-description %}
-11. Opcionalmente, puedes editar los "Créditos" para la asesoría de seguridad.
-  ![Créditos para un aviso de seguridad](/assets/images/help/security/security-advisory-credits.png)
-12. Haga clic en **Actualizar aviso de seguridad**.
-  ![Botón "Actualizar aviso de seguridad"](/assets/images/help/security/update-advisory-button.png)
-13. Las personas listadas en la sección de "Créditos" recibirán una notificación web o por correo electrónico que los invita a aceptar el crédito. Si la persona acepta, su nombre de usuario estará visible al público una vez que la asesoría de seguridad se publique.
-
-## Información adicional
-
-- "[Retirada de un aviso de seguridad de repositorio](/code-security/repository-security-advisories/withdrawing-a-repository-security-advisory)"

translations/es-ES/content/code-security/repository-security-advisories/index.md

@@ -1,36 +0,0 @@
----
-title: Administrar las advertencias de seguridad de vulnerabilidades en tu proyecto
-shortTitle: Repository security advisories
-intro: 'Debate, arregla y divulga las vulnerabilidades de seguridad en tus repositorios utilizando asesorías de seguridad de repositorios.'
-redirect_from:
-  - /articles/managing-security-vulnerabilities-in-your-project
-  - /github/managing-security-vulnerabilities/managing-security-vulnerabilities-in-your-project
-  - /code-security/security-advisories
-versions:
-  fpt: '*'
-  ghec: '*'
-topics:
-  - Security advisories
-  - Vulnerabilities
-  - Repositories
-  - CVEs
-children:
-  - /about-coordinated-disclosure-of-security-vulnerabilities
-  - /about-github-security-advisories-for-repositories
-  - /permission-levels-for-repository-security-advisories
-  - /creating-a-repository-security-advisory
-  - /adding-a-collaborator-to-a-repository-security-advisory
-  - /removing-a-collaborator-from-a-repository-security-advisory
-  - /collaborating-in-a-temporary-private-fork-to-resolve-a-repository-security-vulnerability
-  - /publishing-a-repository-security-advisory
-  - /editing-a-repository-security-advisory
-  - /withdrawing-a-repository-security-advisory
-  - /best-practices-for-writing-repository-security-advisories
-ms.openlocfilehash: 43efe7ceaf307da4a8a7c02c45f744a4967b05b0
-ms.sourcegitcommit: fcf3546b7cc208155fb8acdf68b81be28afc3d2d
-ms.translationtype: HT
-ms.contentlocale: es-ES
-ms.lasthandoff: 09/10/2022
-ms.locfileid: '145119385'
----
-

translations/es-ES/content/code-security/repository-security-advisories/permission-levels-for-repository-security-advisories.md

