diff --git a/translations/log/msft-cn-resets.csv b/translations/log/msft-cn-resets.csv index 9f14fdc9bb..c60abccc8f 100644 --- a/translations/log/msft-cn-resets.csv +++ b/translations/log/msft-cn-resets.csv @@ -174,10 +174,7 @@ translations/zh-CN/content/site-policy/github-terms/github-community-forum-code- translations/zh-CN/content/sponsors/receiving-sponsorships-through-github-sponsors/setting-up-github-sponsors-for-your-user-account.md,file deleted because it no longer exists in main translations/zh-CN/data/glossaries/internal.yml,file deleted because it no longer exists in main translations/zh-CN/data/graphql/ghes-3.1/graphql_previews.enterprise.yml,file deleted because it no longer exists in main -translations/zh-CN/data/reusables/actions/self-hosted-runner-configure-runner-group-access.md,file deleted because it no longer exists in main translations/zh-CN/data/reusables/actions/self-hosted-runner-configure-runner-group.md,file deleted because it no longer exists in main -translations/zh-CN/data/reusables/actions/self-hosted-runner-create-group.md,file deleted because it no longer exists in main -translations/zh-CN/data/reusables/actions/self-hosted-runner-groups-add-to-enterprise-first-steps.md,file deleted because it no longer exists in main translations/zh-CN/data/reusables/actions/self-hosted-runner-groups-navigate-to-repo-org-enterprise.md,file deleted because it no longer exists in main translations/zh-CN/data/reusables/codespaces/about-billing-for-codespaces.md,file deleted because it no longer exists in main translations/zh-CN/data/reusables/codespaces/availability.md,file deleted because it no longer exists in main @@ -194,7 +191,6 @@ translations/zh-CN/data/reusables/education/upgrade-organization.md,file deleted translations/zh-CN/data/reusables/education/upgrade-page.md,file deleted because it no longer exists in main translations/zh-CN/data/reusables/enterprise-accounts/repository-visibility-policy.md,file deleted because it no longer exists in main translations/zh-CN/data/reusables/enterprise-licensing/you-can-sync-for-a-combined-view.md,file deleted because it no longer exists in main -translations/zh-CN/data/reusables/enterprise_installation/upgrade-hardware-requirements.md,file deleted because it no longer exists in main translations/zh-CN/data/reusables/enterprise_management_console/username_normalization_sample.md,file deleted because it no longer exists in main translations/zh-CN/data/reusables/gated-features/advanced-security.md,file deleted because it no longer exists in main translations/zh-CN/data/reusables/gated-features/discussions.md,file deleted because it no longer exists in main @@ -202,8 +198,6 @@ translations/zh-CN/data/reusables/gated-features/security-center.md,file deleted translations/zh-CN/data/reusables/getting-started/learning-lab-enterprise.md,file deleted because it no longer exists in main translations/zh-CN/data/reusables/getting-started/learning-lab.md,file deleted because it no longer exists in main translations/zh-CN/data/reusables/open-source/open-source-learning-lab.md,file deleted because it no longer exists in main -translations/zh-CN/data/reusables/organizations/organizations_include.md,file deleted because it no longer exists in main -translations/zh-CN/data/reusables/package_registry/authenticate_with_pat_for_container_registry.md,file deleted because it no longer exists in main translations/zh-CN/data/reusables/pages/pages-builds-with-github-actions-public-beta.md,file deleted because it no longer exists in main translations/zh-CN/data/reusables/repositories/squash-and-rebase-linear-commit-hisitory.md,file deleted because it no longer exists in main translations/zh-CN/data/reusables/rest-reference/apps/oauth-applications.md,file deleted because it no longer exists in main @@ -232,71 +226,90 @@ translations/zh-CN/data/reusables/rest-reference/users/followers.md,file deleted translations/zh-CN/data/reusables/rest-reference/users/keys.md,file deleted because it no longer exists in main translations/zh-CN/data/reusables/rest-reference/webhooks/repos.md,file deleted because it no longer exists in main translations/zh-CN/data/reusables/security-center/beta.md,file deleted because it no longer exists in main -translations/zh-CN/data/reusables/security-center/permissions.md,file deleted because it no longer exists in main translations/zh-CN/data/reusables/server-statistics/release-phase.md,file deleted because it no longer exists in main +translations/zh-CN/content/account-and-profile/managing-subscriptions-and-notifications-on-github/managing-subscriptions-for-activity-on-github/managing-your-subscriptions.md,broken liquid tags translations/zh-CN/content/account-and-profile/managing-subscriptions-and-notifications-on-github/setting-up-notifications/configuring-notifications.md,rendering error -translations/zh-CN/content/account-and-profile/setting-up-and-managing-your-github-profile/customizing-your-profile/about-your-organizations-profile.md,broken liquid tags +translations/zh-CN/content/account-and-profile/setting-up-and-managing-your-github-profile/customizing-your-profile/about-your-organizations-profile.md,rendering error translations/zh-CN/content/account-and-profile/setting-up-and-managing-your-github-profile/managing-contribution-settings-on-your-profile/showing-your-private-contributions-and-achievements-on-your-profile.md,rendering error translations/zh-CN/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/index.md,broken liquid tags +translations/zh-CN/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/inviting-collaborators-to-a-personal-repository.md,broken liquid tags +translations/zh-CN/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/removing-a-collaborator-from-a-personal-repository.md,broken liquid tags +translations/zh-CN/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/removing-yourself-from-a-collaborators-repository.md,broken liquid tags translations/zh-CN/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-personal-account-settings/changing-your-github-username.md,rendering error -translations/zh-CN/content/actions/deployment/about-deployments/about-continuous-deployment.md,broken liquid tags -translations/zh-CN/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-amazon-elastic-container-service.md,broken liquid tags -translations/zh-CN/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-docker-to-azure-app-service.md,broken liquid tags -translations/zh-CN/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-java-to-azure-app-service.md,broken liquid tags -translations/zh-CN/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-net-to-azure-app-service.md,broken liquid tags -translations/zh-CN/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-nodejs-to-azure-app-service.md,broken liquid tags -translations/zh-CN/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-php-to-azure-app-service.md,broken liquid tags -translations/zh-CN/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-python-to-azure-app-service.md,broken liquid tags -translations/zh-CN/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-to-azure-kubernetes-service.md,broken liquid tags -translations/zh-CN/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-to-azure-static-web-app.md,broken liquid tags -translations/zh-CN/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-google-kubernetes-engine.md,broken liquid tags +translations/zh-CN/content/actions/creating-actions/creating-a-javascript-action.md,broken liquid tags +translations/zh-CN/content/actions/creating-actions/metadata-syntax-for-github-actions.md,broken liquid tags +translations/zh-CN/content/actions/deployment/about-deployments/about-continuous-deployment.md,rendering error +translations/zh-CN/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-amazon-elastic-container-service.md,rendering error +translations/zh-CN/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-docker-to-azure-app-service.md,rendering error +translations/zh-CN/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-java-to-azure-app-service.md,rendering error +translations/zh-CN/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-net-to-azure-app-service.md,rendering error +translations/zh-CN/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-nodejs-to-azure-app-service.md,rendering error +translations/zh-CN/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-php-to-azure-app-service.md,rendering error +translations/zh-CN/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-python-to-azure-app-service.md,rendering error +translations/zh-CN/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-to-azure-kubernetes-service.md,rendering error +translations/zh-CN/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-to-azure-static-web-app.md,rendering error +translations/zh-CN/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-google-kubernetes-engine.md,rendering error translations/zh-CN/content/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect.md,broken liquid tags translations/zh-CN/content/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-hashicorp-vault.md,broken liquid tags -translations/zh-CN/content/actions/hosting-your-own-runners/about-self-hosted-runners.md,broken liquid tags -translations/zh-CN/content/actions/hosting-your-own-runners/adding-self-hosted-runners.md,broken liquid tags -translations/zh-CN/content/actions/hosting-your-own-runners/autoscaling-with-self-hosted-runners.md,broken liquid tags +translations/zh-CN/content/actions/hosting-your-own-runners/about-self-hosted-runners.md,rendering error +translations/zh-CN/content/actions/hosting-your-own-runners/adding-self-hosted-runners.md,rendering error +translations/zh-CN/content/actions/hosting-your-own-runners/autoscaling-with-self-hosted-runners.md,rendering error translations/zh-CN/content/actions/hosting-your-own-runners/configuring-the-self-hosted-runner-application-as-a-service.md,broken liquid tags -translations/zh-CN/content/actions/hosting-your-own-runners/managing-access-to-self-hosted-runners-using-groups.md,broken liquid tags -translations/zh-CN/content/actions/learn-github-actions/contexts.md,broken liquid tags -translations/zh-CN/content/actions/learn-github-actions/understanding-github-actions.md,broken liquid tags -translations/zh-CN/content/actions/managing-workflow-runs/re-running-workflows-and-jobs.md,broken liquid tags -translations/zh-CN/content/actions/publishing-packages/publishing-docker-images.md,broken liquid tags +translations/zh-CN/content/actions/hosting-your-own-runners/managing-access-to-self-hosted-runners-using-groups.md,rendering error +translations/zh-CN/content/actions/hosting-your-own-runners/removing-self-hosted-runners.md,broken liquid tags +translations/zh-CN/content/actions/hosting-your-own-runners/using-labels-with-self-hosted-runners.md,broken liquid tags +translations/zh-CN/content/actions/learn-github-actions/contexts.md,rendering error +translations/zh-CN/content/actions/learn-github-actions/environment-variables.md,broken liquid tags +translations/zh-CN/content/actions/learn-github-actions/expressions.md,broken liquid tags +translations/zh-CN/content/actions/learn-github-actions/finding-and-customizing-actions.md,broken liquid tags +translations/zh-CN/content/actions/learn-github-actions/understanding-github-actions.md,rendering error +translations/zh-CN/content/actions/managing-workflow-runs/re-running-workflows-and-jobs.md,rendering error +translations/zh-CN/content/actions/publishing-packages/publishing-docker-images.md,rendering error translations/zh-CN/content/actions/publishing-packages/publishing-nodejs-packages.md,broken liquid tags translations/zh-CN/content/actions/quickstart.md,rendering error -translations/zh-CN/content/actions/security-guides/automatic-token-authentication.md,broken liquid tags -translations/zh-CN/content/actions/security-guides/encrypted-secrets.md,broken liquid tags -translations/zh-CN/content/actions/security-guides/security-hardening-for-github-actions.md,broken liquid tags -translations/zh-CN/content/actions/using-github-hosted-runners/about-github-hosted-runners.md,broken liquid tags -translations/zh-CN/content/actions/using-github-hosted-runners/using-larger-runners.md,broken liquid tags +translations/zh-CN/content/actions/security-guides/automatic-token-authentication.md,rendering error +translations/zh-CN/content/actions/security-guides/encrypted-secrets.md,rendering error +translations/zh-CN/content/actions/security-guides/security-hardening-for-github-actions.md,rendering error +translations/zh-CN/content/actions/using-github-hosted-runners/about-github-hosted-runners.md,rendering error +translations/zh-CN/content/actions/using-github-hosted-runners/using-larger-runners.md,rendering error translations/zh-CN/content/actions/using-workflows/about-workflows.md,rendering error +translations/zh-CN/content/actions/using-workflows/creating-starter-workflows-for-your-organization.md,broken liquid tags +translations/zh-CN/content/actions/using-workflows/events-that-trigger-workflows.md,broken liquid tags translations/zh-CN/content/actions/using-workflows/reusing-workflows.md,rendering error -translations/zh-CN/content/actions/using-workflows/workflow-commands-for-github-actions.md,broken liquid tags +translations/zh-CN/content/actions/using-workflows/sharing-workflows-secrets-and-runners-with-your-organization.md,broken liquid tags +translations/zh-CN/content/actions/using-workflows/triggering-a-workflow.md,broken liquid tags +translations/zh-CN/content/actions/using-workflows/workflow-commands-for-github-actions.md,rendering error +translations/zh-CN/content/actions/using-workflows/workflow-syntax-for-github-actions.md,broken liquid tags translations/zh-CN/content/admin/configuration/configuring-github-connect/about-github-connect.md,broken liquid tags translations/zh-CN/content/admin/configuration/configuring-github-connect/enabling-unified-search-for-your-enterprise.md,rendering error translations/zh-CN/content/admin/configuration/configuring-your-enterprise/configuring-email-for-notifications.md,broken liquid tags +translations/zh-CN/content/admin/configuration/configuring-your-enterprise/configuring-rate-limits.md,broken liquid tags translations/zh-CN/content/admin/configuration/configuring-your-enterprise/restricting-network-traffic-to-your-enterprise.md,broken liquid tags translations/zh-CN/content/admin/configuration/configuring-your-enterprise/site-admin-dashboard.md,broken liquid tags translations/zh-CN/content/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/about-github-actions-for-enterprises.md,rendering error translations/zh-CN/content/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/getting-started-with-self-hosted-runners-for-your-enterprise.md,rendering error +translations/zh-CN/content/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/introducing-github-actions-to-your-enterprise.md,broken liquid tags translations/zh-CN/content/admin/identity-and-access-management/managing-iam-for-your-enterprise/about-authentication-for-your-enterprise.md,broken liquid tags translations/zh-CN/content/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/about-enterprise-managed-users.md,broken liquid tags translations/zh-CN/content/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/about-support-for-your-idps-conditional-access-policy.md,broken liquid tags translations/zh-CN/content/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/migrating-from-saml-to-oidc.md,broken liquid tags translations/zh-CN/content/admin/identity-and-access-management/using-saml-for-enterprise-iam/about-saml-for-enterprise-iam.md,rendering error translations/zh-CN/content/admin/identity-and-access-management/using-saml-for-enterprise-iam/saml-configuration-reference.md,broken liquid tags -translations/zh-CN/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/about-the-audit-log-for-your-enterprise.md,broken liquid tags -translations/zh-CN/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/audit-log-events-for-your-enterprise.md,broken liquid tags +translations/zh-CN/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/about-the-audit-log-for-your-enterprise.md,rendering error +translations/zh-CN/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/audit-log-events-for-your-enterprise.md,rendering error translations/zh-CN/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/streaming-the-audit-log-for-your-enterprise.md,broken liquid tags -translations/zh-CN/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/using-the-audit-log-api-for-your-enterprise.md,broken liquid tags +translations/zh-CN/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/using-the-audit-log-api-for-your-enterprise.md,rendering error translations/zh-CN/content/admin/overview/about-enterprise-accounts.md,rendering error translations/zh-CN/content/admin/overview/about-github-for-enterprises.md,rendering error translations/zh-CN/content/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise.md,broken liquid tags translations/zh-CN/content/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise.md,broken liquid tags translations/zh-CN/content/authentication/connecting-to-github-with-ssh/about-ssh.md,broken liquid tags -translations/zh-CN/content/authentication/connecting-to-github-with-ssh/adding-a-new-ssh-key-to-your-github-account.md,broken liquid tags -translations/zh-CN/content/authentication/connecting-to-github-with-ssh/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent.md,broken liquid tags -translations/zh-CN/content/authentication/managing-commit-signature-verification/about-commit-signature-verification.md,broken liquid tags -translations/zh-CN/content/authentication/managing-commit-signature-verification/displaying-verification-statuses-for-all-of-your-commits.md,broken liquid tags +translations/zh-CN/content/authentication/connecting-to-github-with-ssh/adding-a-new-ssh-key-to-your-github-account.md,rendering error +translations/zh-CN/content/authentication/connecting-to-github-with-ssh/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent.md,rendering error +translations/zh-CN/content/authentication/keeping-your-account-and-data-secure/reviewing-your-deploy-keys.md,broken liquid tags +translations/zh-CN/content/authentication/keeping-your-account-and-data-secure/reviewing-your-security-log.md,broken liquid tags +translations/zh-CN/content/authentication/managing-commit-signature-verification/about-commit-signature-verification.md,rendering error +translations/zh-CN/content/authentication/managing-commit-signature-verification/displaying-verification-statuses-for-all-of-your-commits.md,rendering error translations/zh-CN/content/authentication/managing-commit-signature-verification/index.md,broken liquid tags translations/zh-CN/content/authentication/managing-commit-signature-verification/signing-commits.md,broken liquid tags translations/zh-CN/content/authentication/managing-commit-signature-verification/signing-tags.md,broken liquid tags @@ -304,7 +317,7 @@ translations/zh-CN/content/authentication/managing-commit-signature-verification translations/zh-CN/content/authentication/troubleshooting-commit-signature-verification/checking-your-commit-and-tag-signature-verification-status.md,broken liquid tags translations/zh-CN/content/billing/managing-billing-for-github-actions/about-billing-for-github-actions.md,broken liquid tags translations/zh-CN/content/billing/managing-billing-for-github-advanced-security/about-billing-for-github-advanced-security.md,broken liquid tags -translations/zh-CN/content/billing/managing-billing-for-github-advanced-security/viewing-your-github-advanced-security-usage.md,broken liquid tags +translations/zh-CN/content/billing/managing-billing-for-github-advanced-security/viewing-your-github-advanced-security-usage.md,rendering error translations/zh-CN/content/billing/managing-billing-for-github-codespaces/about-billing-for-github-codespaces.md,broken liquid tags translations/zh-CN/content/billing/managing-billing-for-github-codespaces/index.md,broken liquid tags translations/zh-CN/content/billing/managing-billing-for-github-codespaces/managing-spending-limits-for-github-codespaces.md,broken liquid tags @@ -314,25 +327,40 @@ translations/zh-CN/content/billing/managing-billing-for-github-copilot/managing- translations/zh-CN/content/billing/managing-billing-for-your-github-account/about-per-user-pricing.md,rendering error translations/zh-CN/content/billing/managing-billing-for-your-github-account/connecting-an-azure-subscription-to-your-enterprise.md,broken liquid tags translations/zh-CN/content/billing/managing-billing-for-your-github-account/viewing-the-subscription-and-usage-for-your-enterprise-account.md,rendering error -translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-with-codeql.md,broken liquid tags -translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning.md,broken liquid tags +translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-alerts.md,broken liquid tags +translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-with-codeql.md,rendering error +translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning.md,rendering error +translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/managing-code-scanning-alerts-for-your-repository.md,broken liquid tags translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/running-codeql-code-scanning-in-a-container.md,broken liquid tags -translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/setting-up-code-scanning-for-a-repository.md,broken liquid tags +translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/setting-up-code-scanning-for-a-repository.md,rendering error +translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/tracking-code-scanning-alerts-in-issues-using-task-lists.md,broken liquid tags +translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/triaging-code-scanning-alerts-in-pull-requests.md,broken liquid tags +translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/troubleshooting-the-codeql-workflow.md,broken liquid tags +translations/zh-CN/content/code-security/code-scanning/integrating-with-code-scanning/about-integration-with-code-scanning.md,broken liquid tags translations/zh-CN/content/code-security/code-scanning/integrating-with-code-scanning/sarif-support-for-code-scanning.md,broken liquid tags -translations/zh-CN/content/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/configuring-codeql-cli-in-your-ci-system.md,broken liquid tags -translations/zh-CN/content/code-security/dependabot/dependabot-alerts/browsing-security-advisories-in-the-github-advisory-database.md,broken liquid tags +translations/zh-CN/content/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/about-codeql-code-scanning-in-your-ci-system.md,broken liquid tags +translations/zh-CN/content/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/configuring-codeql-cli-in-your-ci-system.md,rendering error +translations/zh-CN/content/code-security/dependabot/dependabot-alerts/browsing-security-advisories-in-the-github-advisory-database.md,rendering error translations/zh-CN/content/code-security/dependabot/dependabot-alerts/editing-security-advisories-in-the-github-advisory-database.md,broken liquid tags -translations/zh-CN/content/code-security/dependabot/dependabot-alerts/viewing-and-updating-dependabot-alerts.md,broken liquid tags -translations/zh-CN/content/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates.md,broken liquid tags -translations/zh-CN/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md,broken liquid tags -translations/zh-CN/content/code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates.md,broken liquid tags -translations/zh-CN/content/code-security/secret-scanning/about-secret-scanning.md,broken liquid tags -translations/zh-CN/content/code-security/secret-scanning/managing-alerts-from-secret-scanning.md,broken liquid tags -translations/zh-CN/content/code-security/secret-scanning/protecting-pushes-with-secret-scanning.md,broken liquid tags -translations/zh-CN/content/code-security/secret-scanning/pushing-a-branch-blocked-by-push-protection.md,broken liquid tags +translations/zh-CN/content/code-security/dependabot/dependabot-alerts/viewing-and-updating-dependabot-alerts.md,rendering error +translations/zh-CN/content/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates.md,broken liquid tags +translations/zh-CN/content/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates.md,rendering error +translations/zh-CN/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md,rendering error +translations/zh-CN/content/code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates.md,rendering error +translations/zh-CN/content/code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions.md,rendering error +translations/zh-CN/content/code-security/getting-started/github-security-features.md,broken liquid tags +translations/zh-CN/content/code-security/getting-started/securing-your-repository.md,broken liquid tags +translations/zh-CN/content/code-security/secret-scanning/about-secret-scanning.md,rendering error +translations/zh-CN/content/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning.md,broken liquid tags +translations/zh-CN/content/code-security/secret-scanning/managing-alerts-from-secret-scanning.md,rendering error +translations/zh-CN/content/code-security/secret-scanning/protecting-pushes-with-secret-scanning.md,rendering error +translations/zh-CN/content/code-security/secret-scanning/pushing-a-branch-blocked-by-push-protection.md,rendering error +translations/zh-CN/content/code-security/security-overview/about-the-security-overview.md,broken liquid tags +translations/zh-CN/content/code-security/security-overview/viewing-the-security-overview.md,rendering error translations/zh-CN/content/code-security/supply-chain-security/end-to-end-supply-chain/securing-accounts.md,rendering error -translations/zh-CN/content/code-security/supply-chain-security/end-to-end-supply-chain/securing-code.md,broken liquid tags -translations/zh-CN/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md,broken liquid tags +translations/zh-CN/content/code-security/supply-chain-security/end-to-end-supply-chain/securing-code.md,rendering error +translations/zh-CN/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review.md,broken liquid tags +translations/zh-CN/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md,rendering error translations/zh-CN/content/codespaces/codespaces-reference/allowing-your-codespace-to-access-a-private-image-registry.md,broken liquid tags translations/zh-CN/content/codespaces/codespaces-reference/disaster-recovery-for-github-codespaces.md,broken liquid tags translations/zh-CN/content/codespaces/codespaces-reference/security-in-github-codespaces.md,broken liquid tags @@ -385,48 +413,90 @@ translations/zh-CN/content/codespaces/troubleshooting/troubleshooting-dotfiles-f translations/zh-CN/content/codespaces/troubleshooting/troubleshooting-prebuilds.md,broken liquid tags translations/zh-CN/content/codespaces/troubleshooting/troubleshooting-your-connection-to-github-codespaces.md,broken liquid tags translations/zh-CN/content/codespaces/troubleshooting/working-with-support-for-github-codespaces.md,broken liquid tags -translations/zh-CN/content/developers/apps/building-github-apps/authenticating-with-github-apps.md,broken liquid tags +translations/zh-CN/content/communities/documenting-your-project-with-wikis/editing-wiki-content.md,broken liquid tags +translations/zh-CN/content/developers/apps/building-github-apps/authenticating-with-github-apps.md,rendering error translations/zh-CN/content/developers/apps/building-github-apps/identifying-and-authorizing-users-for-github-apps.md,rendering error -translations/zh-CN/content/developers/apps/building-github-apps/managing-allowed-ip-addresses-for-a-github-app.md,broken liquid tags +translations/zh-CN/content/developers/apps/building-github-apps/managing-allowed-ip-addresses-for-a-github-app.md,rendering error +translations/zh-CN/content/developers/overview/about-githubs-apis.md,broken liquid tags +translations/zh-CN/content/developers/webhooks-and-events/webhooks/webhook-events-and-payloads.md,broken liquid tags translations/zh-CN/content/education/manage-coursework-with-github-classroom/integrate-github-classroom-with-an-ide/integrate-github-classroom-with-an-ide.md,broken liquid tags translations/zh-CN/content/education/manage-coursework-with-github-classroom/integrate-github-classroom-with-an-ide/using-github-codespaces-with-github-classroom.md,broken liquid tags translations/zh-CN/content/education/manage-coursework-with-github-classroom/teach-with-github-classroom/connect-a-learning-management-system-to-github-classroom.md,broken liquid tags translations/zh-CN/content/get-started/exploring-projects-on-github/following-organizations.md,broken liquid tags -translations/zh-CN/content/get-started/learning-about-github/about-github-advanced-security.md,broken liquid tags +translations/zh-CN/content/get-started/learning-about-github/about-github-advanced-security.md,rendering error translations/zh-CN/content/get-started/quickstart/be-social.md,broken liquid tags -translations/zh-CN/content/get-started/writing-on-github/getting-started-with-writing-and-formatting-on-github/basic-writing-and-formatting-syntax.md,broken liquid tags +translations/zh-CN/content/get-started/using-github/keyboard-shortcuts.md,broken liquid tags +translations/zh-CN/content/get-started/writing-on-github/getting-started-with-writing-and-formatting-on-github/basic-writing-and-formatting-syntax.md,rendering error translations/zh-CN/content/get-started/writing-on-github/working-with-advanced-formatting/attaching-files.md,broken liquid tags +translations/zh-CN/content/get-started/writing-on-github/working-with-advanced-formatting/writing-mathematical-expressions.md,broken liquid tags +translations/zh-CN/content/graphql/guides/migrating-from-rest-to-graphql.md,broken liquid tags +translations/zh-CN/content/graphql/overview/about-the-graphql-api.md,broken liquid tags +translations/zh-CN/content/issues/planning-and-tracking-with-projects/automating-your-project/using-the-api-to-manage-projects.md,broken liquid tags translations/zh-CN/content/issues/planning-and-tracking-with-projects/managing-your-project/managing-visibility-of-your-projects.md,broken liquid tags -translations/zh-CN/content/issues/tracking-your-work-with-issues/filtering-and-searching-issues-and-pull-requests.md,broken liquid tags -translations/zh-CN/content/issues/tracking-your-work-with-issues/linking-a-pull-request-to-an-issue.md,broken liquid tags -translations/zh-CN/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization.md,broken liquid tags +translations/zh-CN/content/issues/tracking-your-work-with-issues/filtering-and-searching-issues-and-pull-requests.md,rendering error +translations/zh-CN/content/issues/tracking-your-work-with-issues/linking-a-pull-request-to-an-issue.md,rendering error +translations/zh-CN/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization.md,rendering error +translations/zh-CN/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-your-organizations-installed-integrations.md,broken liquid tags +translations/zh-CN/content/organizations/managing-access-to-your-organizations-repositories/adding-outside-collaborators-to-repositories-in-your-organization.md,broken liquid tags +translations/zh-CN/content/organizations/managing-access-to-your-organizations-repositories/managing-an-individuals-access-to-an-organization-repository.md,broken liquid tags +translations/zh-CN/content/organizations/managing-access-to-your-organizations-repositories/managing-team-access-to-an-organization-repository.md,broken liquid tags +translations/zh-CN/content/organizations/managing-access-to-your-organizations-repositories/removing-an-outside-collaborator-from-an-organization-repository.md,broken liquid tags +translations/zh-CN/content/organizations/managing-access-to-your-organizations-repositories/repository-roles-for-an-organization.md,broken liquid tags +translations/zh-CN/content/organizations/managing-access-to-your-organizations-repositories/viewing-people-with-access-to-your-repository.md,broken liquid tags translations/zh-CN/content/organizations/managing-organization-settings/allowing-project-visibility-changes-in-your-organization.md,broken liquid tags -translations/zh-CN/content/packages/learn-github-packages/about-permissions-for-github-packages.md,broken liquid tags -translations/zh-CN/content/packages/learn-github-packages/configuring-a-packages-access-control-and-visibility.md,broken liquid tags -translations/zh-CN/content/packages/learn-github-packages/deleting-and-restoring-a-package.md,broken liquid tags -translations/zh-CN/content/packages/learn-github-packages/introduction-to-github-packages.md,broken liquid tags -translations/zh-CN/content/packages/learn-github-packages/viewing-packages.md,broken liquid tags -translations/zh-CN/content/packages/managing-github-packages-using-github-actions-workflows/publishing-and-installing-a-package-with-github-actions.md,broken liquid tags -translations/zh-CN/content/packages/working-with-a-github-packages-registry/working-with-the-container-registry.md,broken liquid tags -translations/zh-CN/content/packages/working-with-a-github-packages-registry/working-with-the-npm-registry.md,broken liquid tags -translations/zh-CN/content/pages/getting-started-with-github-pages/creating-a-github-pages-site.md,broken liquid tags +translations/zh-CN/content/organizations/managing-organization-settings/disabling-project-boards-in-your-organization.md,broken liquid tags +translations/zh-CN/content/organizations/managing-organization-settings/integrating-jira-with-your-organization-project-board.md,broken liquid tags +translations/zh-CN/content/organizations/managing-peoples-access-to-your-organization-with-roles/managing-security-managers-in-your-organization.md,broken liquid tags +translations/zh-CN/content/organizations/organizing-members-into-teams/managing-code-review-settings-for-your-team.md,broken liquid tags +translations/zh-CN/content/packages/learn-github-packages/about-permissions-for-github-packages.md,rendering error +translations/zh-CN/content/packages/learn-github-packages/configuring-a-packages-access-control-and-visibility.md,rendering error +translations/zh-CN/content/packages/learn-github-packages/deleting-and-restoring-a-package.md,rendering error +translations/zh-CN/content/packages/learn-github-packages/introduction-to-github-packages.md,rendering error +translations/zh-CN/content/packages/learn-github-packages/viewing-packages.md,rendering error +translations/zh-CN/content/packages/managing-github-packages-using-github-actions-workflows/publishing-and-installing-a-package-with-github-actions.md,rendering