@@ -1,50 +0,0 @@
----
-title: Niveles de permiso para avisos de seguridad de repositorios
-intro: Las acciones que puedes tomar en una asesoría de seguridad de repositorio dependen de si tienes permisos de administrador o de escritura en esta.
-redirect_from:
-  - /articles/permission-levels-for-maintainer-security-advisories
-  - /github/managing-security-vulnerabilities/permission-levels-for-maintainer-security-advisories
-  - /github/managing-security-vulnerabilities/permission-levels-for-security-advisories
-  - /code-security/security-advisories/permission-levels-for-security-advisories
-versions:
-  fpt: '*'
-  ghec: '*'
-type: reference
-topics:
-  - Security advisories
-  - Vulnerabilities
-  - Permissions
-shortTitle: Permission levels
-ms.openlocfilehash: 9c2ad0d30b98b79786df09a224766bd826cb84f6
-ms.sourcegitcommit: 47bd0e48c7dba1dde49baff60bc1eddc91ab10c5
-ms.translationtype: HT
-ms.contentlocale: es-ES
-ms.lasthandoff: 09/05/2022
-ms.locfileid: '145119393'
----
-Este artículo solo se aplica a los avisos de seguridad de nivel de repositorio. Cualquiera puede contribuir a los avisos de seguridad globales en {% data variables.product.prodname_advisory_database %} en [github.com/advisories](https://github.com/advisories). Las ediciones a las asesorías globales no cambiarán ni afectarán la forma en la que se muestra la asesoría en el repositorio.  Para más información, vea "[Edición de avisos de seguridad en {% data variables.product.prodname_advisory_database %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/editing-security-advisories-in-the-github-advisory-database)".
-
-## Introducción sobre los permisos
-
-{% data reusables.repositories.security-advisory-admin-permissions %} Para más información sobre cómo agregar un colaborador a un aviso de seguridad, vea "[Adición de un colaborador a un aviso de seguridad de repositorio](/code-security/repository-security-advisories/adding-a-collaborator-to-a-repository-security-advisory)".
-
-Acción | Permisos de escritura | Permisos de administrador |
------- | ----------------- | ----------------- |
-Ver un borrador de asesoría de seguridad | x | x |
-Agregar colaboradores al aviso de seguridad (vea "[Adición de un colaborador a un aviso de seguridad de repositorio](/code-security/repository-security-advisories/adding-a-collaborator-to-a-repository-security-advisory)") | | x |
-Editar y borrar cualquier comentario en la asesoría de seguridad | x | x |
-Crear una bifurcación privada temporal en el aviso de seguridad (vea "[Colaboración en una bifurcación privada temporal para resolver una vulnerabilidad de seguridad del repositorio](/code-security/repository-security-advisories/collaborating-in-a-temporary-private-fork-to-resolve-a-repository-security-vulnerability)") | | x |
-Agregar cambios a una bifurcación privada temporal en el aviso de seguridad (vea "[Colaboración en una bifurcación privada temporal para resolver una vulnerabilidad de seguridad del repositorio](/code-security/repository-security-advisories/collaborating-in-a-temporary-private-fork-to-resolve-a-repository-security-vulnerability)") | x | x |
-Crear solicitudes de incorporación de cambios en una bifurcación privada temporal (vea "[Colaboración en una bifurcación privada temporal para resolver una vulnerabilidad de seguridad del repositorio](/code-security/repository-security-advisories/collaborating-in-a-temporary-private-fork-to-resolve-a-repository-security-vulnerability)") | x | x |
-Combinar cambios en el aviso de seguridad (vea "[Colaboración en una bifurcación privada temporal para resolver una vulnerabilidad de seguridad del repositorio](/code-security/repository-security-advisories/collaborating-in-a-temporary-private-fork-to-resolve-a-repository-security-vulnerability)") | | x |
-Agregar y editar metadatos en el aviso de seguridad (vea "[Publicación de un aviso de seguridad de repositorio](/code-security/repository-security-advisories/publishing-a-repository-security-advisory)") | x | x |
-Agregar y quitar créditos en el aviso de seguridad (vea "[Edición de un aviso de seguridad de repositorio](/code-security/repository-security-advisories/editing-a-repository-security-advisory)") | x | x |
-Cerrar el borrador de la asesoría de seguridad | | x |
-Publicar el aviso de seguridad (vea "[Publicación de un aviso de seguridad de repositorio](/code-security/repository-security-advisories/publishing-a-repository-security-advisory)") | | x |
-
-## Información adicional
-
-- "[Adición de un colaborador a un aviso de seguridad de repositorio](/code-security/repository-security-advisories/adding-a-collaborator-to-a-repository-security-advisory)"
-- "[Colaboración en una bifurcación privada temporal para resolver una vulnerabilidad de seguridad del repositorio](/code-security/repository-security-advisories/collaborating-in-a-temporary-private-fork-to-resolve-a-repository-security-vulnerability)"
-- "[Eliminación de un colaborador de un aviso de seguridad del repositorio](/code-security/repository-security-advisories/removing-a-collaborator-from-a-repository-security-advisory)"
-- "[Retirada de un aviso de seguridad de repositorio](/code-security/repository-security-advisories/withdrawing-a-repository-security-advisory)"

translations/es-ES/content/code-security/repository-security-advisories/publishing-a-repository-security-advisory.md

@@ -1,101 +0,0 @@
----
-title: Publicación de un aviso de seguridad de repositorio
-intro: Puedes publicar una asesoría de seguridad para alertar a tu comunidad sobre la vulnerabilidad de seguridad en tu proyecto.
-redirect_from:
-  - /articles/publishing-a-maintainer-security-advisory
-  - /github/managing-security-vulnerabilities/publishing-a-maintainer-security-advisory
-  - /github/managing-security-vulnerabilities/publishing-a-security-advisory
-  - /code-security/security-advisories/publishing-a-security-advisory
-versions:
-  fpt: '*'
-  ghec: '*'
-type: how_to
-topics:
-  - Security advisories
-  - Vulnerabilities
-  - CVEs
-  - Repositories
-shortTitle: Publish repository advisories
-ms.openlocfilehash: f3e3bfdb6b44ec1c86bb903c66271b854f4fb041
-ms.sourcegitcommit: 47bd0e48c7dba1dde49baff60bc1eddc91ab10c5
-ms.translationtype: HT
-ms.contentlocale: es-ES
-ms.lasthandoff: 09/05/2022
-ms.locfileid: '145119378'
----
-<!--Marketing-LINK: From /features/security/software-supply-chain page "Publishing a security advisory".-->
-
-Cualquiera con permisos de administrador en una asesoría de seguridad puede publicarla.
-
-{% data reusables.security-advisory.repository-level-advisory-note %}
-
-## Prerrequisitos
-
-Antes de que puedas publicar una asesoría de seguridad o solicitar un número de identificación de CVE, debes crear un borrador de asesoría de seguridad y proporcionar información acerca de las versiones de tu proyecto que se vieron afectadas por la vulnerabilidad de seguridad. Para más información, vea "[Creación de un aviso de seguridad de repositorio](/code-security/repository-security-advisories/creating-a-repository-security-advisory)".
-
-Si creaste una asesoría de seguridad pero no has proporcionado detalles sobre las versiones de tu proyecto que afectó la vulnerabilidad, puedes editarla. Para más información, vea "[Edición de un aviso de seguridad de repositorio](/code-security/repository-security-advisories/editing-a-repository-security-advisory)".
-
-## Acerca de publicar una asesoría de seguridad
-
-Cuando publicas una asesoría de seguridad, notificas a tu comunidad acerca de la vulnerabilidad de seguridad que se dirige en dicha asesoría. El publicar una asesoría de seguridad facilita a tu comunidad el actualizar las dependencias de los paquetes y el investigar el impacto de la vulnerabilidad de seguridad.
-
-{% data reusables.repositories.security-advisories-republishing %}
-
-Antes de que publiques una asesoría de seguridad, puedes hacer una colaboración privada para arreglar la vulnerabilidad en una bifurcación privada. Para más información, vea "[Colaboración en una bifurcación privada temporal para resolver una vulnerabilidad de seguridad del repositorio](/code-security/repository-security-advisories/collaborating-in-a-temporary-private-fork-to-resolve-a-repository-security-vulnerability)".
-
-{% warning %}
-
-**Advertencia**: Siempre que sea posible, debe agregar una versión de corrección a un aviso de seguridad antes de publicar el aviso. Si no lo haces, la asesoría se publicará sin una versión corregida y el {% data variables.product.prodname_dependabot %} alertará a tus usuarios sobre este problema sin ofrecer una versión segura para actualizarse.
-
-Te recomendamos seguir estos pasos en estas situaciones:
-
-- Si una versión corregida está disponible inminentemente y puedes hacerlo, espera para divulgar el problema cuando la corrección ya esté lista.
-- Si aún se está desarrollando una versión corregida y no se encuentra disponible, menciónalo en la asesoría y edítala después de publicarla.
-- Si no planeas corregir el problema, aclara esto en la asesoría para que tus usuarios no te contacten para preguntar cuándo crearás la corrección. En este caso, es útil incluir pasos que puedan seguir los usuarios para mitigar el problema.
-
-{% endwarning %}
-
-Cuando publicas un borrador de asesoría desde un repositorio público, todos pueden ver:
-
-- La versión actual de los datos de la asesoría.
-- Cualquier asesoría atribuye que los usuarios acreditados han aceptado.
-  
-{% note %}
-
-**Nota**: El público general nunca tendrá acceso al historial de edición del aviso y solo verá la versión publicada.
-
-{% endnote %}
-
-Después de que publicas una asesoría de seguridad, la URL de la misa permanecerá tal como antes de publicarla. Cualquiera con acceso de lectura al repositorio puede verla. Los colaboradores de la asesoría de seguridad pueden seguir viendo las conversaciones pasadas, incluyendo el flujo completo de comentarios, en la asesoría de seguridad a menos de que alguien con permisos administrativos elimine al colaborador de la asesoría de seguridad. 
-
-Si necesitas actualizar o corregir información en una asesoría de seguridad que hayas publicado, puedes editarla. Para más información, vea "[Edición de un aviso de seguridad de repositorio](/code-security/repository-security-advisories/editing-a-repository-security-advisory)".
-
-## Publicar una asesoría de seguridad
-
-El publicar una asesoría de seguridad borra la bifurcación temporal privada para la misma.
-
-{% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-security %} {% data reusables.repositories.sidebar-advisories %}
-4. En el listado de "Asesorías de Seguridad", da clic sobre la que quieras publicar.
-  ![Aviso de seguridad en la lista](/assets/images/help/security/security-advisory-in-list.png)
-5. En la parte inferior de la página, haga clic en **Publish advisory**.
-  ![Botón para publicar aviso](/assets/images/help/security/publish-advisory-button.png)
-  
-## {% data variables.product.prodname_dependabot_alerts %} para las asesorías de seguridad publicadas
-
-{% data reusables.repositories.github-reviews-security-advisories %}
-
-## Solicitar un número de identificación de CVE (Opcional)
-
-{% data reusables.repositories.request-security-advisory-cve-id %} Para más información, vea "[Acerca de {% data variables.product.prodname_security_advisories %} para repositorios](/code-security/repository-security-advisories/about-github-security-advisories-for-repositories#cve-identification-numbers)".
-
-{% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-security %} {% data reusables.repositories.sidebar-advisories %}
-4. En el listado de "Asesorías de Seguridad", da clic en aquella para la cual quieras solicitar un número de identificación de CVE.
-  ![Aviso de seguridad en la lista](/assets/images/help/security/security-advisory-in-list.png)
-5. Use el menú desplegable **Publish advisory** y haga clic en **Request CVE**.
-  ![Solicitud de CVE en el menú desplegable](/assets/images/help/security/security-advisory-drop-down-request-cve.png)
-6. Haga clic en **Request CVE**.
-  ![Botón de solicitud de CVE](/assets/images/help/security/security-advisory-request-cve-button.png)
-
-## Información adicional
-
-- "[Retirada de un aviso de seguridad de repositorio](/code-security/repository-security-advisories/withdrawing-a-repository-security-advisory)"