error +translations/zh-CN/content/packages/working-with-a-github-packages-registry/working-with-the-container-registry.md,rendering error +translations/zh-CN/content/packages/working-with-a-github-packages-registry/working-with-the-npm-registry.md,rendering error +translations/zh-CN/content/pages/getting-started-with-github-pages/creating-a-github-pages-site.md,rendering error translations/zh-CN/content/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/merging-a-pull-request.md,broken liquid tags -translations/zh-CN/content/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-proposed-changes-in-a-pull-request.md,broken liquid tags -translations/zh-CN/content/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners.md,broken liquid tags -translations/zh-CN/content/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-readmes.md,broken liquid tags -translations/zh-CN/content/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/configuring-autolinks-to-reference-external-resources.md,broken liquid tags -translations/zh-CN/content/repositories/releasing-projects-on-github/managing-releases-in-a-repository.md,broken liquid tags -translations/zh-CN/content/repositories/working-with-files/using-files/working-with-non-code-files.md,broken liquid tags -translations/zh-CN/content/rest/guides/getting-started-with-the-rest-api.md,broken liquid tags +translations/zh-CN/content/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-and-deleting-branches-within-your-repository.md,broken liquid tags +translations/zh-CN/content/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/keeping-your-pull-request-in-sync-with-the-base-branch.md,broken liquid tags +translations/zh-CN/content/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-dependency-changes-in-a-pull-request.md,broken liquid tags +translations/zh-CN/content/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-proposed-changes-in-a-pull-request.md,rendering error +translations/zh-CN/content/repositories/archiving-a-github-repository/archiving-repositories.md,broken liquid tags +translations/zh-CN/content/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/configuring-commit-merging-for-pull-requests.md,broken liquid tags +translations/zh-CN/content/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/configuring-commit-rebasing-for-pull-requests.md,broken liquid tags +translations/zh-CN/content/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/configuring-commit-squashing-for-pull-requests.md,broken liquid tags +translations/zh-CN/content/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/managing-auto-merge-for-pull-requests-in-your-repository.md,broken liquid tags +translations/zh-CN/content/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/managing-suggestions-to-update-pull-request-branches.md,rendering error +translations/zh-CN/content/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/managing-the-automatic-deletion-of-branches.md,broken liquid tags +translations/zh-CN/content/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/about-protected-branches.md,broken liquid tags +translations/zh-CN/content/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/managing-a-branch-protection-rule.md,broken liquid tags +translations/zh-CN/content/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/troubleshooting-required-status-checks.md,broken liquid tags +translations/zh-CN/content/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners.md,rendering error +translations/zh-CN/content/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-readmes.md,rendering error +translations/zh-CN/content/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository.md,broken liquid tags +translations/zh-CN/content/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository.md,broken liquid tags +translations/zh-CN/content/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/configuring-autolinks-to-reference-external-resources.md,rendering error +translations/zh-CN/content/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/managing-teams-and-people-with-access-to-your-repository.md,rendering error +translations/zh-CN/content/repositories/releasing-projects-on-github/about-releases.md,broken liquid tags +translations/zh-CN/content/repositories/releasing-projects-on-github/comparing-releases.md,broken liquid tags +translations/zh-CN/content/repositories/releasing-projects-on-github/linking-to-releases.md,broken liquid tags +translations/zh-CN/content/repositories/releasing-projects-on-github/managing-releases-in-a-repository.md,rendering error +translations/zh-CN/content/repositories/working-with-files/using-files/working-with-non-code-files.md,rendering error +translations/zh-CN/content/rest/dependabot/index.md,broken liquid tags +translations/zh-CN/content/rest/guides/getting-started-with-the-rest-api.md,rendering error translations/zh-CN/content/rest/overview/other-authentication-methods.md,broken liquid tags +translations/zh-CN/content/rest/overview/permissions-required-for-github-apps.md,broken liquid tags translations/zh-CN/content/rest/overview/resources-in-the-rest-api.md,broken liquid tags translations/zh-CN/content/rest/repos/lfs.md,broken liquid tags translations/zh-CN/content/search-github/getting-started-with-searching-on-github/enabling-githubcom-repository-search-from-your-private-enterprise-environment.md,rendering error -translations/zh-CN/content/search-github/searching-on-github/searching-issues-and-pull-requests.md,broken liquid tags +translations/zh-CN/content/search-github/searching-on-github/searching-issues-and-pull-requests.md,rendering error translations/zh-CN/content/site-policy/privacy-policies/github-subprocessors-and-cookies.md,broken liquid tags translations/zh-CN/content/sponsors/receiving-sponsorships-through-github-sponsors/setting-up-github-sponsors-for-your-organization.md,broken liquid tags translations/zh-CN/content/sponsors/receiving-sponsorships-through-github-sponsors/setting-up-github-sponsors-for-your-personal-account.md,broken liquid tags -translations/zh-CN/content/support/learning-about-github-support/about-github-support.md,broken liquid tags +translations/zh-CN/content/support/learning-about-github-support/about-github-support.md,rendering error +translations/zh-CN/data/release-notes/enterprise-server/2-20/15.yml,rendering error +translations/zh-CN/data/release-notes/enterprise-server/2-21/17.yml,rendering error translations/zh-CN/data/release-notes/enterprise-server/2-21/6.yml,rendering error translations/zh-CN/data/release-notes/enterprise-server/2-22/0.yml,rendering error translations/zh-CN/data/release-notes/enterprise-server/2-22/1.yml,rendering error @@ -440,24 +510,55 @@ translations/zh-CN/data/release-notes/enterprise-server/3-0/0.yml,rendering erro translations/zh-CN/data/release-notes/enterprise-server/3-0/1.yml,rendering error translations/zh-CN/data/release-notes/enterprise-server/3-0/2.yml,rendering error translations/zh-CN/data/release-notes/enterprise-server/3-0/3.yml,rendering error +translations/zh-CN/data/release-notes/enterprise-server/3-1/0.yml,rendering error translations/zh-CN/data/release-notes/enterprise-server/3-1/1.yml,rendering error translations/zh-CN/data/release-notes/enterprise-server/3-1/2.yml,rendering error translations/zh-CN/data/release-notes/enterprise-server/3-1/4.yml,rendering error translations/zh-CN/data/release-notes/enterprise-server/3-2/0-rc1.yml,rendering error +translations/zh-CN/data/release-notes/enterprise-server/3-2/0.yml,rendering error +translations/zh-CN/data/release-notes/enterprise-server/3-2/17.yml,rendering error translations/zh-CN/data/release-notes/enterprise-server/3-3/0-rc1.yml,rendering error +translations/zh-CN/data/release-notes/enterprise-server/3-3/0.yml,rendering error +translations/zh-CN/data/release-notes/enterprise-server/3-3/12.yml,rendering error translations/zh-CN/data/release-notes/enterprise-server/3-4/0-rc1.yml,rendering error -translations/zh-CN/data/release-notes/github-ae/2021-03/2021-03-03.yml,rendering error -translations/zh-CN/data/release-notes/github-ae/2021-06/2021-12-06.yml,rendering error +translations/zh-CN/data/release-notes/enterprise-server/3-4/0.yml,rendering error +translations/zh-CN/data/release-notes/enterprise-server/3-4/1.yml,rendering error +translations/zh-CN/data/release-notes/enterprise-server/3-4/2.yml,rendering error +translations/zh-CN/data/release-notes/enterprise-server/3-4/3.yml,rendering error +translations/zh-CN/data/release-notes/enterprise-server/3-4/4.yml,rendering error +translations/zh-CN/data/release-notes/enterprise-server/3-4/5.yml,rendering error +translations/zh-CN/data/release-notes/enterprise-server/3-4/6.yml,rendering error +translations/zh-CN/data/release-notes/enterprise-server/3-4/7.yml,rendering error +translations/zh-CN/data/release-notes/enterprise-server/3-4/8.yml,rendering error +translations/zh-CN/data/release-notes/enterprise-server/3-5/0-rc1.yml,rendering error +translations/zh-CN/data/release-notes/enterprise-server/3-5/4.yml,rendering error +translations/zh-CN/data/release-notes/enterprise-server/3-6/0-rc1.yml,rendering error translations/zh-CN/data/reusables/actions/about-actions-for-enterprises.md,rendering error -translations/zh-CN/data/reusables/actions/actions-audit-events-workflow.md,broken liquid tags +translations/zh-CN/data/reusables/actions/actions-audit-events-workflow.md,rendering error translations/zh-CN/data/reusables/actions/actions-billing.md,broken liquid tags +translations/zh-CN/data/reusables/actions/create-runner-group.md,broken liquid tags translations/zh-CN/data/reusables/actions/jobs/section-running-jobs-in-a-container.md,broken liquid tags translations/zh-CN/data/reusables/actions/ref_name-description.md,broken liquid tags -translations/zh-CN/data/reusables/actions/self-hosted-runner-add-to-enterprise.md,broken liquid tags -translations/zh-CN/data/reusables/actions/usage-workflow-run-time.md,broken liquid tags +translations/zh-CN/data/reusables/actions/reusable-workflow-artifacts.md,broken liquid tags +translations/zh-CN/data/reusables/actions/reusable-workflow-calling-syntax.md,broken liquid tags +translations/zh-CN/data/reusables/actions/reusable-workflows.md,broken liquid tags +translations/zh-CN/data/reusables/actions/runner-groups-add-to-enterprise-first-steps.md,broken liquid tags +translations/zh-CN/data/reusables/actions/self-hosted-runner-add-to-enterprise.md,rendering error +translations/zh-CN/data/reusables/actions/settings-ui/settings-actions-general.md,broken liquid tags +translations/zh-CN/data/reusables/actions/settings-ui/settings-actions-runner-groups.md,broken liquid tags +translations/zh-CN/data/reusables/actions/settings-ui/settings-actions-runners.md,broken liquid tags +translations/zh-CN/data/reusables/actions/sidebar-secret.md,broken liquid tags +translations/zh-CN/data/reusables/actions/usage-workflow-run-time.md,rendering error +translations/zh-CN/data/reusables/actions/workflow-dispatch-inputs.md,broken liquid tags translations/zh-CN/data/reusables/actions/workflow-template-overview.md,rendering error +translations/zh-CN/data/reusables/advanced-security/secret-scanning-add-custom-pattern-details.md,broken liquid tags +translations/zh-CN/data/reusables/advanced-security/secret-scanning-create-custom-pattern.md,broken liquid tags translations/zh-CN/data/reusables/advanced-security/secret-scanning-push-protection-org.md,broken liquid tags -translations/zh-CN/data/reusables/audit_log/audit-log-events-workflows.md,broken liquid tags +translations/zh-CN/data/reusables/audit_log/audit-log-events-workflows.md,rendering error +translations/zh-CN/data/reusables/audit_log/audit_log_sidebar_for_org_admins.md,broken liquid tags +translations/zh-CN/data/reusables/audit_log/audit_log_sidebar_for_site_admins.md,broken liquid tags +translations/zh-CN/data/reusables/code-scanning/codeql-languages-bullets.md,broken liquid tags +translations/zh-CN/data/reusables/code-scanning/codeql-languages-keywords.md,broken liquid tags translations/zh-CN/data/reusables/code-scanning/example-configuration-files.md,broken liquid tags translations/zh-CN/data/reusables/code-scanning/licensing-note.md,broken liquid tags translations/zh-CN/data/reusables/code-scanning/run-additional-queries.md,broken liquid tags @@ -473,7 +574,10 @@ translations/zh-CN/data/reusables/codespaces/rebuild-command.md,broken liquid ta translations/zh-CN/data/reusables/codespaces/secrets-on-start.md,broken liquid tags translations/zh-CN/data/reusables/codespaces/use-chrome.md,broken liquid tags translations/zh-CN/data/reusables/codespaces/your-codespaces-procedure-step.md,broken liquid tags +translations/zh-CN/data/reusables/dependabot/beta-security-and-version-updates.md,broken liquid tags translations/zh-CN/data/reusables/dependabot/default-dependencies-allow-ignore.md,broken liquid tags +translations/zh-CN/data/reusables/dependabot/dependabot-secrets-button.md,broken liquid tags +translations/zh-CN/data/reusables/dependabot/enabling-disabling-dependency-graph-private-repo.md,broken liquid tags translations/zh-CN/data/reusables/dotcom_billing/actions-packages-report-download-org-account.md,broken liquid tags translations/zh-CN/data/reusables/enterprise-accounts/actions-packages-report-download-enterprise-accounts.md,broken liquid tags translations/zh-CN/data/reusables/enterprise-accounts/billing-microsoft-ea-overview.md,broken liquid tags @@ -482,14 +586,41 @@ translations/zh-CN/data/reusables/enterprise-accounts/security-tab.md,broken liq translations/zh-CN/data/reusables/enterprise_enterprise_support/installing-releases.md,broken liquid tags translations/zh-CN/data/reusables/gated-features/code-scanning.md,broken liquid tags translations/zh-CN/data/reusables/gated-features/codespaces-classroom-articles.md,broken liquid tags -translations/zh-CN/data/reusables/gated-features/secret-scanning-partner.md,broken liquid tags -translations/zh-CN/data/reusables/gated-features/secret-scanning.md,broken liquid tags +translations/zh-CN/data/reusables/gated-features/dependency-vulnerable-calls.md,broken liquid tags +translations/zh-CN/data/reusables/gated-features/secret-scanning-partner.md,rendering error +translations/zh-CN/data/reusables/gated-features/secret-scanning.md,rendering error translations/zh-CN/data/reusables/identity-and-permissions/ip-allow-lists-enable.md,broken liquid tags translations/zh-CN/data/reusables/notifications-v2/custom-notification-types.md,broken liquid tags translations/zh-CN/data/reusables/notifications/shared_state.md,rendering error +translations/zh-CN/data/reusables/organizations/billing_plans.md,broken liquid tags +translations/zh-CN/data/reusables/organizations/github-apps-settings-sidebar.md,broken liquid tags +translations/zh-CN/data/reusables/organizations/member-privileges.md,broken liquid tags +translations/zh-CN/data/reusables/organizations/repository-defaults.md,broken liquid tags +translations/zh-CN/data/reusables/organizations/security-and-analysis.md,broken liquid tags +translations/zh-CN/data/reusables/organizations/security.md,broken liquid tags +translations/zh-CN/data/reusables/organizations/teams_sidebar.md,broken liquid tags +translations/zh-CN/data/reusables/organizations/verified-domains.md,broken liquid tags +translations/zh-CN/data/reusables/pages/sidebar-pages.md,broken liquid tags translations/zh-CN/data/reusables/pull_requests/resolving-conversations.md,broken liquid tags -translations/zh-CN/data/reusables/release-notes/ghas-3.4-secret-scanning-known-issue.md,broken liquid tags +translations/zh-CN/data/reusables/release-notes/ghas-3.4-secret-scanning-known-issue.md,rendering error +translations/zh-CN/data/reusables/repositories/changed-files.md,broken liquid tags +translations/zh-CN/data/reusables/repositories/navigate-to-code-security-and-analysis.md,broken liquid tags +translations/zh-CN/data/reusables/repositories/repository-branches.md,broken liquid tags +translations/zh-CN/data/reusables/repositories/sidebar-notifications.md,broken liquid tags +translations/zh-CN/data/reusables/repositories/suggest-changes.md,broken liquid tags translations/zh-CN/data/reusables/saml/you-must-periodically-authenticate.md,rendering error -translations/zh-CN/data/reusables/secret-scanning/partner-secret-list-private-repo.md,broken liquid tags +translations/zh-CN/data/reusables/secret-scanning/partner-secret-list-private-repo.md,rendering error translations/zh-CN/data/reusables/secret-scanning/push-protection-web-ui-choice.md,broken liquid tags -translations/zh-CN/data/reusables/secret-scanning/secret-list-private-push-protection.md,broken liquid tags +translations/zh-CN/data/reusables/secret-scanning/secret-list-private-push-protection.md,rendering error +translations/zh-CN/data/reusables/security-overview/permissions.md,broken liquid tags +translations/zh-CN/data/reusables/user-settings/access_applications.md,broken liquid tags +translations/zh-CN/data/reusables/user-settings/account_settings.md,broken liquid tags +translations/zh-CN/data/reusables/user-settings/appearance-settings.md,broken liquid tags +translations/zh-CN/data/reusables/user-settings/developer_settings.md,broken liquid tags +translations/zh-CN/data/reusables/user-settings/emails.md,broken liquid tags +translations/zh-CN/data/reusables/user-settings/organizations.md,broken liquid tags +translations/zh-CN/data/reusables/user-settings/repo-tab.md,broken liquid tags +translations/zh-CN/data/reusables/user-settings/saved_replies.md,broken liquid tags +translations/zh-CN/data/reusables/user-settings/security-analysis.md,broken liquid tags +translations/zh-CN/data/reusables/user-settings/security.md,broken liquid tags +translations/zh-CN/data/reusables/user-settings/ssh.md,broken liquid tags diff --git a/translations/zh-CN/content/account-and-profile/managing-subscriptions-and-notifications-on-github/managing-subscriptions-for-activity-on-github/managing-your-subscriptions.md b/translations/zh-CN/content/account-and-profile/managing-subscriptions-and-notifications-on-github/managing-subscriptions-for-activity-on-github/managing-your-subscriptions.md index 8238366d3b..3b470c37a4 100644 --- a/translations/zh-CN/content/account-and-profile/managing-subscriptions-and-notifications-on-github/managing-subscriptions-for-activity-on-github/managing-your-subscriptions.md +++ b/translations/zh-CN/content/account-and-profile/managing-subscriptions-and-notifications-on-github/managing-subscriptions-for-activity-on-github/managing-your-subscriptions.md @@ -1,6 +1,6 @@ --- -title: 管理订阅 -intro: 为帮助您有效地管理通知,提供了多种取消订阅的方法。 +title: Managing your subscriptions +intro: 'To help you manage your notifications efficiently, there are several ways to unsubscribe.' versions: fpt: '*' ghes: '*' @@ -12,79 +12,73 @@ redirect_from: - /github/managing-subscriptions-and-notifications-on-github/managing-your-subscriptions - /github/managing-subscriptions-and-notifications-on-github/managing-subscriptions-for-activity-on-github/managing-your-subscriptions shortTitle: Manage your subscriptions -ms.openlocfilehash: 750a3a9ad87ff9aa709b84a98f548d85d53072ee -ms.sourcegitcommit: fcf3546b7cc208155fb8acdf68b81be28afc3d2d -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/10/2022 -ms.locfileid: '145087363' --- -为了帮助了解订阅并决定是否取消订阅,请参阅“[查看订阅](/github/managing-subscriptions-and-notifications-on-github/viewing-your-subscriptions)”。 +To help you understand your subscriptions and decide whether to unsubscribe, see "[Viewing your subscriptions](/github/managing-subscriptions-and-notifications-on-github/viewing-your-subscriptions)." {% note %} -注意:可以选择忽略存储库,而不是取消订阅。 如果忽略仓库,将不会收到任何通知。 不建议忽略存储库,因为如果你被 @mentioned,你将不会收到通知。 {% ifversion fpt or ghec %} 如果遇到滥用行为并想要忽略存储库,请联系 {% data variables.contact.contact_support %} 以获取帮助。 {% data reusables.policies.abuse %}{% endif %} +**Note:** Instead of unsubscribing, you have the option to ignore a repository. If you ignore a repository, you won't receive any notifications. We don't recommend ignoring repositories as you won't be notified if you're @mentioned. {% ifversion fpt or ghec %}If you're experiencing abuse and want to ignore a repository, please contact {% data variables.contact.contact_support %} so we can help. {% data reusables.policies.abuse %}{% endif %} {% endnote %} -## 选择如何取消订阅 +## Choosing how to unsubscribe -若要快速取消关注(或取消订阅)存储库,请导航至 [github.com/watching](https://github.com/watching)查看你所关注的所有存储库。 有关详细信息,请参阅“[取消关注存储库](#unwatching-repositories)”。 +To unwatch (or unsubscribe from) repositories quickly, navigate to [github.com/watching](https://github.com/watching) to see all the repositories you're following. For more information, see "[Unwatching repositories](#unwatching-repositories)." -要同时取消订阅多个通知,您可以使用收件箱或订阅页面上取消订阅。 相比“Watched repositories(已关注仓库)”页面,这两个选项可提供有关您的订阅的更多上下文。 +To unsubscribe from multiple notifications at the same time, you can unsubscribe using your inbox or on the subscriptions page. Both of these options offer more context about your subscriptions than the "Watched repositories" page. -### 从收件箱中取消订阅的优点 +### Benefits of unsubscribing from your inbox -在收件箱中取消订阅通知时,您还有其他一些分类选项,并且可以按自定义过滤器和讨论类型来过滤通知。 有关详细信息,请参阅“[管理收件箱中的通知](/github/managing-subscriptions-and-notifications-on-github/managing-notifications-from-your-inbox)”。 +When you unsubscribe from notifications in your inbox, you have several other triaging options and can filter your notifications by custom filters and discussion types. For more information, see "[Managing notifications from your inbox](/github/managing-subscriptions-and-notifications-on-github/managing-notifications-from-your-inbox)." -### 从订阅页面取消订阅的优点 +### Benefits of unsubscribing from the subscriptions page -在订阅页面上取消订阅通知时,您可以查看更多已订阅的通知,并且可以按“最多最近订阅”或“最少最近订阅”对它们进行排序。 +When you unsubscribe from notifications on the subscriptions page, you can see more of the notifications you're subscribed to and sort them by "Most recently subscribed" or "Least recently subscribed". -订阅页将显示当前订阅的所有通知,包括在收件箱中标记为“完成”的通知。 +The subscriptions page shows you all of the notifications that you're currently subscribed to, including notifications that you have marked as **Done** in your inbox. -您只能按仓库和接收通知的原因过滤订阅。 +You can only filter your subscriptions by repository and the reason you're receiving the notification. -## 在收件箱中取消订阅通知 +## Unsubscribing from notifications in your inbox -当您取消订阅收件箱中的通知时,它们将自动从您的收件箱中消失。 +When you unsubscribe from notifications in your inbox, they will automatically disappear from your inbox. {% data reusables.notifications.access_notifications %} -1. 从通知收件箱中选择您想要取消订阅的通知。 -2. 单击“取消订阅”。 - ![主收件箱中的“取消订阅”选项](/assets/images/help/notifications-v2/unsubscribe-from-main-inbox.png) +1. From the notifications inbox, select the notifications you want to unsubscribe to. +2. Click **Unsubscribe.** + ![Unsubscribe option from main inbox](/assets/images/help/notifications-v2/unsubscribe-from-main-inbox.png) -## 从订阅页面取消订阅通知 +## Unsubscribing from notifications on the subscriptions page {% data reusables.notifications.access_notifications %} -1. 在左侧边栏存储库列表下的“管理通知”下拉菜单中单击“订阅”。 - ![管理通知下拉菜单选项](/assets/images/help/notifications-v2/manage-notifications-options.png) +1. In the left sidebar, under the list of repositories, use the "Manage notifications" drop-down to click **Subscriptions**. + ![Manage notifications drop down menu options](/assets/images/help/notifications-v2/manage-notifications-options.png) -2. 选择要取消订阅的通知。 单击右上角的“取消订阅”。 - ![订阅页面](/assets/images/help/notifications-v2/unsubscribe-from-subscriptions-page.png) +2. Select the notifications you want to unsubscribe to. In the top right, click **Unsubscribe.** + ![Subscriptions page](/assets/images/help/notifications-v2/unsubscribe-from-subscriptions-page.png) -## 取消关注仓库 +## Unwatching repositories -如果取消关注存储库,将取消订阅该存储库的未来更新,除非参与对话或被 @mentioned。 +When you unwatch a repository, you unsubscribe from future updates from that repository unless you participate in a conversation or are @mentioned. {% data reusables.notifications.access_notifications %} -1. 在左侧边栏存储库列表下的“管理通知”下拉菜单中单击“已关注的存储库”。 +1. In the left sidebar, under the list of repositories, use the "Manage notifications" drop-down to click **Watched repositories**. - ![管理通知下拉菜单选项](/assets/images/help/notifications-v2/manage-notifications-options.png) + ![Manage notifications drop down menu options](/assets/images/help/notifications-v2/manage-notifications-options.png) -2. 在关注的仓库页面上,评估您关注的仓库后,选择是否: +2. On the watched repositories page, after you've evaluated the repositories you're watching, choose whether to: - - 取消关注仓库 - - 忽略某仓库的所有通知 - - 如有启用,请自定义接收通知的事件类型({% data reusables.notifications-v2.custom-notification-types %}) + - Unwatch a repository + - Ignore all notifications for a repository + - If enabled, customize the types of event you receive notifications for ({% data reusables.notifications-v2.custom-notification-types %}) -{%- ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5819 %} -1. (可选)要取消订阅指定用户或组织拥有的所有存储库,请选择“全部取消关注”下拉列表,然后单击要取消订阅其存储库的组织 **​​**。 取消关注所有存储库的按钮仅在您正在关注超过 10 个存储库上的所有活动或自定义通知时才可用。 +{%- ifversion fpt or ghec or ghes > 3.3 or ghae > 3.3 %} +1. Optionally, to unsubscribe from all repositories owned by a given user or organization, select the **Unwatch all** dropdown and click the organization whose repositories you'd like to unsubscribe from. The button to unwatch all repositories is only available if you are watching all activity or custom notifications on over 10 repositories. - ![“全部取消关注”按钮的屏幕截图](/assets/images/help/notifications-v2/unsubscribe-from-all-repos.png) + ![Screenshot of the Unwatch All button.](/assets/images/help/notifications-v2/unsubscribe-from-all-repos.png) - - 单击“取消关注”以确认要取消关注所选用户或组织拥有的存储库,或单击“取消”以取消关注 。 + - Click **Unwatch** to confirm that you want to unwatch the repositories owned by the selected user or organization, or click **Cancel** to cancel. - ![全部取消关注确认对话框的屏幕截图。](/assets/images/help/notifications-v2/unwatch-repo-dialog.png) + ![Screenshot of the unwatch all confirmation dialogue.](/assets/images/help/notifications-v2/unwatch-repo-dialog.png) {% endif %} diff --git a/translations/zh-CN/content/account-and-profile/managing-subscriptions-and-notifications-on-github/setting-up-notifications/configuring-notifications.md b/translations/zh-CN/content/account-and-profile/managing-subscriptions-and-notifications-on-github/setting-up-notifications/configuring-notifications.md index 4c00bf0c23..35d44edfe8 100644 --- a/translations/zh-CN/content/account-and-profile/managing-subscriptions-and-notifications-on-github/setting-up-notifications/configuring-notifications.md +++ b/translations/zh-CN/content/account-and-profile/managing-subscriptions-and-notifications-on-github/setting-up-notifications/configuring-notifications.md @@ -141,7 +141,7 @@ Email notifications from {% data variables.product.product_location %} contain t - There are updates in repositories or team discussions you're watching or in a conversation you're participating in. For more information, see "[About participating and watching notifications](#about-participating-and-watching-notifications)." - You gain access to a new repository or you've joined a new team. For more information, see "[Automatic watching](#automatic-watching)." - There are new {% data variables.product.prodname_dependabot_alerts %} in your repository. For more information, see "[{% data variables.product.prodname_dependabot_alerts %} notification options](#dependabot-alerts-notification-options)." {% ifversion fpt or ghec %} - - There are workflow runs updates on repositories set up with {% data variables.product.prodname_actions %}. For more information, see "[{% data variables.product.prodname_actions %} notification options](#github-actions-notification-options)."{% endif %}{% ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5668 %} + - There are workflow runs updates on repositories set up with {% data variables.product.prodname_actions %}. For more information, see "[{% data variables.product.prodname_actions %} notification options](#github-actions-notification-options)."{% endif %}{% ifversion fpt or ghec or ghes > 3.3 or ghae > 3.3 %} - There are new deploy keys added to repositories that belong to organizations that you're an owner of. For more information, see "[Organization alerts notification options](#organization-alerts-notification-options)."{% endif %} ## Automatic watching @@ -206,7 +206,7 @@ Choose how you want to receive workflow run updates for repositories that you ar {% endif %} -{% ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5668 %} +{% ifversion fpt or ghec or ghes > 3.3 or ghae > 3.3 %} ## Organization alerts notification options If you're an organization owner, you'll receive email notifications by default when organization members add new deploy keys to repositories within the organization. You can unsubscribe from these notifications. On the notification settings page, under "Organization alerts", unselect **Email**. diff --git a/translations/zh-CN/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/inviting-collaborators-to-a-personal-repository.md b/translations/zh-CN/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/inviting-collaborators-to-a-personal-repository.md index 80e3259548..8a8d6ef9a6 100644 --- a/translations/zh-CN/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/inviting-collaborators-to-a-personal-repository.md +++ b/translations/zh-CN/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/inviting-collaborators-to-a-personal-repository.md @@ -1,6 +1,6 @@ --- -title: 邀请协作者参加个人仓库 -intro: '你可以{% ifversion fpt or ghec %}邀请用户成为{% else %}添加用户作为{% endif %}个人存储库的协作者。' +title: Inviting collaborators to a personal repository +intro: 'You can {% ifversion fpt or ghec %}invite users to become{% else %}add users as{% endif %} collaborators to your personal repository.' redirect_from: - /articles/how-do-i-add-a-collaborator - /articles/adding-collaborators-to-a-personal-repository @@ -18,49 +18,50 @@ topics: - Accounts - Repositories shortTitle: Invite collaborators -ms.openlocfilehash: b8cf147e94d4dd0a76d0bebcb07a58d03d7cbc9e -ms.sourcegitcommit: fb047f9450b41b24afc43d9512a5db2a2b750a2a -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/11/2022 -ms.locfileid: '145164797' --- -组织拥有的仓库可授予更细致的访问权限。 有关详细信息,请参阅“[对 {% data variables.product.prodname_dotcom %} 的访问权限](/articles/access-permissions-on-github)”。 +Repositories owned by an organization can grant more granular access. For more information, see "[Access permissions on {% data variables.product.prodname_dotcom %}](/articles/access-permissions-on-github)." {% data reusables.organizations.org-invite-expiration %} {% ifversion fpt or ghec %} -如果您是 {% data variables.product.prodname_emu_enterprise %} 的成员,则只能邀请企业的其他成员与您协作。 {% data reusables.enterprise-accounts.emu-more-info-account %} +If you're a member of an {% data variables.product.prodname_emu_enterprise %}, you can only invite other members of your enterprise to collaborate with you. {% data reusables.enterprise-accounts.emu-more-info-account %} {% note %} -注意:{% data variables.product.company_short %} 会限制在 24 小时内可受邀加入存储库的人数。 如果您超过此限制,请等待 24 小时后再邀请,或者创建一个组织以与更多的人协作。 +**Note:** {% data variables.product.company_short %} limits the number of people who can be invited to a repository within a 24-hour period. If you exceed this limit, either wait 24 hours or create an organization to collaborate with more people. {% endnote %} {% endif %} -1. 询问你邀请作为协助者的用户名。{% ifversion fpt or ghec %} 如果他们还没有用户名,他们可以注册 {% data variables.product.prodname_dotcom %}。有关详细信息,请参阅“[注册新的 {% data variables.product.prodname_dotcom %} 帐户](/articles/signing-up-for-a-new-github-account)”。{% endif %} {% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-settings %} {% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5658%} {% data reusables.repositories.click-collaborators-teams %} -1. 单击“邀请协作者”。 - ![“邀请协作者”按钮](/assets/images/help/repository/invite-a-collaborator-button.png) -2. 在搜索字段中,开始键入您想邀请的人员的姓名,然后单击匹配列表中的姓名。 - ![搜索字段以键入要邀请加入存储库的人员姓名](/assets/images/help/repository/manage-access-invite-search-field-user.png) -3. 单击“将 添加到存储库”。 - ![用于添加协作者的按钮](/assets/images/help/repository/add-collaborator-user-repo.png) {% else %} -5. 在左侧边栏中,单击“协作者”。 -![突出显示协作者的“存储库设置”侧边栏](/assets/images/help/repository/user-account-repo-settings-collaborators.png) -6. 在 "Collaborators"(协作者)下,开始输入协作者的用户名。 -7. 从下拉菜单中选择协作者的用户名。 - ![协作者列表下拉菜单](/assets/images/help/repository/repo-settings-collab-autofill.png) -8. 单击“添加协作者”。 - ![“添加协作者”按钮](/assets/images/help/repository/repo-settings-collab-add.png) {% endif %} {% ifversion fpt or ghec %} -9. 用户将会收到一封邀请他们参加仓库的电子邮件。 在接受邀请后,他们便对仓库具有协作者访问权限。 +1. Ask for the username of the person you're inviting as a collaborator.{% ifversion fpt or ghec %} If they don't have a username yet, they can sign up for {% data variables.product.prodname_dotcom %} For more information, see "[Signing up for a new {% data variables.product.prodname_dotcom %} account](/articles/signing-up-for-a-new-github-account)".{% endif %} +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.sidebar-settings %} +{% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4%} +{% data reusables.repositories.click-collaborators-teams %} +1. Click **Invite a collaborator**. + !["Invite a collaborator" button](/assets/images/help/repository/invite-a-collaborator-button.png) +2. In the search field, start typing the name of person you want to invite, then click a name in the list of matches. + ![Search field for typing the name of a person to invite to the repository](/assets/images/help/repository/manage-access-invite-search-field-user.png) +3. Click **Add NAME to REPOSITORY**. + ![Button to add collaborator](/assets/images/help/repository/add-collaborator-user-repo.png) +{% else %} +5. In the left sidebar, click **Collaborators**. +![Repository settings sidebar with Collaborators highlighted](/assets/images/help/repository/user-account-repo-settings-collaborators.png) +6. Under "Collaborators", start typing the collaborator's username. +7. Select the collaborator's username from the drop-down menu. + ![Collaborator list drop-down menu](/assets/images/help/repository/repo-settings-collab-autofill.png) +8. Click **Add collaborator**. + !