translations/es-ES/content/code-security/repository-security-advisories/removing-a-collaborator-from-a-repository-security-advisory.md

@@ -1,42 +0,0 @@
----
-title: Eliminación de un colaborador de un aviso de seguridad del repositorio
-intro: 'Cuando eliminas a un colaborador de una asesoría de seguridad de repositorio, este pierde el acceso de lectura y escritura en el debate y los metadatos de aquella.'
-redirect_from:
-  - /github/managing-security-vulnerabilities/removing-a-collaborator-from-a-security-advisory
-  - /code-security/security-advisories/removing-a-collaborator-from-a-security-advisory
-versions:
-  fpt: '*'
-  ghec: '*'
-type: how_to
-topics:
-  - Security advisories
-  - Vulnerabilities
-  - Collaboration
-shortTitle: Remove collaborators
-ms.openlocfilehash: ced0edd0614304c0d33ddd40dce3c6a24a9ffcfd
-ms.sourcegitcommit: fcf3546b7cc208155fb8acdf68b81be28afc3d2d
-ms.translationtype: HT
-ms.contentlocale: es-ES
-ms.lasthandoff: 09/10/2022
-ms.locfileid: '145119361'
----
-Las personas con permisos administrativos en una asesoría de seguridad pueden eliminar a los colaboradores de la misma.
-
-{% data reusables.security-advisory.repository-level-advisory-note %}
-
-## Eliminar un colaborador de una asesoría de seguridad
-
-{% data reusables.repositories.security-advisory-collaborators-public-repositories %}
-
-{% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-security %} {% data reusables.repositories.sidebar-advisories %}
-4. En el listado de "Asesorías de Seguridad", da clic sobre aquella en la que quieras eliminar a algún colaborador.
-  ![Aviso de seguridad en la lista](/assets/images/help/security/security-advisory-in-list.png)
-5. En el lado derecho de la página, debajo de "Colaboradores", encuentra el nombre del usuario o equipo al que quieres eliminar de la asesoría de seguridad.
-  ![Colaborador de asesoría de seguridad](/assets/images/help/security/security-advisory-collaborator.png)
-6. Junto al colaborador que quiera quitar, haga clic en el icono **X**.
-  ![Icono X para quitar al colaborador de la asesoría de seguridad](/assets/images/help/security/security-advisory-remove-collaborator-x.png)
-
-## Información adicional
-
-- "[Niveles de permiso para avisos de seguridad de repositorios](/code-security/repository-security-advisories/permission-levels-for-repository-security-advisories)"
-- "[Adición de un colaborador a un aviso de seguridad de repositorio](/code-security/repository-security-advisories/adding-a-collaborator-to-a-repository-security-advisory)"

translations/es-ES/content/code-security/repository-security-advisories/withdrawing-a-repository-security-advisory.md