["Add collaborator" button](/assets/images/help/repository/repo-settings-collab-add.png) +{% endif %} +{% ifversion fpt or ghec %} +9. The user will receive an email inviting them to the repository. Once they accept your invitation, they will have collaborator access to your repository. {% endif %} -## 延伸阅读 +## Further reading -- “[个人帐户存储库的权限级别](/articles/permission-levels-for-a-user-account-repository/#collaborator-access-for-a-repository-owned-by-a-personal-account)” -- [从个人存储库中删除协作者](/articles/removing-a-collaborator-from-a-personal-repository) -- [从协作者的存储库中删除你自己](/articles/removing-yourself-from-a-collaborator-s-repository) -- [将成员组织为团队](/organizations/organizing-members-into-teams) +- "[Permission levels for a personal account repository](/articles/permission-levels-for-a-user-account-repository/#collaborator-access-for-a-repository-owned-by-a-personal-account)" +- "[Removing a collaborator from a personal repository](/articles/removing-a-collaborator-from-a-personal-repository)" +- "[Removing yourself from a collaborator's repository](/articles/removing-yourself-from-a-collaborator-s-repository)" +- "[Organizing members into teams](/organizations/organizing-members-into-teams)" diff --git a/translations/zh-CN/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/removing-a-collaborator-from-a-personal-repository.md b/translations/zh-CN/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/removing-a-collaborator-from-a-personal-repository.md index 7c367428f3..e194eea8cd 100644 --- a/translations/zh-CN/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/removing-a-collaborator-from-a-personal-repository.md +++ b/translations/zh-CN/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/removing-a-collaborator-from-a-personal-repository.md @@ -1,6 +1,6 @@ --- -title: 从个人仓库中删除协作者 -intro: 当您从项目中删除协作者时,他们将失去对您仓库的读取/写入权限。 如果仓库为私有并且该人员已创建复刻,则该复刻也将删除。 +title: Removing a collaborator from a personal repository +intro: 'When you remove a collaborator from your project, they lose read/write access to your repository. If the repository is private and the person has created a fork, then that fork is also deleted.' redirect_from: - /articles/how-do-i-remove-a-collaborator - /articles/what-happens-when-i-remove-a-collaborator-from-my-private-repository @@ -21,28 +21,27 @@ topics: - Accounts - Repositories shortTitle: Remove a collaborator -ms.openlocfilehash: 24b128b5858c695b0e559302fac05812d3218b8c -ms.sourcegitcommit: 47bd0e48c7dba1dde49baff60bc1eddc91ab10c5 -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/05/2022 -ms.locfileid: '145164728' --- -## 删除私有仓库的复刻 +## Deleting forks of private repositories -尽管删除协作者时将删除私有仓库的复刻,但此人员将仍保留您仓库的任何本地克隆。 +While forks of private repositories are deleted when a collaborator is removed, the person will still retain any local clones of your repository. -## 删除为仓库做出贡献的人员的协作者权限 +## Removing collaborator permissions from a person contributing to a repository -{% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-settings %} {% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5658 %} {% data reusables.repositories.click-collaborators-teams %} -4. 在要移除的协作者的右侧,单击 {% octicon "trash" aria-label="The trash icon" %}。 - ![用于移除协作者的按钮](/assets/images/help/repository/collaborator-remove.png) {% else %} -3. 在左侧边栏中,单击“协作者和团队”。 - ![“协作者”选项卡](/assets/images/help/repository/repo-settings-collaborators.png) -4. 在要移除的协作者旁边,单击“X”图标。 - ![移除链接](/assets/images/help/organizations/Collaborator-Remove.png) {% endif %} +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.sidebar-settings %} +{% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %} +{% data reusables.repositories.click-collaborators-teams %} +4. To the right of the collaborator you want to remove, click {% octicon "trash" aria-label="The trash icon" %}. + ![Button to remove collaborator](/assets/images/help/repository/collaborator-remove.png) +{% else %} +3. In the left sidebar, click **Collaborators & teams**. + ![Collaborators tab](/assets/images/help/repository/repo-settings-collaborators.png) +4. Next to the collaborator you want to remove, click the **X** icon. + ![Remove link](/assets/images/help/organizations/Collaborator-Remove.png) +{% endif %} -## 延伸阅读 +## Further reading -- [从团队中移除组织成员](/articles/removing-organization-members-from-a-team) -- [从组织存储库中移除外部协作者](/articles/removing-an-outside-collaborator-from-an-organization-repository) +- "[Removing organization members from a team](/articles/removing-organization-members-from-a-team)" +- "[Removing an outside collaborator from an organization repository](/articles/removing-an-outside-collaborator-from-an-organization-repository)" diff --git a/translations/zh-CN/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/removing-yourself-from-a-collaborators-repository.md b/translations/zh-CN/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/removing-yourself-from-a-collaborators-repository.md index 02c29e65db..8e297db83f 100644 --- a/translations/zh-CN/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/removing-yourself-from-a-collaborators-repository.md +++ b/translations/zh-CN/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/removing-yourself-from-a-collaborators-repository.md @@ -1,6 +1,6 @@ --- -title: 从协作者的仓库中删除您自己 -intro: 如果您不再想要成为其他人仓库中的协作者,您可以删除自己。 +title: Removing yourself from a collaborator's repository +intro: 'If you no longer want to be a collaborator on someone else''s repository, you can remove yourself.' redirect_from: - /leave-a-collaborative-repo - /leave-a-repo @@ -19,19 +19,15 @@ topics: - Accounts - Repositories shortTitle: Remove yourself -ms.openlocfilehash: 3b760d7947d734d8fa6e1e366795ce698f9c0b7f -ms.sourcegitcommit: 47bd0e48c7dba1dde49baff60bc1eddc91ab10c5 -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/05/2022 -ms.locfileid: '145164723' --- -{% data reusables.user-settings.access_settings %} {% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5658 %} -2. 在边栏的“代码、规划和自动化”部分,单击“{% octicon "repo" aria-label="The repo icon" %} 存储库”。 +{% data reusables.user-settings.access_settings %} +{% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %} +2. In the "Code, planning, and automation" section of the sidebar, click **{% octicon "repo" aria-label="The repo icon" %} Repositories**. {% else %} -2. 在左侧边栏中,单击“存储库”。 - ![“存储库”选项卡](/assets/images/help/settings/settings-sidebar-repositories.png) {% endif %} -3. 在要离开的存储库旁边,单击“离开”。 - ![“离开”按钮](/assets/images/help/repository/repo-leave.png) -4. 仔细阅读警告,然后单击“I understand, leave this repository(我已了解,离开此仓库)”。 - ![警告你将离开的对话框](/assets/images/help/repository/repo-leave-confirmation.png) +2. In the left sidebar, click **Repositories**. + ![Repositories tab](/assets/images/help/settings/settings-sidebar-repositories.png) +{% endif %} +3. Next to the repository you want to leave, click **Leave**. + ![Leave button](/assets/images/help/repository/repo-leave.png) +4. Read the warning carefully, then click "I understand, leave this repository." + ![Dialog box warning you to leave](/assets/images/help/repository/repo-leave-confirmation.png) diff --git a/translations/zh-CN/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-personal-account-settings/managing-your-tab-size-rendering-preference.md b/translations/zh-CN/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-personal-account-settings/managing-your-tab-size-rendering-preference.md index 40cb22a058..a1bcb29bd0 100644 --- a/translations/zh-CN/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-personal-account-settings/managing-your-tab-size-rendering-preference.md +++ b/translations/zh-CN/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-personal-account-settings/managing-your-tab-size-rendering-preference.md @@ -3,7 +3,7 @@ title: 管理选项卡大小呈现首选项 intro: 可以管理选项卡占个人帐户的空间数。 versions: fpt: '*' - ghae: issue-5083 + ghae: '>= 3.4' ghes: '>=3.4' ghec: '*' topics: diff --git a/translations/zh-CN/content/actions/creating-actions/creating-a-javascript-action.md b/translations/zh-CN/content/actions/creating-actions/creating-a-javascript-action.md index 40b2f051be..6a56652420 100644 --- a/translations/zh-CN/content/actions/creating-actions/creating-a-javascript-action.md +++ b/translations/zh-CN/content/actions/creating-actions/creating-a-javascript-action.md @@ -1,6 +1,6 @@ --- -title: 创建 JavaScript 操作 -intro: 在本指南中,您将了解如何使用操作工具包构建 JavaScript 操作。 +title: Creating a JavaScript action +intro: 'In this guide, you''ll learn how to build a JavaScript action using the actions toolkit.' redirect_from: - /articles/creating-a-javascript-action - /github/automating-your-workflow-with-github-actions/creating-a-javascript-action @@ -16,54 +16,50 @@ topics: - Action development - JavaScript shortTitle: JavaScript action -ms.openlocfilehash: c42dca4205519f6799d7f92b254b75696853b7f9 -ms.sourcegitcommit: fcf3546b7cc208155fb8acdf68b81be28afc3d2d -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/10/2022 -ms.locfileid: '145084709' --- -{% data reusables.actions.enterprise-beta %} {% data reusables.actions.enterprise-github-hosted-runners %} -## 简介 +{% data reusables.actions.enterprise-beta %} +{% data reusables.actions.enterprise-github-hosted-runners %} -在本指南中,您将了解创建和使用打包的 JavaScript 操作所需的基本组件。 本指南的重点是打包操作所需的组件,因此很少讲操作代码的功能。 操作将在日志文件中打印“Hello World”或“Hello [who-to-greet]”(如果您提供自定义名称)。 +## Introduction -本指南使用 {% data variables.product.prodname_actions %} 工具包 Node.js 模块来加快开发速度。 有关详细信息,请参阅 [actions/toolkit](https://github.com/actions/toolkit) 存储库。 +In this guide, you'll learn about the basic components needed to create and use a packaged JavaScript action. To focus this guide on the components needed to package the action, the functionality of the action's code is minimal. The action prints "Hello World" in the logs or "Hello [who-to-greet]" if you provide a custom name. -完成此项目后,您应了解如何构建自己的 JavaScript 操作和在工作流程测试该操作。 +This guide uses the {% data variables.product.prodname_actions %} Toolkit Node.js module to speed up development. For more information, see the [actions/toolkit](https://github.com/actions/toolkit) repository. + +Once you complete this project, you should understand how to build your own JavaScript action and test it in a workflow. {% data reusables.actions.pure-javascript %} {% data reusables.actions.context-injection-warning %} -## 先决条件 +## Prerequisites -在开始之前,您需要下载 Node.js 并创建公共 {% data variables.product.prodname_dotcom %} 仓库。 +Before you begin, you'll need to download Node.js and create a public {% data variables.product.prodname_dotcom %} repository. -1. 下载并安装 Node.js {% ifversion fpt or ghes > 3.3 or ghae-issue-5504 or ghec %}16.x{% else %}12.x{% endif %},其中包含 npm。 +1. Download and install Node.js {% ifversion fpt or ghes > 3.3 or ghae > 3.3 or ghec %}16.x{% else %}12.x{% endif %}, which includes npm. - {% ifversion fpt or ghes > 3.3 or ghae-issue-5504 or ghec %} https://nodejs.org/en/download/{% else %} https://nodejs.org/en/download/releases/{% endif %} + {% ifversion fpt or ghes > 3.3 or ghae > 3.3 or ghec %}https://nodejs.org/en/download/{% else %}https://nodejs.org/en/download/releases/{% endif %} -1. 在 {% data variables.product.product_location %} 上创建一个新的公共仓库,并将其称为 "hello-world-javascript-action"。 有关详细信息,请参阅“[创建新存储库](/articles/creating-a-new-repository)”。 +1. Create a new public repository on {% data variables.product.product_location %} and call it "hello-world-javascript-action". For more information, see "[Create a new repository](/articles/creating-a-new-repository)." -1. 将仓库克隆到计算机。 有关详细信息,请参阅“[克隆存储库](/articles/cloning-a-repository)”。 +1. Clone your repository to your computer. For more information, see "[Cloning a repository](/articles/cloning-a-repository)." -1. 从您的终端,将目录更改为新仓库。 +1. From your terminal, change directories into your new repository. ```shell{:copy} cd hello-world-javascript-action ``` -1. 从你的终端,使用 npm 初始化目录以生成 `package.json` 文件。 +1. From your terminal, initialize the directory with npm to generate a `package.json` file. ```shell{:copy} npm init -y ``` -## 创建操作元数据文件 +## Creating an action metadata file -使用以下示例代码在 `hello-world-javascript-action` 目录中创建一个名为 `action.yml` 的新文件。 有关详细信息,请参阅“[{% data variables.product.prodname_actions %} 的元数据语法](/actions/creating-actions/metadata-syntax-for-github-actions)”。 +Create a new file named `action.yml` in the `hello-world-javascript-action` directory with the following example code. For more information, see "[Metadata syntax for {% data variables.product.prodname_actions %}](/actions/creating-actions/metadata-syntax-for-github-actions)." ```yaml{:copy} name: 'Hello World' @@ -77,38 +73,38 @@ outputs: time: # id of output description: 'The time we greeted you' runs: - using: {% ifversion fpt or ghes > 3.3 or ghae-issue-5504 or ghec %}'node16'{% else %}'node12'{% endif %} + using: {% ifversion fpt or ghes > 3.3 or ghae > 3.3 or ghec %}'node16'{% else %}'node12'{% endif %} main: 'index.js' ``` -此文件定义 `who-to-greet` 输入和 `time` 输出。 它还告知操作运行程序如何开始运行此 JavaScript 操作。 +This file defines the `who-to-greet` input and `time` output. It also tells the action runner how to start running this JavaScript action. -## 添加操作工具包 +## Adding actions toolkit packages -操作工具包是 Node.js 包的集合,可让您以更高的一致性快速构建 JavaScript 操作。 +The actions toolkit is a collection of Node.js packages that allow you to quickly build JavaScript actions with more consistency. -工具包 [`@actions/core`](https://github.com/actions/toolkit/tree/main/packages/core) 包为工作流命令、输入和输出变量、退出状态和调试消息提供了一个接口。 +The toolkit [`@actions/core`](https://github.com/actions/toolkit/tree/main/packages/core) package provides an interface to the workflow commands, input and output variables, exit statuses, and debug messages. -工具包还提供了一个 [`@actions/github`](https://github.com/actions/toolkit/tree/main/packages/github) 包,用于返回经验证的 Octokit REST 客户端和访问 GitHub Actions 上下文。 +The toolkit also offers a [`@actions/github`](https://github.com/actions/toolkit/tree/main/packages/github) package that returns an authenticated Octokit REST client and access to GitHub Actions contexts. -该工具包提供的不仅仅是 `core` 和 `github` 包。 有关详细信息,请参阅 [actions/toolkit](https://github.com/actions/toolkit) 存储库。 +The toolkit offers more than the `core` and `github` packages. For more information, see the [actions/toolkit](https://github.com/actions/toolkit) repository. -在终端上,安装操作工具包 `core` 和 `github` 包。 +At your terminal, install the actions toolkit `core` and `github` packages. ```shell{:copy} npm install @actions/core npm install @actions/github ``` -现在,应会看到 `node_modules` 目录(包含你刚安装的模块)和 `package-lock.json` 文件(包含已安装模块的依赖项和每个已安装模块的版本)。 +Now you should see a `node_modules` directory with the modules you just installed and a `package-lock.json` file with the installed module dependencies and the versions of each installed module. -## 编写操作代码 +## Writing the action code -此操作使用工具包获取操作元数据文件中所需的 `who-to-greet` 输入变量,然后在日志的调试消息中打印“Hello [who-to-greet]”。 接下来,该脚本会获取当前时间并将其设置为作业中稍后运行的操作可以使用的输出变量。 +This action uses the toolkit to get the `who-to-greet` input variable required in the action's metadata file and prints "Hello [who-to-greet]" in a debug message in the log. Next, the script gets the current time and sets it as an output variable that actions running later in a job can use. -GitHub Actions 提供有关 web 挂钩实践、Git 引用、工作流程、操作和触发工作流程的人员的上下文信息。 要访问上下文信息,你可以使用 `github` 包。 您将编写的操作将打印 web 挂钩事件有效负载日志。 +GitHub Actions provide context information about the webhook event, Git refs, workflow, action, and the person who triggered the workflow. To access the context information, you can use the `github` package. The action you'll write will print the webhook event payload to the log. -使用以下代码添加名为 `index.js` 的新文件。 +Add a new file called `index.js`, with the following code. {% raw %} ```javascript{:copy} @@ -130,20 +126,20 @@ try { ``` {% endraw %} -如果在上述 `index.js` 示例中引发错误,`core.setFailed(error.message);` 将使用操作工具包 [`@actions/core`](https://github.com/actions/toolkit/tree/main/packages/core) 包记录消息并设置失败退出代码。 有关详细信息,请参阅“[为操作设置退出代码](/actions/creating-actions/setting-exit-codes-for-actions)”。 +If an error is thrown in the above `index.js` example, `core.setFailed(error.message);` uses the actions toolkit [`@actions/core`](https://github.com/actions/toolkit/tree/main/packages/core) package to log a message and set a failing exit code. For more information, see "[Setting exit codes for actions](/actions/creating-actions/setting-exit-codes-for-actions)." -## 创建自述文件 +## Creating a README -要让人们了解如何使用您的操作,您可以创建自述文件。 自述文件在您计划公开分享操作时最有用,但也是提醒您或您的团队如何使用该操作的绝佳方式。 +To let people know how to use your action, you can create a README file. A README is most helpful when you plan to share your action publicly, but is also a great way to remind you or your team how to use the action. -在 `hello-world-javascript-action` 目录中,创建一个用于指定以下信息的 `README.md` 文件: +In your `hello-world-javascript-action` directory, create a `README.md` file that specifies the following information: -- 操作用途的详细说明。 -- 必需的输入和输出参数。 -- 可选输入和输出参数。 -- 操作使用的密钥。 -- 操作使用的环境变量。 -- 如何在工作流中使用操作的示例。 +- A detailed description of what the action does. +- Required input and output arguments. +- Optional input and output arguments. +- Secrets the action uses. +- Environment variables the action uses. +- An example of how to use your action in a workflow. ```markdown{:copy} # Hello world javascript action @@ -169,13 +165,13 @@ with: who-to-greet: 'Mona the Octocat' ``` -## 提交、标记和推送操作到 GitHub +## Commit, tag, and push your action to GitHub -{% data variables.product.product_name %} 下载运行时在工作流中运行的每个操作,并将其作为完整的代码包执行,然后才能使用 `run` 等工作流命令与运行器机器交互。 这意味着您必须包含运行 JavaScript 代码所需的所有包依赖项。 需要将工具包 `core` 和 `github` 包签入操作存储库。 +{% data variables.product.product_name %} downloads each action run in a workflow during runtime and executes it as a complete package of code before you can use workflow commands like `run` to interact with the runner machine. This means you must include any package dependencies required to run the JavaScript code. You'll need to check in the toolkit `core` and `github` packages to your action's repository. -从终端提交 `action.yml`、`index.js`、`node_modules`、`package.json`、`package-lock.json` 和 `README.md` 文件。 如果添加了列出 `node_modules` 的 `.gitignore` 文件,则需要删除该行以提交 `node_modules` 目录。 +From your terminal, commit your `action.yml`, `index.js`, `node_modules`, `package.json`, `package-lock.json`, and `README.md` files. If you added a `.gitignore` file that lists `node_modules`, you'll need to remove that line to commit the `node_modules` directory. -最佳做法是同时为操作版本添加版本标记。 有关对操作进行版本控制的详细信息,请参阅“[关于操作](/actions/automating-your-workflow-with-github-actions/about-actions#using-release-management-for-actions)”。 +It's best practice to also add a version tag for releases of your action. For more information on versioning your action, see "[About actions](/actions/automating-your-workflow-with-github-actions/about-actions#using-release-management-for-actions)." ```shell{:copy} git add action.yml index.js node_modules/* package.json package-lock.json README.md @@ -184,24 +180,24 @@ git tag -a -m "My first action release" v1.1 git push --follow-tags ``` -签入 `node_modules` 目录可能会导致问题。 作为替代方法,可以使用名为 [`@vercel/ncc`](https://github.com/vercel/ncc) 的工具将代码和模块编译到一个用于分发的文件中。 +Checking in your `node_modules` directory can cause problems. As an alternative, you can use a tool called [`@vercel/ncc`](https://github.com/vercel/ncc) to compile your code and modules into one file used for distribution. -1. 通过在终端中运行此命令来安装 `vercel/ncc`。 +1. Install `vercel/ncc` by running this command in your terminal. `npm i -g @vercel/ncc` -1. 编译 `index.js` 文件。 +1. Compile your `index.js` file. `ncc build index.js --license licenses.txt` - 你会看到一个包含代码和已编译模块的新 `dist/index.js` 文件。 - 你还将看到随附的 `dist/licenses.txt` 文件,其中包含所用 `node_modules` 的所有许可证。 + You'll see a new `dist/index.js` file with your code and the compiled modules. + You will also see an accompanying `dist/licenses.txt` file containing all the licenses of the `node_modules` you are using. -1. 更改 `action.yml` 文件中的 `main` 关键字以使用新的 `dist/index.js` 文件。 +1. Change the `main` keyword in your `action.yml` file to use the new `dist/index.js` file. `main: 'dist/index.js'` -1. 如果已签入 `node_modules` 目录,请将其删除。 +1. If you already checked in your `node_modules` directory, remove it. `rm -rf node_modules/*` -1. 从终端提交对 `action.yml`、`dist/index.js` 和 `node_modules` 文件的更新。 +1. From your terminal, commit the updates to your `action.yml`, `dist/index.js`, and `node_modules` files. ```shell{:copy} git add action.yml dist/index.js node_modules/* git commit -m "Use vercel/ncc" @@ -209,17 +205,17 @@ git tag -a -m "My first action release" v1.1 git push --follow-tags ``` -## 在工作流程中测试您的操作 +## Testing out your action in a workflow -现在,您已准备好在工作流程中测试您的操作。 当某项操作位于专用存储库中时,该操作只能在同一存储库的工作流中使用。 位于任何存储库内的工作流均可使用公共操作。 +Now you're ready to test your action out in a workflow. When an action is in a private repository, the action can only be used in workflows in the same repository. Public actions can be used by workflows in any repository. {% data reusables.actions.enterprise-marketplace-actions %} -### 使用公共操作的示例 +### Example using a public action -此示例显示您的新公共操作如何从外部仓库中运行。 +This example demonstrates how your new public action can be run from within an external repository. -将以下 YAML 复制到 `.github/workflows/main.yml` 处的新文件中,并使用你的用户名和你在上面创建的公共存储库的名称更新 `uses: octocat/hello-world-javascript-action@v1.1` 行。 还可以将 `who-to-greet` 输入替换为你的名称。 +Copy the following YAML into a new file at `.github/workflows/main.yml`, and update the `uses: octocat/hello-world-javascript-action@v1.1` line with your username and the name of the public repository you created above. You can also replace the `who-to-greet` input with your name. {% raw %} ```yaml{:copy} @@ -241,13 +237,13 @@ jobs: ``` {% endraw %} -当触发此工作流时,运行器将从你的公共存储库下载 `hello-world-javascript-action` 操作,然后执行它。 +When this workflow is triggered, the runner will download the `hello-world-javascript-action` action from your public repository and then execute it. -### 使用私有操作的示例 +### Example using a private action -将工作流代码复制到操作存储库中的 `.github/workflows/main.yml` 文件中。 还可以将 `who-to-greet` 输入替换为你的名称。 +Copy the workflow code into a `.github/workflows/main.yml` file in your action's repository. You can also replace the `who-to-greet` input with your name. -.github/workflows/main.yml +**.github/workflows/main.yml** ```yaml{:copy} on: [push] @@ -270,6 +266,6 @@ jobs: run: echo "The time was {% raw %}${{ steps.hello.outputs.time }}{% endraw %}" ``` -从存储库中,单击“操作”选项卡,然后选择最新的工作流运行。 在“作业”下或可视化图中,单击“表示问候的作业” 。 应会看到“Hello Mona the Octocat”或你用于 `who-to-greet` 输入的名称以及日志中打印的时间戳。 +From your repository, click the **Actions** tab, and select the latest workflow run. Under **Jobs** or in the visualization graph, click **A job to say hello**. You should see "Hello Mona the Octocat" or the name you used for the `who-to-greet` input and the timestamp printed in the log. -![在工作流中使用操作的屏幕截图](/assets/images/help/repository/javascript-action-workflow-run-updated-2.png) +![A screenshot of using your action in a workflow](/assets/images/help/repository/javascript-action-workflow-run-updated-2.png) diff --git a/translations/zh-CN/content/actions/creating-actions/metadata-syntax-for-github-actions.md b/translations/zh-CN/content/actions/creating-actions/metadata-syntax-for-github-actions.md index 95a0a4ff9a..58a58b0664 100644 --- a/translations/zh-CN/content/actions/creating-actions/metadata-syntax-for-github-actions.md +++ b/translations/zh-CN/content/actions/creating-actions/metadata-syntax-for-github-actions.md @@ -1,7 +1,7 @@ --- -title: GitHub Actions 的元数据语法 +title: Metadata syntax for GitHub Actions shortTitle: Metadata syntax -intro: 可创建操作来执行存储库中的任务。 操作需要使用 YAML 语法的元数据文件。 +intro: You can create actions to perform tasks in your repository. Actions require a metadata file that uses YAML syntax. redirect_from: - /articles/metadata-syntax-for-github-actions - /github/automating-your-workflow-with-github-actions/metadata-syntax-for-github-actions @@ -14,40 +14,36 @@ versions: ghec: '*' type: reference miniTocMaxHeadingLevel: 4 -ms.openlocfilehash: b475c4066ae79836184f3136cfb06585fa761960 -ms.sourcegitcommit: b0323777cfe4324a09552d0ea268d1afacc3da37 -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 08/17/2022 -ms.locfileid: '147580549' --- -{% data reusables.actions.enterprise-beta %} {% data reusables.actions.enterprise-github-hosted-runners %} -## 关于 {% data variables.product.prodname_actions %} 的 YAML 语法 +{% data reusables.actions.enterprise-beta %} +{% data reusables.actions.enterprise-github-hosted-runners %} -所有操作都需要元数据文件。 元数据文件名必须为 `action.yml` 或 `action.yaml`。 元数据文件中的数据定义操作的输入、输出和运行配置。 +## About YAML syntax for {% data variables.product.prodname_actions %} -操作元数据文件使用 YAML 语法。 如果不熟悉 YAML,可以阅读“[用五分钟的时间来了解 YAML](https://www.codeproject.com/Articles/1214409/Learn-YAML-in-five-minutes)”。 +All actions require a metadata file. The metadata filename must be either `action.yml` or `action.yaml`. The data in the metadata file defines the inputs, outputs, and runs configuration for your action. + +Action metadata files use YAML syntax. If you're new to YAML, you can read "[Learn YAML in five minutes](https://www.codeproject.com/Articles/1214409/Learn-YAML-in-five-minutes)." ## `name` -(必需)操作的名称。 {% data variables.product.prodname_dotcom %} 在“操作”选项卡中显示 `name`,以帮助直观地识别每个作业中的操作。 +**Required** The name of your action. {% data variables.product.prodname_dotcom %} displays the `name` in the **Actions** tab to help visually identify actions in each job. ## `author` -(可选)操作创建者的姓名。 +**Optional** The name of the action's author. ## `description` -(必需)操作的简短说明。 +**Required** A short description of the action. ## `inputs` -(可选)可通过输入参数指定操作预期在运行时使用的数据。 {% data variables.product.prodname_dotcom %} 将输入参数存储为环境变量。 大写的输入 ID 在运行时转换为小写。 建议使用小写输入 ID。 +**Optional** Input parameters allow you to specify data that the action expects to use during runtime. {% data variables.product.prodname_dotcom %} stores input parameters as environment variables. Input ids with uppercase letters are converted to lowercase during runtime. We recommended using lowercase input ids. -### 示例:指定输入 +### Example: Specifying inputs -此示例配置两个输入:numOctocats 和 octocatEyeColor。 numOctocats 输入不是必要的,默认值为 '1'。 octocatEyeColor 输入是必要的,没有默认值。 使用此操作的工作流文件必须使用 `with` 关键字来设置 octocatEyeColor 的输入值。 有关 `with` 语法的详细信息,请参阅“[{% data variables.product.prodname_actions %} 的工作流语法](/articles/workflow-syntax-for-github-actions/#jobsjob_idstepswith)”。 +This example configures two inputs: numOctocats and octocatEyeColor. The numOctocats input is not required and will default to a value of '1'. The octocatEyeColor input is required and has no default value. Workflow files that use this action must use the `with` keyword to set an input value for octocatEyeColor. For more information about the `with` syntax, see "[Workflow syntax for {% data variables.product.prodname_actions %}](/articles/workflow-syntax-for-github-actions/#jobsjob_idstepswith)." ```yaml inputs: @@ -60,43 +56,43 @@ inputs: required: true ``` -当在工作流文件中指定输入或使用默认输入值时,{% data variables.product.prodname_dotcom %} 将为输入创建一个名为 `INPUT_` 的环境变量。 创建的环境变量将输入名称转换为大写字母并将空格替换为 `_` 字符。 +When you specify an input in a workflow file or use a default input value, {% data variables.product.prodname_dotcom %} creates an environment variable for the input with the name `INPUT_`. The environment variable created converts input names to uppercase letters and replaces spaces with `_` characters. -如果操作是使用 [composite](/actions/creating-actions/creating-a-composite-action) 编写的,则不会自动获得 `INPUT_`。 如果不进行转换,您可以手动更改这些输入。 +If the action is written using a [composite](/actions/creating-actions/creating-a-composite-action), then it will not automatically get `INPUT_`. If the conversion doesn't occur, you can change these inputs manually. -若要访问 Docker 容器操作中的环境变量,必须使用操作元数据文件中的关键字 `args` 传递输入。 有关 Docker 容器操作的操作元数据文件的详细信息,请参阅“[创建 Docker 容器操作](/articles/creating-a-docker-container-action#creating-an-action-metadata-file)”。 +To access the environment variable in a Docker container action, you must pass the input using the `args` keyword in the action metadata file. For more information about the action metadata file for Docker container actions, see "[Creating a Docker container action](/articles/creating-a-docker-container-action#creating-an-action-metadata-file)." -例如,如果工作流定义了 `numOctocats` 和 `octocatEyeColor` 输入,则操作代码可以使用 `INPUT_NUMOCTOCATS` 和 `INPUT_OCTOCATEYECOLOR` 环境变量读取输入的值。 +For example, if a workflow defined the `numOctocats` and `octocatEyeColor` inputs, the action code could read the values of the inputs using the `INPUT_NUMOCTOCATS` and `INPUT_OCTOCATEYECOLOR` environment variables. ### `inputs.` -(必需)与输入关联的 `string` 标识符。 `` 的值为输入元数据的映射。 `` 必须是 `inputs` 对象中的唯一标识符。 `` 必须以字母或 `_` 开头,并且只能包含字母数字字符、`-` 或 `_`。 +**Required** A `string` identifier to associate with the input. The value of `` is a map of the input's metadata. The `` must be a unique identifier within the `inputs` object. The `` must start with a letter or `_` and contain only alphanumeric characters, `-`, or `_`. ### `inputs..description` -(必需)输入参数的 `string` 说明。 +**Required** A `string` description of the input parameter. ### `inputs..required` -(可选)一个 `boolean`,用于指示操作是否需要输入参数。 如果需要参数,则将其设置为 `true`。 +**Optional** A `boolean` to indicate whether the action requires the input parameter. Set to `true` when the parameter is required. ### `inputs..default` -(可选)表示默认值的 `string`。 当工作流程文件中未指定输入参数时使用默认值。 +**Optional** A `string` representing the default value. The default value is used when an input parameter isn't specified in a workflow file. ### `inputs..deprecationMessage` -(可选)如果使用了输入参数,则会将此 `string` 记录为警告消息。 您可以使用此警告通知用户输入已被弃用,并提及任何其他替代方式。 +**Optional** If the input parameter is used, this `string` is logged as a warning message. You can use this warning to notify users that the input is deprecated and mention any alternatives. -## 用于 Docker 容器和 JavaScript 操作的 `outputs` +## `outputs` for Docker container and JavaScript actions -(可选)可通过输出参数声明操作设置的数据。 稍后在工作流程中运行的操作可以使用以前运行操作中的输出数据集。 例如,如果有操作执行两个输入的相加 (x + y = z),则该操作可能输出总和 (z),用作其他操作的输入。 +**Optional** Output parameters allow you to declare data that an action sets. Actions that run later in a workflow can use the output data set in previously run actions. For example, if you had an action that performed the addition of two inputs (x + y = z), the action could output the sum (z) for other actions to use as an input. {% data reusables.actions.output-limitations %} -如果不在操作元数据文件中声明输出,您仍然可以设置输出并在工作流程中使用它们。 有关在操作中设置输出的详细信息,请参阅“[{% data variables.product.prodname_actions %} 的工作流命令](/actions/reference/workflow-commands-for-github-actions/#setting-an-output-parameter)”。 +If you don't declare an output in your action metadata file, you can still set outputs and use them in a workflow. For more information on setting outputs in an action, see "[Workflow commands for {% data variables.product.prodname_actions %}](/actions/reference/workflow-commands-for-github-actions/#setting-an-output-parameter)." -### 示例:声明 Docker 容器和 JavaScript 操作的输出 +### Example: Declaring outputs for Docker container and JavaScript actions ```yaml outputs: @@ -106,19 +102,19 @@ outputs: ### `outputs.` -(必需)与输出关联的 `string` 标识符。 `` 的值为输出元数据的映射。 `` 必须是 `outputs` 对象中的唯一标识符。 `` 必须以字母或 `_` 开头,并且只能包含字母数字字符、`-` 或 `_`。 +**Required** A `string` identifier to associate with the output. The value of `` is a map of the output's metadata. The `` must be a unique identifier within the `outputs` object. The `` must start with a letter or `_` and contain only alphanumeric characters, `-`, or `_`. ### `outputs..description` -(必需)输出参数的 `string` 说明。 +**Required** A `string` description of the output parameter. -## 用于组合操作的 `outputs` +## `outputs` for composite actions -(可选)`outputs` 使用与 `outputs.` 和 `outputs..description` 相同的参数(请参阅“[用于 Docker 容器和 JavaScript 操作的 `outputs`](#outputs-for-docker-container-and-javascript-actions)”),但也包括 `value` 令牌。 +**Optional** `outputs` use the same parameters as `outputs.` and `outputs..description` (see "[`outputs` for Docker container and JavaScript actions](#outputs-for-docker-container-and-javascript-actions)"), but also includes the `value` token. {% data reusables.actions.output-limitations %} -### 示例:声明复合操作的 outputs +### Example: Declaring outputs for composite actions {% raw %} ```yaml @@ -137,46 +133,46 @@ runs: ### `outputs..value` -(必需)输出参数将映射到的值。 可以将此项设置为 `string` 或带有上下文的表达式。 例如,可以使用 `steps` 上下文将输出的 `value` 设置为步骤的输出值。 +**Required** The value that the output parameter will be mapped to. You can set this to a `string` or an expression with context. For example, you can use the `steps` context to set the `value` of an output to the output value of a step. -有关如何使用上下文语法的详细信息,请参阅“[上下文](/actions/learn-github-actions/contexts)”。 +For more information on how to use context syntax, see "[Contexts](/actions/learn-github-actions/contexts)." ## `runs` -(必需)指定该操作是 JavaScript 操作、组合操作还是 Docker 容器操作,以及操作的执行方式。 +**Required** Specifies whether this is a JavaScript action, a composite action, or a Docker container action and how the action is executed. -## JavaScript 操作的 `runs` +## `runs` for JavaScript actions -(必需)配置操作代码的路径和用于执行代码的运行时。 +**Required** Configures the path to the action's code and the runtime used to execute the code. -### 示例:使用 Node.js {% ifversion fpt or ghes > 3.3 or ghae-issue-5504 or ghec %}v16{% else %}v12{% endif %} +### Example: Using Node.js {% ifversion fpt or ghes > 3.3 or ghae > 3.3 or ghec %}v16{% else %}v12{% endif %} ```yaml runs: - using: {% ifversion fpt or ghes > 3.3 or ghae-issue-5504 or ghec %}'node16'{% else %}'node12'{% endif %} + using: {% ifversion fpt or ghes > 3.3 or ghae > 3.3 or ghec %}'node16'{% else %}'node12'{% endif %} main: 'main.js' ``` ### `runs.using` -(必需)用于执行 [`main`](#runsmain) 中指定的代码的运行时。 +**Required** The runtime used to execute the code specified in [`main`](#runsmain). -- 对于 Node.js v12.{% ifversion fpt or ghes > 3.3 or ghae-issue-5504 or ghec %},请使用 `node12`。 -- 对 Node.js v16.{% endif %},请使用 `node16` +- Use `node12` for Node.js v12.{% ifversion fpt or ghes > 3.3 or ghae > 3.3 or ghec %} +- Use `node16` for Node.js v16.{% endif %} ### `runs.main` -(必需)包含操作代码的文件。 [`using`](#runsusing) 中指定的运行时执行此文件。 +**Required** The file that contains your action code. The runtime specified in [`using`](#runsusing) executes this file. ### `runs.pre` -(可选)允许在 `main:` 操作开始之前在作业启动时运行脚本。 例如,可以使用 `pre:` 运行先决条件安装脚本。 使用 [`using`](#runsusing) 语法指定的运行时将执行此文件。 `pre:` 操作始终默认运行,但你也可使用 [`runs.pre-if`](#runspre-if) 替代该操作。 +**Optional** Allows you to run a script at the start of a job, before the `main:` action begins. For example, you can use `pre:` to run a prerequisite setup script. The runtime specified with the [`using`](#runsusing) syntax will execute this file. The `pre:` action always runs by default but you can override this using [`runs.pre-if`](#runspre-if). -在此示例中,`pre:` 操作运行名为 `setup.js` 的脚本: +In this example, the `pre:` action runs a script called `setup.js`: ```yaml runs: - using: {% ifversion fpt or ghes > 3.3 or ghae-issue-5504 or ghec %}'node16'{% else %}'node12'{% endif %} + using: {% ifversion fpt or ghes > 3.3 or ghae > 3.3 or ghec %}'node16'{% else %}'node12'{% endif %} pre: 'setup.js' main: 'index.js' post: 'cleanup.js' @@ -184,11 +180,11 @@ runs: ### `runs.pre-if` -(可选)允许定义 `pre:` 操作执行的条件。 仅当满足 `pre-if` 中的条件时,才会运行 `pre:` 操作。 如果未设置此项,则 `pre-if` 默认为 `always()`。 在 `pre-if` 中,状态检查函数根据作业的状态(而不是操作的状态)进行评估。 +**Optional** Allows you to define conditions for the `pre:` action execution. The `pre:` action will only run if the conditions in `pre-if` are met. If not set, then `pre-if` defaults to `always()`. In `pre-if`, status check functions evaluate against the job's status, not the action's own status. -请注意,`step` 上下文不可用,因为尚未运行任何步骤。 +Note that the `step` context is unavailable, as no steps have run yet. -在此示例中,`cleanup.js` 仅在基于 Linux 的运行器上运行: +In this example, `cleanup.js` only runs on Linux-based runners: ```yaml pre: 'cleanup.js' @@ -197,47 +193,53 @@ runs: ### `runs.post` -(可选)允许在 `main:` 操作完成后在作业结束时运行脚本。 例如,可使用 `post:` 终止某些进程或删除不需要的文件。 使用 [`using`](#runsusing) 语法指定的运行时将执行此文件。 +**Optional** Allows you to run a script at the end of a job, once the `main:` action has completed. For example, you can use `post:` to terminate certain processes or remove unneeded files. The runtime specified with the [`using`](#runsusing) syntax will execute this file. -在此示例中,`post:` 操作运行名为 `cleanup.js` 的脚本: +In this example, the `post:` action runs a script called `cleanup.js`: ```yaml runs: - using: {% ifversion fpt or ghes > 3.3 or ghae-issue-5504 or ghec %}'node16'{% else %}'node12'{% endif %} + using: {% ifversion fpt or ghes > 3.3 or ghae > 3.3 or ghec %}'node16'{% else %}'node12'{% endif %} main: 'index.js' post: 'cleanup.js' ``` -`post:` 操作始终默认运行,但你也可使用 `post-if` 替代该操作。 +The `post:` action always runs by default but you can override this using `post-if`. ### `runs.post-if` -(可选)允许定义 `post:` 操作执行的条件。 仅当满足 `post-if` 中的条件时,才会运行 `post:` 操作。 如果未设置此项,则 `post-if` 默认为 `always()`。 在 `post-if` 中,状态检查函数根据作业的状态(而不是操作的状态)进行评估。 +**Optional** Allows you to define conditions for the `post:` action execution. The `post:` action will only run if the conditions in `post-if` are met. If not set, then `post-if` defaults to `always()`. In `post-if`, status check functions evaluate against the job's status, not the action's own status. -例如,此 `cleanup.js` 将仅在基于 Linux 的运行器上运行: +For example, this `cleanup.js` will only run on Linux-based runners: ```yaml post: 'cleanup.js' post-if: runner.os == 'linux' ``` -## 用于组合操作的 `runs` +## `runs` for composite actions -(必需)配置组合操作的路径。 +**Required** Configures the path to the composite action. ### `runs.using` -(必需)必须将此值设置为 `'composite'`。 +**Required** You must set this value to `'composite'`. ### `runs.steps` -{% ifversion fpt or ghes > 3.2 or ghae or ghec %}“必需”计划在此操作中运行的步骤。 这些步骤可以是 `run` 步骤,也可以是 `uses` 步骤。 -{% else %}(必需)计划在此操作中运行的步骤。 +{% ifversion fpt or ghes > 3.2 or ghae or ghec %} +**Required** The steps that you plan to run in this action. These can be either `run` steps or `uses` steps. +{% else %} +**Required** The steps that you plan to run in this action. {% endif %} #### `runs.steps[*].run` -{% ifversion fpt or ghes > 3.2 or ghae or ghec %}“可选”要运行的命令。 此命令可以是内联命令,也可以是操作存储库中的脚本:{% else %}(必需)要运行的命令。 此命令可以是内联命令,也可以是操作存储库中的脚本:{% endif %} +{% ifversion fpt or ghes > 3.2 or ghae or ghec %} +**Optional** The command you want to run. This can be inline or a script in your action repository: +{% else %} +**Required** The command you want to run. This can be inline or a script in your action repository: +{% endif %} {% raw %} ```yaml @@ -249,7 +251,7 @@ runs: ``` {% endraw %} -也可使用 `$GITHUB_ACTION_PATH`: +Alternatively, you can use `$GITHUB_ACTION_PATH`: ```yaml runs: @@ -259,24 +261,26 @@ runs: shell: bash ``` -有关详细信息,请参阅“[`github context`](/actions/reference/context-and-expression-syntax-for-github-actions#github-context)”。 +For more information, see "[`github context`](/actions/reference/context-and-expression-syntax-for-github-actions#github-context)". #### `runs.steps[*].shell` -{% ifversion fpt or ghes > 3.2 or ghae or ghec %}“可选”要在其中运行命令的 shell。 可以使用[此处](/actions/reference/workflow-syntax-for-github-actions#jobsjob_idstepsshell)列出的任何 shell。 如果设置了 `run`,则为必需项。 -{% else %}(必需)要在其中运行命令的 shell。 可以使用[此处](/actions/reference/workflow-syntax-for-github-actions#jobsjob_idstepsshell)列出的任何 shell。 如果设置了 `run`,则为必需项。 +{% ifversion fpt or ghes > 3.2 or ghae or ghec %} +**Optional** The shell where you want to run the command. You can use any of the shells listed [here](/actions/reference/workflow-syntax-for-github-actions#jobsjob_idstepsshell). Required if `run` is set. +{% else %} +**Required** The shell where you want to run the command. You can use any of the shells listed [here](/actions/reference/workflow-syntax-for-github-actions#jobsjob_idstepsshell). Required if `run` is set. {% endif %} -{% ifversion fpt or ghes > 3.3 or ghae-issue-5504 or ghec %} +{% ifversion fpt or ghes > 3.3 or ghae > 3.3 or ghec %} #### `runs.steps[*].if` -(可选)可以使用 `if` 条件来阻止步骤运行,除非满足条件。 您可以使用任何支持上下文和表达式来创建条件。 +**Optional** You can use the `if` conditional to prevent a step from running unless a condition is met. You can use any supported context and expression to create a conditional. -{% data reusables.actions.expression-syntax-if %} 有关详细信息,请参阅“[表达式](/actions/learn-github-actions/expressions)”。 +{% data reusables.actions.expression-syntax-if %} For more information, see "[Expressions](/actions/learn-github-actions/expressions)." -示例:使用上下文 +**Example: Using contexts** - 此步骤仅在事件类型为 `pull_request` 且事件操作为 `unassigned` 时运行。 + This step only runs when the event type is a `pull_request` and the event action is `unassigned`. ```yaml steps: @@ -284,9 +288,9 @@ steps: if: {% raw %}${{ github.event_name == 'pull_request' && github.event.action == 'unassigned' }}{% endraw %} ``` -示例:使用状态检查函数 +**Example: Using status check functions** -`my backup step` 仅在组合操作的上一步失败时运行。 有关详细信息,请参阅“[表达式](/actions/learn-github-actions/expressions#status-check-functions)”。 +The `my backup step` only runs when the previous step of a composite action fails. For more information, see "[Expressions](/actions/learn-github-actions/expressions#status-check-functions)." ```yaml steps: @@ -300,31 +304,31 @@ steps: #### `runs.steps[*].name` -(可选)组合步骤的名称。 +**Optional** The name of the composite step. #### `runs.steps[*].id` -(可选)步骤的唯一标识符。 可以使用 `id` 在上下文中引用该步骤。 有关详细信息,请参阅“[上下文](/actions/learn-github-actions/contexts)”。 +**Optional** A unique identifier for the step. You can use the `id` to reference the step in contexts. For more information, see "[Contexts](/actions/learn-github-actions/contexts)." #### `runs.steps[*].env` -(可选)仅为该步骤设置环境变量的 `map`。 如果要修改存储在工作流中的环境变量,请在组合步骤中使用 `echo "{name}={value}" >> $GITHUB_ENV`。 +**Optional** Sets a `map` of environment variables for only that step. If you want to modify the environment variable stored in the workflow, use `echo "{name}={value}" >> $GITHUB_ENV` in a composite step. #### `runs.steps[*].working-directory` -(可选)指定在其中运行命令的工作目录。 +**Optional** Specifies the working directory where the command is run. {% ifversion fpt or ghes > 3.2 or ghae or ghec %} #### `runs.steps[*].uses` -(可选)选择要作为作业中步骤的一部分运行的操作。 操作是一种可重复使用的代码单位。 可以使用在与工作流、公共存储库或[已发布的 Docker 容器映像](https://hub.docker.com/)相同的存储库中定义的操作。 +**Optional** Selects an action to run as part of a step in your job. An action is a reusable unit of code. You can use an action defined in the same repository as the workflow, a public repository, or in a [published Docker container image](https://hub.docker.com/). -强烈建议指定 Git ref、SHA 或 Docker 标记编号来包含所用操作的版本。 如果不指定版本,在操作所有者发布更新时可能会中断您的工作流程或造成非预期的行为。 -- 使用已发行操作版本的 SHA 对于稳定性和安全性是最安全的。 -- 使用特定主要操作版本可在保持兼容性的同时接收关键修复和安全补丁。 还可确保您的工作流程继续工作。 -- 使用操作的默认分支可能很方便,但如果有人新发布具有突破性更改的主要版本,您的工作流程可能会中断。 +We strongly recommend that you include the version of the action you are using by specifying a Git ref, SHA, or Docker tag number. If you don't specify a version, it could break your workflows or cause unexpected behavior when the action owner publishes an update. +- Using the commit SHA of a released action version is the safest for stability and security. +- Using the specific major action version allows you to receive critical fixes and security patches while still maintaining compatibility. It also assures that your workflow should still work. +- Using the default branch of an action may be convenient, but if someone releases a new major version with a breaking change, your workflow could break. -某些操作需要必须使用 [`with`](/actions/reference/workflow-syntax-for-github-actions#jobsjob_idstepswith) 关键字设置的输入。 请查阅操作的自述文件,确定所需的输入。 +Some actions require inputs that you must set using the [`with`](/actions/reference/workflow-syntax-for-github-actions#jobsjob_idstepswith) keyword. Review the action's README file to determine the inputs required. ```yaml runs: @@ -350,7 +354,7 @@ runs: #### `runs.steps[*].with` -(可选)由操作定义的输入参数的 `map`。 每个输入参数都是一个键/值对。 输入参数被设置为环境变量。 该变量的前缀为 INPUT_,并转换为大写。 +**Optional** A `map` of the input parameters defined by the action. Each input parameter is a key/value pair. For more information, see [Example: Specifying inputs](#example-specifying-inputs). ```yaml runs: @@ -365,19 +369,19 @@ runs: ``` {% endif %} -{% ifversion ghes > 3.5 or ghae-issue-6573 %} +{% ifversion ghes > 3.5 or ghae > 3.5 %} #### `runs.steps[*].continue-on-error` -可选 步骤失败时,防止操作失败。 设置为 `true` 以在此步骤失败时让操作能够通过。 +**Optional** Prevents the action from failing when a step fails. Set to `true` to allow the action to pass when this step fails. {% endif %} -## 用于 Docker 容器操作的 `runs` +## `runs` for Docker container actions -(必需)配置用于 Docker 容器操作的映像。 +**Required** Configures the image used for the Docker container action. -### 示例:在仓库中使用 Dockerfile +### Example: Using a Dockerfile in your repository ```yaml runs: @@ -385,7 +389,7 @@ runs: image: 'Dockerfile' ``` -### 示例:使用公共 Docker 注册表容器 +### Example: Using public Docker registry container ```yaml runs: @@ -395,15 +399,15 @@ runs: ### `runs.using` -(必需)必须将此值设置为 `'docker'`。 +**Required** You must set this value to `'docker'`. ### `runs.pre-entrypoint` -(可选)允许在 `entrypoint` 操作开始之前运行脚本。 例如,可以使用 `pre-entrypoint:` 运行先决条件安装脚本。 {% data variables.product.prodname_actions %} 使用 `docker run` 启动此操作,并在使用相同基础映像的新容器中运行脚本。 这意味着运行时状态与主 `entrypoint` 容器不同,所需的任何状态都必须在工作区、`HOME` 中或作为 `STATE_` 变量可供访问。 `pre-entrypoint:` 操作始终默认运行,但你也可使用 [`runs.pre-if`](#runspre-if) 替代该操作。 +**Optional** Allows you to run a script before the `entrypoint` action begins. For example, you can use `pre-entrypoint:` to run a prerequisite setup script. {% data variables.product.prodname_actions %} uses `docker run` to launch this action, and runs the script inside a new container that uses the same base image. This means that the runtime state is different from the main `entrypoint` container, and any states you require must be accessed in either the workspace, `HOME`, or as a `STATE_` variable. The `pre-entrypoint:` action always runs by default but you can override this using [`runs.pre-if`](#runspre-if). -使用 [`using`](#runsusing) 语法指定的运行时将执行此文件。 +The runtime specified with the [`using`](#runsusing) syntax will execute this file. -在此示例中,`pre-entrypoint:` 操作运行名为 `setup.sh` 的脚本: +In this example, the `pre-entrypoint:` action runs a script called `setup.sh`: ```yaml runs: @@ -417,21 +421,21 @@ runs: ### `runs.image` -(必需)要用作运行操作的容器的 Docker 映像。 该值可以是 Docker 基础映像名称、存储库中的本地 `Dockerfile`,也可以是 Docker Hub 或其他注册表中的公共映像。 若要引用存储库本地的 `Dockerfile`,文件必须命名为 `Dockerfile`,并且必须使用操作元数据文件的相对路径。 `docker` 应用程序将执行此文件。 +**Required** The Docker image to use as the container to run the action. The value can be the Docker base image name, a local `Dockerfile` in your repository, or a public image in Docker Hub or another registry. To reference a `Dockerfile` local to your repository, the file must be named `Dockerfile` and you must use a path relative to your action metadata file. The `docker` application will execute this file. ### `runs.env` -(可选)指定要在容器环境中设置的环境变量的键/值映射。 +**Optional** Specifies a key/value map of environment variables to set in the container environment. ### `runs.entrypoint` -(可选)如果已指定该项,则替代 `Dockerfile` 中的 Docker `ENTRYPOINT`,否则对其进行设置。 如果 `Dockerfile` 未指定 `ENTRYPOINT` 或要替代 `ENTRYPOINT` 指令,请使用 `entrypoint`。 如果省略 `entrypoint`,将执行在 Docker `ENTRYPOINT` 指令中指定的命令。 Docker `ENTRYPOINT` 指令具有 shell 形式和 exec 形式 。 Docker `ENTRYPOINT` 文档建议使用 `ENTRYPOINT` 指令的 exec 形式。 +**Optional** Overrides the Docker `ENTRYPOINT` in the `Dockerfile`, or sets it if one wasn't already specified. Use `entrypoint` when the `Dockerfile` does not specify an `ENTRYPOINT` or you want to override the `ENTRYPOINT` instruction. If you omit `entrypoint`, the commands you specify in the Docker `ENTRYPOINT` instruction will execute. The Docker `ENTRYPOINT` instruction has a _shell_ form and _exec_ form. The Docker `ENTRYPOINT` documentation recommends using the _exec_ form of the `ENTRYPOINT` instruction. -有关 `entrypoint` 如何执行的详细信息,请参阅“[{% data variables.product.prodname_actions %} 的Dockerfile 支持](/actions/creating-actions/dockerfile-support-for-github-actions/#entrypoint)”。 +For more information about how the `entrypoint` executes, see "[Dockerfile support for {% data variables.product.prodname_actions %}](/actions/creating-actions/dockerfile-support-for-github-actions/#entrypoint)." ### `runs.post-entrypoint` -(可选)允许在 `runs.entrypoint` 操作完成后运行清理脚本。 {% data variables.product.prodname_actions %} 使用 `docker run` 启动此操作。 由于 {% data variables.product.prodname_actions %} 使用相同的基础映像在新容器内运行脚本,因此运行时状态与主 `entrypoint` 容器不同。 可以在工作区、`HOME` 或 `STATE_` 变量中访问所需的任何状态。 `post-entrypoint:` 操作始终默认运行,但你也可使用 [`runs.post-if`](#runspost-if) 替代该操作。 +**Optional** Allows you to run a cleanup script once the `runs.entrypoint` action has completed. {% data variables.product.prodname_actions %} uses `docker run` to launch this action. Because {% data variables.product.prodname_actions %} runs the script inside a new container using the same base image, the runtime state is different from the main `entrypoint` container. You can access any state you need in either the workspace, `HOME`, or as a `STATE_` variable. The `post-entrypoint:` action always runs by default but you can override this using [`runs.post-if`](#runspost-if). ```yaml runs: @@ -445,17 +449,17 @@ runs: ### `runs.args` -(可选)用于定义 Docker 容器的输入的字符串数组。 输入可包含硬编码的字符串。 {% data variables.product.prodname_dotcom %} 在容器启动时将 `args` 传递到容器的 `ENTRYPOINT`。 +**Optional** An array of strings that define the inputs for a Docker container. Inputs can include hardcoded strings. {% data variables.product.prodname_dotcom %} passes the `args` to the container's `ENTRYPOINT` when the container starts up. -`args` 用于代替 `Dockerfile` 中的 `CMD` 指令。 如果在 `Dockerfile` 中使用 `CMD`,请使用按偏好排序的指南: +The `args` are used in place of the `CMD` instruction in a `Dockerfile`. If you use `CMD` in your `Dockerfile`, use the guidelines ordered by preference: {% data reusables.actions.dockerfile-guidelines %} -如果需要将环境变量传递到操作中,请确保操作运行命令 shell 以执行变量替换。 例如,如果 `entrypoint` 属性设置为 `"sh -c"`,则 `args` 将在命令 shell 中运行。 此外,如果 `Dockerfile` 使用 `ENTRYPOINT` 运行相同的命令 (`"sh -c"`),则 `args` 也将在命令 shell 中执行。 +If you need to pass environment variables into an action, make sure your action runs a command shell to perform variable substitution. For example, if your `entrypoint` attribute is set to `"sh -c"`, `args` will be run in a command shell. Alternatively, if your `Dockerfile` uses an `ENTRYPOINT` to run the same command (`"sh -c"`), `args` will execute in a command shell. -有关将 `CMD` 指令与 {% data variables.product.prodname_actions %} 结合使用的详细信息,请参阅“[{% data variables.product.prodname_actions %} 的 Dockerfile 支持](/actions/creating-actions/dockerfile-support-for-github-actions/#cmd)”。 +For more information about using the `CMD` instruction with {% data variables.product.prodname_actions %}, see "[Dockerfile support for {% data variables.product.prodname_actions %}](/actions/creating-actions/dockerfile-support-for-github-actions/#cmd)." -#### 示例:为 Docker 容器定义参数 +#### Example: Defining arguments for the Docker container {% raw %} ```yaml @@ -471,9 +475,9 @@ runs: ## `branding` -**可选** 可使用颜色和 [Feather](https://feathericons.com/) 图标来创建徽章,以个性化设置和区分操作。 在 [{% data variables.product.prodname_marketplace %}](https://github.com/marketplace?type=actions) 中,操作名称旁边会显示徽章。 +**Optional** You can use a color and [Feather](https://feathericons.com/) icon to create a badge to personalize and distinguish your action. Badges are shown next to your action name in [{% data variables.product.prodname_marketplace %}](https://github.com/marketplace?type=actions). -### 示例:为操作配置品牌宣传 +### Example: Configuring branding for an action ```yaml branding: @@ -483,30 +487,30 @@ branding: ### `branding.color` -徽章的背景颜色。 可以是以下选项之一:`white`、`yellow`、`blue`、`green`、`orange`、`red`、`purple` 或 `gray-dark`。 +The background color of the badge. Can be one of: `white`, `yellow`, `blue`, `green`, `orange`, `red`, `purple`, or `gray-dark`. ### `branding.icon` -要使用的 v4.28.0 [Feather](https://feathericons.com/) 图标的名称。 省略了品牌图标以及以下内容: +The name of the v4.28.0 [Feather](https://feathericons.com/) icon to use. Brand icons are omitted as well as the following: - - + + - + - + @@ -516,7 +520,7 @@ branding:
咖啡coffeecolumns divide-circle divide-square
divide frown六边形hexagon key
meh mouse-pointer smile工具 (tool)tool
x-octagon
-以下是当前支持的所有图标的详尽列表: +Here is an exhaustive list of all currently supported icons: {% elsif ghes < 3.5 or ghae %} If you used a pull request to add {% data variables.product.prodname_code_scanning %} to the repository, you will initially see {% ifversion ghes > 3.2 or ghae %}an "Analysis not found"{% elsif ghes = 3.2 %}a "Missing analysis"{% endif %} message when you click **Details** on the "{% data variables.product.prodname_code_scanning_capc %} results / TOOL NAME" check. diff --git a/translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/tracking-code-scanning-alerts-in-issues-using-task-lists.md b/translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/tracking-code-scanning-alerts-in-issues-using-task-lists.md index 353595ff37..ac00737cbc 100644 --- a/translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/tracking-code-scanning-alerts-in-issues-using-task-lists.md +++ b/translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/tracking-code-scanning-alerts-in-issues-using-task-lists.md @@ -1,7 +1,7 @@ --- -title: 使用任务列表跟踪问题中的代码扫描警报 +title: Tracking code scanning alerts in issues using task lists shortTitle: Track alerts in issues -intro: 您可以使用任务列表将代码扫描警报添加到议题中。 这样可以轻松创建包括修复警报在内的开发工作计划。 +intro: You can add code scanning alerts to issues using task lists. This makes it easy to create a plan for development work that includes fixing alerts. product: '{% data reusables.gated-features.code-scanning %}' permissions: 'If you have write permission to a repository you can track {% data variables.product.prodname_code_scanning %} alerts in issues using task lists.' versions: @@ -13,68 +13,76 @@ topics: - Alerts - Repositories - Issues -ms.openlocfilehash: a5112bc5982415865a47d752af4e980a2e3d12ea -ms.sourcegitcommit: 47bd0e48c7dba1dde49baff60bc1eddc91ab10c5 -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/05/2022 -ms.locfileid: '145099102' --- + {% data reusables.code-scanning.beta-alert-tracking-in-issues %} -## 关于跟踪议题中的 {% data variables.product.prodname_code_scanning %} 警报 +## About tracking {% data variables.product.prodname_code_scanning %} alerts in issues {% data reusables.code-scanning.github-issues-integration %} -您还可以创建新议题来跟踪警报: -- 从 {% data variables.product.prodname_code_scanning %} 警报创建,这会自动将代码扫描警报添加到新议题的任务列表中。 有关详细信息,请参阅下面的“[从 {% data variables.product.prodname_code_scanning %} 警报创建跟踪问题](#creating-a-tracking-issue-from-a-code-scanning-alert)”。 +You can also create a new issue to track an alert: +- From a {% data variables.product.prodname_code_scanning %} alert, which automatically adds the code scanning alert to a task list in the new issue. For more information, see "[Creating a tracking issue from a {% data variables.product.prodname_code_scanning %} alert](#creating-a-tracking-issue-from-a-code-scanning-alert)" below. -- 像往常一样通过 API 创建,然后在议题正文中提供代码扫描链接。 您必须使用任务列表语法来创建跟踪关系: +- Via the API as you normally would, and then provide the code scanning link within the body of the issue. You must use the task list syntax to create the tracked relationship: - `- [ ] ` - - 例如,如果将 `- [ ] https://github.com/octocat-org/octocat-repo/security/code-scanning/17` 添加到问题,该问题将在 `octocat-org` 组织的 `octocat-repo` 存储库的“安全性”选项卡中跟踪 ID 号为 17 的代码扫描警报。 + - For example, if you add `- [ ] https://github.com/octocat-org/octocat-repo/security/code-scanning/17` to an issue, the issue will track the code scanning alert that has an ID number of 17 in the "Security" tab of the `octocat-repo` repository in the `octocat-org` organization. -您可以使用多个议题来跟踪同一 {% data variables.product.prodname_code_scanning %} 警报,并且议题可属于找到 {% data variables.product.prodname_code_scanning %} 警报的存储库中的不同存储库。 +You can use more than one issue to track the same {% data variables.product.prodname_code_scanning %} alert, and issues can belong to different repositories from the repository where the {% data variables.product.prodname_code_scanning %} alert was found. -{% data variables.product.product_name %} 在用户界面的不同位置提供视觉提示,以指示何时跟踪议题中的 {% data variables.product.prodname_code_scanning %} 警报。 +{% data variables.product.product_name %} provides visual cues in different locations of the user interface to indicate when you are tracking {% data variables.product.prodname_code_scanning %} alerts in issues. -- 代码扫描警报列表页将显示在议题中跟踪的警报,以便您可以一目了然地查看哪些警报仍需要处理。 +- The code scanning alerts list page will show which alerts are tracked in issues so that you can view at a glance which alerts still require processing. - ![代码扫描警报页面上的跟踪片](/assets/images/help/repository/code-scanning-alert-list-tracked-issues.png) + ![Tracked in pill on code scanning alert page](/assets/images/help/repository/code-scanning-alert-list-tracked-issues.png) -- “tracked in(跟踪)”部分也会显示在相应的警报页面中。 +- A "tracked in" section will also show in the corresponding alert page. - {% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} ![代码扫描警报页面上的跟踪部分](/assets/images/help/repository/code-scanning-alert-tracked-in-pill.png) {% else %} ![代码扫描警报页面上的跟踪部分](/assets/images/enterprise/3.4/repository/code-scanning-alert-tracked-in-pill.png) {% endif %} + {% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %} + ![Tracked in section on code scanning alert page](/assets/images/help/repository/code-scanning-alert-tracked-in-pill.png) + {% else %} + ![Tracked in section on code scanning alert page](/assets/images/enterprise/3.4/repository/code-scanning-alert-tracked-in-pill.png) + {% endif %} -- 在跟踪议题上,{% data variables.product.prodname_dotcom %} 会在任务列表和悬停卡上显示安全徽章图标。 +- On the tracking issue, {% data variables.product.prodname_dotcom %} displays a security badge icon in the task list and on the hovercard. {% note %} - 只有对存储库具有写入权限的用户才能看到议题中警报的展开 URL 以及悬停卡片。 对于对存储库具有读取权限或根本没有权限的用户,警报将显示为纯 URL。 + Only users with write permissions to the repository will see the unfurled URL to the alert in the issue, as well as the hovercard. For users with read permissions to the repository, or no permissions at all, the alert will appear as a plain URL. {% endnote %} - 图标的颜色为灰色,因为警报在每个分支上的状态为“打开”或“关闭”。 议题跟踪警报,因此警报在议题中不能具有单个打开/关闭状态。 如果一个分支上的警报已关闭,则图标颜色不变。 + The color of the icon is grey because an alert has a status of "open" or "closed" on every branch. The issue tracks an alert, so the alert cannot have a single open/closed state in the issue. If the alert is closed on one branch, the icon color will not change. - ![跟踪议题中的悬停卡](/assets/images/help/repository/code-scanning-tracking-issue-hovercard.png) + ![Hovercard in tracking issue](/assets/images/help/repository/code-scanning-tracking-issue-hovercard.png) -如果更改议题中相应任务列表项的复选框状态(选中/未选中),则跟踪的警报状态不会更改。 +The status of the tracked alert won't change if you change the checkbox state of the corresponding task list item (checked/unchecked) in the issue. -## 从代码扫描警报创建跟踪议题 +## Creating a tracking issue from a code scanning alert -{% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-security %} {% data reusables.repositories.sidebar-code-scanning-alerts %} {% ifversion fpt or ghes or ghae %} {% data reusables.code-scanning.explore-alert %} -1. (可选)若要查找要跟踪的警报,可以使用自由文本搜索或下拉菜单来筛选和定位警报。 有关详细信息,请参阅“[管理存储库的代码扫描警报](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/managing-code-scanning-alerts-for-your-repository#filtering-code-scanning-alerts)”。 +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.sidebar-security %} +{% data reusables.repositories.sidebar-code-scanning-alerts %} +{% ifversion fpt or ghes or ghae %} +{% data reusables.code-scanning.explore-alert %} +1. Optionally, to find the alert to track, you can use the free-text search or the drop-down menus to filter and locate the alert. For more information, see "[Managing code scanning alerts for your repository](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/managing-code-scanning-alerts-for-your-repository#filtering-code-scanning-alerts)." {% endif %} -1. 在页面顶部的右侧,单击“创建问题”。 - {% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} ![为代码扫描警报创建跟踪问题](/assets/images/help/repository/code-scanning-create-issue-for-alert.png) {% else %} ![为代码扫描警报创建跟踪问题](/assets/images/enterprise/3.4/repository/code-scanning-create-issue-for-alert.png) {% endif %} {% data variables.product.prodname_dotcom %} 自动创建问题以跟踪警报并将警报添加为任务列表项。 - {% data variables.product.prodname_dotcom %} 会预填议题: - - 标题包含 {% data variables.product.prodname_code_scanning %} 警报的名称。 - - 正文包含任务列表项,其中包含 {% data variables.product.prodname_code_scanning %} 警报的完整 URL。 -2. (可选)编辑议题的标题和正文。 +1. Towards the top of the page, on the right side, click **Create issue**. + {% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %} + ![Create a tracking issue for the code scanning alert](/assets/images/help/repository/code-scanning-create-issue-for-alert.png) + {% else %} + ![Create a tracking issue for the code scanning alert](/assets/images/enterprise/3.4/repository/code-scanning-create-issue-for-alert.png) + {% endif %} + {% data variables.product.prodname_dotcom %} automatically creates an issue to track the alert and adds the alert as a task list item. + {% data variables.product.prodname_dotcom %} prepopulates the issue: + - The title contains the name of the {% data variables.product.prodname_code_scanning %} alert. + - The body contains the task list item with the full URL to the {% data variables.product.prodname_code_scanning %} alert. +2. Optionally, edit the title and the body of the issue. {% warning %} - 警告:你可能需要编辑问题的标题,因为它可能会暴露安全信息。 您还可以编辑议题的正文,但不要编辑任务列表项,否则议题将不再跟踪警报。 + **Warning:** You may want to edit the title of the issue as it may expose security information. You can also edit the body of the issue, but do not edit the task list item or the issue will no longer track the alert. {% endwarning %} - ![代码扫描警报的新跟踪议题](/assets/images/help/repository/code-scanning-new-tracking-issue.png) -3. 单击“提交新问题”。 + ![New tracking issue for the code scanning alert](/assets/images/help/repository/code-scanning-new-tracking-issue.png) +3. Click **Submit new issue**. diff --git a/translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/triaging-code-scanning-alerts-in-pull-requests.md b/translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/triaging-code-scanning-alerts-in-pull-requests.md index ecb39a69d0..ec6da4e48a 100644 --- a/translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/triaging-code-scanning-alerts-in-pull-requests.md +++ b/translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/triaging-code-scanning-alerts-in-pull-requests.md @@ -1,7 +1,7 @@ --- -title: 鉴定拉取请求中的代码扫描警报 +title: Triaging code scanning alerts in pull requests shortTitle: Triage alerts in pull requests -intro: '当 {% data variables.product.prodname_code_scanning %} 在拉取请求中发现问题时,您可以审查高亮的代码并解决警报。' +intro: 'When {% data variables.product.prodname_code_scanning %} identifies a problem in a pull request, you can review the highlighted code and resolve the alert.' product: '{% data reusables.gated-features.code-scanning %}' permissions: 'If you have read permission for a repository, you can see annotations on pull requests. With write permission, you can see detailed information and resolve {% data variables.product.prodname_code_scanning %} alerts for that repository.' redirect_from: @@ -20,96 +20,108 @@ topics: - Pull requests - Alerts - Repositories -ms.openlocfilehash: 0b5fd364bcc9da7b0334214980ea943a4f12f74b -ms.sourcegitcommit: 478f2931167988096ae6478a257f492ecaa11794 -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/09/2022 -ms.locfileid: '147760868' --- + + {% data reusables.code-scanning.beta %} -## 关于拉取请求上的 {% data variables.product.prodname_code_scanning %} 结果 +## About {% data variables.product.prodname_code_scanning %} results on pull requests -在仓库中,如果 {% data variables.product.prodname_code_scanning %} 被配置为拉取请求检查,则 {% data variables.product.prodname_code_scanning %} 将检查拉取请求中的代码。 默认情况下,这仅限于针对默认分支的拉取请求,但是您可以在 {% data variables.product.prodname_actions %} 或第三方 CI/CD 系统中更改此配置。 如果合并更改会向目标分支引入新的 {% data variables.product.prodname_code_scanning %} 警报,这些警报将在多个位置报告。 +In repositories where {% data variables.product.prodname_code_scanning %} is configured as a pull request check, {% data variables.product.prodname_code_scanning %} checks the code in the pull request. By default, this is limited to pull requests that target the default branch, but you can change this configuration within {% data variables.product.prodname_actions %} or in a third-party CI/CD system. If merging the changes would introduce new {% data variables.product.prodname_code_scanning %} alerts to the target branch, the alerts are reported in multiple places. -- 检查拉取请求 {% ifversion code-scanning-pr-conversations-tab %} 中的结果 -- 拉取请求的“对话”选项卡是拉取请求审查的一部分 {% endif %} -- 拉取请求的“已更改的文件”选项卡 +- Check results in the pull request {% ifversion code-scanning-pr-conversations-tab %} +- The **Conversation** tab of the pull request, as part of a pull request review {% endif %} +- The **Files changed** tab of the pull request -如果你拥有存储库的写入权限,可以在“安全性”选项卡上看到任何现有的 {% data variables.product.prodname_code_scanning %} 警报。有关存储库警报的信息,请参阅“[管理存储库的 {% data variables.product.prodname_code_scanning %} 警报](/code-security/secure-coding/managing-code-scanning-alerts-for-your-repository)”。 +If you have write permission for the repository, you can see any existing {% data variables.product.prodname_code_scanning %} alerts on the **Security** tab. For information about repository alerts, see "[Managing {% data variables.product.prodname_code_scanning %} alerts for your repository](/code-security/secure-coding/managing-code-scanning-alerts-for-your-repository)." -{% ifversion fpt or ghes > 3.2 or ghae or ghec %} 当 {% data variables.product.prodname_code_scanning %} 配置为在每次推送代码时进行扫描的存储库中,{% data variables.product.prodname_code_scanning %} 还会将结果映射到任何打开的拉取请求,并将警报作为注释添加到与其他拉取请求检查相同的位置。 有关详细信息,请参阅“[推送时扫描](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#scanning-on-push)”。 +{% ifversion fpt or ghes > 3.2 or ghae or ghec %} +In repositories where {% data variables.product.prodname_code_scanning %} is configured to scan each time code is pushed, {% data variables.product.prodname_code_scanning %} will also map the results to any open pull requests and add the alerts as annotations in the same places as other pull request checks. For more information, see "[Scanning on push](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#scanning-on-push)." {% endif %} -如果拉取请求针对使用 {% data variables.product.prodname_code_scanning %} 的受保护分支,并且存储库所有者已配置所需的状态检查,则“{% data variables.product.prodname_code_scanning_capc %} 结果”检查必须先通过,然后才能合并拉取请求。 有关详细信息,请参阅“[关于受保护的分支](/github/administering-a-repository/about-protected-branches#require-status-checks-before-merging)”。 +If your pull request targets a protected branch that uses {% data variables.product.prodname_code_scanning %}, and the repository owner has configured required status checks, then the "{% data variables.product.prodname_code_scanning_capc %} results" check must pass before you can merge the pull request. For more information, see "[About protected branches](/github/administering-a-repository/about-protected-branches#require-status-checks-before-merging)." -## 关于 {% data variables.product.prodname_code_scanning %} 作为拉取请求检查 +## About {% data variables.product.prodname_code_scanning %} as a pull request check -有许多选项可将 {% data variables.product.prodname_code_scanning %} 配置为拉取请求检查,因此每个仓库的确切设置会有所不同,有些仓库还会有多个检查。 +There are many options for configuring {% data variables.product.prodname_code_scanning %} as a pull request check, so the exact setup of each repository will vary and some will have more than one check. -### {% data variables.product.prodname_code_scanning_capc %} 结果检查 +### {% data variables.product.prodname_code_scanning_capc %} results check -对于 {% data variables.product.prodname_code_scanning %} 的所有配置,包含 {% data variables.product.prodname_code_scanning %} 结果的检查为:{% data variables.product.prodname_code_scanning_capc %} 结果。 所使用的每个分析工具的结果将单独显示。 由拉取请求中的更改引起的任何新警报都显示为注释。 +For all configurations of {% data variables.product.prodname_code_scanning %}, the check that contains the results of {% data variables.product.prodname_code_scanning %} is: **{% data variables.product.prodname_code_scanning_capc %} results**. The results for each analysis tool used are shown separately. Any new alerts caused by changes in the pull request are shown as annotations. -{% ifversion fpt or ghes > 3.2 or ghae or ghec %} 要查看所分析分支的完整警报集,请单击“查看所有分支警报”。 这将打开完整的警报视图,你可以在其中按类型、严重性、标记等筛选分支上的所有警报。有关详细信息,请参阅“[管理存储库的代码扫描警报](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/managing-code-scanning-alerts-for-your-repository#filtering-and-searching-for-code-scanning-alerts)”。 +{% ifversion fpt or ghes > 3.2 or ghae or ghec %} To see the full set of alerts for the analyzed branch, click **View all branch alerts**. This opens the full alert view where you can filter all the alerts on the branch by type, severity, tag, etc. For more information, see "[Managing code scanning alerts for your repository](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/managing-code-scanning-alerts-for-your-repository#filtering-and-searching-for-code-scanning-alerts)." -![拉取请求的 {% data variables.product.prodname_code_scanning_capc %} 结果检查](/assets/images/help/repository/code-scanning-results-check.png) {% endif %} +![{% data variables.product.prodname_code_scanning_capc %} results check on a pull request](/assets/images/help/repository/code-scanning-results-check.png) +{% endif %} -### {% data variables.product.prodname_code_scanning_capc %} 结果检查失败 +### {% data variables.product.prodname_code_scanning_capc %} results check failures -如果 {% data variables.product.prodname_code_scanning %} 结果检查发现严重性为 `error``critical` 或 `high` 的问题,检查将失败并在检查结果中报告错误。 如果 {% data variables.product.prodname_code_scanning %} 发现的所有结果的严重性都较低,则警报将被视为警告或通知,检查成功。 +If the {% data variables.product.prodname_code_scanning %} results check finds any problems with a severity of `error`, `critical`, or `high`, the check fails and the error is reported in the check results. If all the results found by {% data variables.product.prodname_code_scanning %} have lower severities, the alerts are treated as warnings or notes and the check succeeds. -![拉取请求上失败的 {% data variables.product.prodname_code_scanning %