@@ -1,28 +0,0 @@
----
-title: Retirada de un aviso de seguridad de repositorio
-intro: Puedes retirar una asesoría de seguridad de repositorio que hayas publicado.
-redirect_from:
-  - /github/managing-security-vulnerabilities/withdrawing-a-security-advisory
-  - /code-security/security-advisories/withdrawing-a-security-advisory
-versions:
-  fpt: '*'
-  ghec: '*'
-type: how_to
-topics:
-  - Security advisories
-  - Vulnerabilities
-shortTitle: Withdraw repository advisories
-ms.openlocfilehash: 1d85afddaadbd25c5b24ab945dac998b7842ae23
-ms.sourcegitcommit: fcf3546b7cc208155fb8acdf68b81be28afc3d2d
-ms.translationtype: HT
-ms.contentlocale: es-ES
-ms.lasthandoff: 09/10/2022
-ms.locfileid: '145119329'
----
-{% data reusables.security-advisory.repository-level-advisory-note %}
-
-Si publicas una asesoría de seguridad por error, puedes retirarla contactando a {% data variables.contact.contact_support %}.
-
-## Información adicional
-
-- "[Edición de un aviso de seguridad de repositorio](/code-security/repository-security-advisories/editing-a-repository-security-advisory)"

translations/es-ES/content/code-security/security-overview/about-the-security-overview.md

@@ -67,17 +67,23 @@ The security overview displays active alerts raised by security features. If the
 
 At the organization-level, the security overview displays aggregate and repository-specific security information for repositories owned by your organization. You can filter information by security features at the organization-level.
 
+Organization owners and security managers for organizations have access to the organization-level security overview. {% ifversion ghec or ghes > 3.6 or ghae > 3.6 %}Organization members can access the organization-level security overview to view results for repositories where they have admin privileges or have been granted access to security alerts. For more information on managing security alert access, see "[Managing security and analysis settings for your repository](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository)".{% endif %}
+
 {% ifversion ghec or ghes > 3.4 or ghae > 3.4 %}
 ### About the enterprise-level security overview
 At the enterprise-level, the security overview displays aggregate and repository-specific security information for your enterprise. You can view repositories owned by your enterprise that have security alerts, view all security alerts, or security feature-specific alerts from across your enterprise.
 
-Organization owners and security managers for organizations in your enterprise also have limited access to the enterprise-level security overview. They can only view repositories and alerts for the organizations that they have full access to.
+Organization owners and security managers for organizations in your enterprise have access to the enterprise-level security overview. They can view repositories and alerts for the organizations that they have full access to.
+
+Enterprise owners can only see alerts for organizations that they are an owner or a security manager of.{% ifversion ghec or ghes > 3.5 or ghae > 3.5 %} Enterprise owners can join an organization as an organization owner to see all of its alerts in the enterprise-level security overview. For more information, see "[Managing your role in an organization owned by your enterprise](/admin/user-management/managing-organizations-in-your-enterprise/managing-your-role-in-an-organization-owned-by-your-enterprise)."{% endif %}
 
 {% elsif fpt %}
 ### About the enterprise-level security overview
 At the enterprise-level, the security overview displays aggregate and repository-specific information for an enterprise. For more information, see "[About the enterprise-level security overview](/enterprise-cloud@latest/code-security/security-overview/about-the-security-overview#about-the-enterprise-level-security-overview)" in the {% data variables.product.prodname_ghe_cloud %} documentation.
 {% endif %}
 
+{% ifversion ghes < 3.7 or ghae < 3.7 %}
 ### About the team-level security overview
 At the team-level, the security overview displays repository-specific security information for repositories that the team has admin privileges for. For more information, see "[Managing team access to an organization repository](/organizations/managing-access-to-your-organizations-repositories/managing-team-access-to-an-organization-repository)."
 {% endif %}
+{% endif %}

translations/es-ES/content/codespaces/codespaces-reference/allowing-your-codespace-to-access-a-private-image-registry.md

@@ -30,7 +30,7 @@ If you publish a container image to {% data variables.packages.prodname_ghcr_or_
 
 By default, when you publish a container image to {% data variables.packages.prodname_ghcr_or_npm_registry %}, the image inherits the access setting of the repository from which the image was published. For example, if the repository is public, the image is also public. If the repository is private, the image is also private, but is accessible from the repository.
 
-This behavior is controlled by the **Inherit access from repo** option. **Inherit access from repo** is selected by default when publishing via {% data variables.product.prodname_actions %}, but not when publishing directly to {% data variables.packages.prodname_ghcr_or_npm_registry %} using a % data variables.product.pat_generic %}.
+This behavior is controlled by the **Inherit access from repo** option. **Inherit access from repo** is selected by default when publishing via {% data variables.product.prodname_actions %}, but not when publishing directly to {% data variables.packages.prodname_ghcr_or_npm_registry %} using a {% data variables.product.pat_generic %}.
 
 If the **Inherit access from repo** option was not selected when the image was published, you can manually add the repository to the published container image's access controls. For more information, see "[Configuring a package's access control and visibility](/packages/learn-github-packages/configuring-a-packages-access-control-and-visibility#inheriting-access-for-a-container-image-from-a-repository)."
 

translations/es-ES/content/codespaces/guides.md

@@ -15,6 +15,8 @@ includeGuides:
   - /codespaces/setting-up-your-project-for-codespaces/setting-up-your-python-project-for-codespaces
   - /codespaces/setting-up-your-project-for-codespaces/setting-up-your-dotnet-project-for-codespaces
   - /codespaces/setting-up-your-project-for-codespaces/setting-up-your-java-project-for-codespaces
+  - /codespaces/setting-up-your-project-for-codespaces/setting-a-minimum-specification-for-codespace-machines
+  - /codespaces/setting-up-your-project-for-codespaces/automatically-opening-files-in-the-codespaces-for-a-repository
   - /codespaces/setting-up-your-project-for-codespaces/adding-a-codespaces-badge
   - /codespaces/setting-up-your-codespace/configuring-codespaces-for-your-project
   - /codespaces/setting-up-your-codespace/personalizing-codespaces-for-your-account

translations/es-ES/content/codespaces/setting-up-your-project-for-codespaces/index.md

@@ -17,6 +17,7 @@ children:
   - /setting-up-your-java-project-for-codespaces
   - /setting-up-your-python-project-for-codespaces
   - /setting-a-minimum-specification-for-codespace-machines
+  - /automatically-opening-files-in-the-codespaces-for-a-repository
   - /adding-a-codespaces-badge
 ms.openlocfilehash: 1e172243dc351f0a173c8624b66914e1c3795495
 ms.sourcegitcommit: 478f2931167988096ae6478a257f492ecaa11794

translations/es-ES/content/codespaces/setting-up-your-project-for-codespaces/setting-a-minimum-specification-for-codespace-machines.md

@@ -1,7 +1,7 @@
 ---
-title: Configurar una especificación mínima para las máquinas de los codespaces
+title: Setting a minimum specification for codespace machines
 shortTitle: Set a minimum machine spec
-intro: 'Puedes evitar que los tipos de máquina con recursos insuficientes se usen en los {% data variables.product.prodname_github_codespaces %} de tu repositorio.'
+intro: 'You can avoid under-resourced machine types being used for {% data variables.product.prodname_github_codespaces %} for your repository.'
 permissions: People with write permissions to a repository can create or edit the codespace configuration.
 versions:
   fpt: '*'
@@ -11,29 +11,24 @@ topics:
   - Codespaces
   - Set up
 product: '{% data reusables.gated-features.codespaces %}'
-ms.openlocfilehash: 368b7c73d13bb0624c9d838ac2d7bb18a2b050e3
-ms.sourcegitcommit: fb047f9450b41b24afc43d9512a5db2a2b750a2a
-ms.translationtype: HT
-ms.contentlocale: es-ES
-ms.lasthandoff: 09/10/2022
-ms.locfileid: '147880810'
 ---
-## Información general
 
-Cada codespace que crees se hospeda en una máquina virtual independiente, y normalmente puedes elegir entre diferentes tipos de máquinas virtuales. Cada tipo de máquina tiene recursos diferentes (CPU, memoria, almacenamiento) y, de forma predeterminada, se usa el tipo de máquina con los recursos mínimos. Para obtener más información, consulte "[Cambio del tipo de máquina para el codespace](/codespaces/customizing-your-codespace/changing-the-machine-type-for-your-codespace#about-machine-types)".
+## Overview
 
-Si tu proyecto necesita cierto nivel de potencia de cómputo, puedes configurar {% data variables.product.prodname_github_codespaces %} para que solo los tipos de máquina que cumplan con estos requisitos se puedan usar de forma predeterminada o los puedan seleccionar los usuarios. Esta configuración se realiza en un archivo `devcontainer.json`.
+Each codespace that you create is hosted on a separate virtual machine, and you can usually choose from different types of virtual machines. Each machine type has different resources (processor cores, memory, storage) and, by default, the machine type with the least resources is used. For more information, see "[Changing the machine type for your codespace](/codespaces/customizing-your-codespace/changing-the-machine-type-for-your-codespace#about-machine-types)."
+
+If your project needs a certain level of compute power, you can configure {% data variables.product.prodname_github_codespaces %} so that only machine types that meet these requirements can be used by default, or selected by users. You configure this in a `devcontainer.json` file.
 
 {% note %}
 
-**Importante:** El acceso a algunos tipos de máquina puede estar restringido en el nivel de organización. Habitualmente, esto se hace para prevenir que las personas elijan máquinas con recursos superiores, las cuales se cobran en tazas más altas. Si tu repositorio se ve afectado por la política de tipos de máquina a nivel organizacional, debes asegurarte de que no configures una especificación mínima que impida que las personas seleccionen los tipos de máquina disponibles que necesitan. Para obtener más información, consulte "[Restringir el acceso a los tipos de máquina](/codespaces/managing-codespaces-for-your-organization/restricting-access-to-machine-types)".
+**Important:** Access to some machine types may be restricted at the organization level. Typically this is done to prevent people choosing higher resourced machines that are billed at a higher rate. If your repository is affected by an organization-level policy for machine types you should make sure you don't set a minimum specification that would leave no available machine types for people to choose. For more information, see "[Restricting access to machine types](/codespaces/managing-codespaces-for-your-organization/restricting-access-to-machine-types)."
 
 {% endnote %}
 
-## Configurar una especificación de máquina mínima
+## Setting a minimum machine specification
 
-1. Los {% data variables.product.prodname_github_codespaces %} del repositorio se configuran en un archivo `devcontainer.json`. Si el repositorio aún no contiene un archivo `devcontainer.json`, agregue uno ahora. Consulta "[Adición de una configuración de contenedor de desarrollo al repositorio](/free-pro-team@latest/codespaces/setting-up-your-project-for-codespaces/setting-up-your-project-for-codespaces)".
-1. Edite el archivo `devcontainer.json` y agregue una propiedad `hostRequirements` como esta:
+{% data reusables.codespaces.edit-devcontainer-json %}
+1. Edit the `devcontainer.json` file, adding the `hostRequirements` property at the top level of the file, within the enclosing JSON object. For example:
 
    ```json{:copy}
    "hostRequirements": {
@@ -43,16 +38,16 @@ Si tu proyecto necesita cierto nivel de potencia de cómputo, puedes configurar
    }
    ```
 
-   Puede especificar una de las opciones o todas: `cpus`, `memory` y `storage`.
+   You can specify any or all of the options: `cpus`, `memory`, and `storage`.
    
-   Para verificar las especificaciones de los tipos de máquina de {% data variables.product.prodname_github_codespaces %} que actualmente están disponibles para tu repositorio, realiza el proceso de crear un codespace hasta que veas la elección de tipos de máquina. Para obtener más información, consulte "[Crear un codespace](/codespaces/developing-in-codespaces/creating-a-codespace#creating-a-codespace)".
+   To check the specifications of the {% data variables.product.prodname_github_codespaces %} machine types that are currently available for your repository, step through the process of creating a codespace until you see the choice of machine types. For more information, see "[Creating a codespace](/codespaces/developing-in-codespaces/creating-a-codespace#creating-a-codespace)."
    
-1. Guarda el archivo y confirma tus cambios a la rama requerida del repositorio.
+1. Save the file and commit your changes to the required branch of the repository.
 
-   Ahora, cuando crees un codespace para esta rama del repositorio y vayas a las opciones de configuración de creación, solo podrás seleccionar tipos de máquina que coincidan con los recursos que especificaste o los excedan.
+   Now when you create a codespace for that branch of the repository, and you go to the creation configuration options, you will only be able to select machine types that match or exceed the resources you've specified.
 
-   ![Caja de diálogo que muestra una selección limitada de tipos de máquina](/assets/images/help/codespaces/machine-types-limited-choice.png)
+   ![Dialog box showing a limited choice of machine types](/assets/images/help/codespaces/machine-types-limited-choice.png)
 
-## Información adicional
+## Further reading
 
-- "[Introducción a los contenedores de desarrollo](/codespaces/setting-up-your-project-for-codespaces/introduction-to-dev-containers)"
+- "[Introduction to dev containers](/codespaces/setting-up-your-project-for-codespaces/introduction-to-dev-containers)"

translations/es-ES/content/packages/working-with-a-github-packages-registry/working-with-the-npm-registry.md

@@ -142,14 +142,14 @@ You can use `publishConfig` element in the *package.json* file to specify the re
   {% endif %}
   ```shell
   "publishConfig": {
-    "registry":"https://{% ifversion fpt or ghec %}npm.pkg.github.com{% else %}npm.HOSTNAME/{% endif %}"
+    "registry": "https://{% ifversion fpt or ghec %}npm.pkg.github.com{% else %}npm.HOSTNAME/{% endif %}"
   },
   ```
   {% ifversion ghes %}
   If your instance has subdomain isolation disabled:
    ```shell
    "publishConfig": {
-     "registry":"https://HOSTNAME/_registry/npm/"
+     "registry": "https://HOSTNAME/_registry/npm/"
    },
   ```
   {% endif %}

translations/es-ES/content/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/about-protected-branches.md

@@ -187,7 +187,7 @@ When you enable branch restrictions, only users, teams, or apps that have been g
 Optionally, you can apply the same restrictions to the creation of branches that match the rule. For example, if you create a rule that only allows a certain team to push to any branches that contain the word `release`, only members of that team would be able to create a new branch that contains the word `release`.
 {% endif %}
 
-You can only give push access to a protected branch, or give permission to create a matching branch, to users, teams, or installed {% data variables.product.prodname_github_apps %} with write access to a repository. People and apps with admin permissions to a repository are always able to push to a protected branch or create a matching branch.
+You can only give push access to a protected branch, or give permission to create a matching branch, to users, teams, or installed {% data variables.product.prodname_github_apps %} with write access to a repository. People and apps with admin permissions to a repository are always able to push to a protected branch{% ifversion restrict-pushes-create-branch %} or create a matching branch{% endif %}.
 
 ### Allow force pushes
 

translations/es-ES/content/repositories/creating-and-managing-repositories/transferring-a-repository.md

@@ -51,6 +51,12 @@ When you transfer a repository, its issues, pull requests, wiki, stars, and watc
   $ git remote set-url origin NEW_URL
   ```
 
+  {% warning %}
+
+  **Warning**: If you create a new repository under your account in the future, do not reuse the original name of the transferred repository. If you do, redirects to the transferred repository will no longer work.
+
+  {% endwarning %}
+
 - When you transfer a repository from an organization to a personal account, the repository's read-only collaborators will not be transferred. This is because collaborators can't have read-only access to repositories owned by a personal account. For more information about repository permission levels, see "[Permission levels for a personal account repository](/github/setting-up-and-managing-your-github-user-account/permission-levels-for-a-user-account-repository)" and "[Repository roles for an organization](/organizations/managing-access-to-your-organizations-repositories/repository-roles-for-an-organization)."{% ifversion fpt or ghec %}
 - Sponsors who have access to the repository through a sponsorship tier may be affected. For more information, see "[Adding a repository to a sponsorship tier](/sponsors/receiving-sponsorships-through-github-sponsors/managing-your-sponsorship-tiers#adding-a-repository-to-a-sponsorship-tier)".{% endif %}
 

translations/es-ES/data/learning-tracks/code-security.yml

@@ -4,15 +4,18 @@ security_advisories:
   description: 'Using repository security advisories to privately fix a reported vulnerability and get a CVE.'
   featured_track: '{% ifversion fpt or ghec %}true{% else %}false{% endif %}'
   guides:
-    - /code-security/repository-security-advisories/about-coordinated-disclosure-of-security-vulnerabilities
-    - /code-security/repository-security-advisories/creating-a-repository-security-advisory
-    - /code-security/repository-security-advisories/adding-a-collaborator-to-a-repository-security-advisory
-    - /code-security/repository-security-advisories/collaborating-in-a-temporary-private-fork-to-resolve-a-repository-security-vulnerability
-    - /code-security/repository-security-advisories/publishing-a-repository-security-advisory
-    - /code-security/repository-security-advisories/editing-a-repository-security-advisory
-    - /code-security/repository-security-advisories/withdrawing-a-repository-security-advisory
-    - /code-security/repository-security-advisories/removing-a-collaborator-from-a-repository-security-advisory
-    - /code-security/repository-security-advisories/best-practices-for-writing-repository-security-advisories
+    - /code-security/security-advisories/repository-security-advisories/about-coordinated-disclosure-of-security-vulnerabilities
+    - /code-security/security-advisories/global-security-advisories/about-the-github-advisory-database
+    - /code-security/security-advisories/global-security-advisories/about-global-security-advisories
+    - /code-security/security-advisories/repository-security-advisories/about-repository-security-advisories
+    - /code-security/security-advisories/repository-security-advisories/creating-a-repository-security-advisory
+    - /code-security/security-advisories/repository-security-advisories/adding-a-collaborator-to-a-repository-security-advisory
+    - /code-security/security-advisories/repository-security-advisories/collaborating-in-a-temporary-private-fork-to-resolve-a-repository-security-vulnerability
+    - /code-security/security-advisories/repository-security-advisories/publishing-a-repository-security-advisory
+    - /code-security/security-advisories/repository-security-advisories/editing-a-repository-security-advisory
+    - /code-security/security-advisories/repository-security-advisories/withdrawing-a-repository-security-advisory
+    - /code-security/security-advisories/repository-security-advisories/removing-a-collaborator-from-a-repository-security-advisory
+    - /code-security/security-advisories/guidance-on-reporting-and-writing/best-practices-for-writing-repository-security-advisories
 
 # Feature available on dotcom and GHES 3.3+, so articles available on GHAE and earlier GHES hidden to hide the learning track
 dependabot_alerts: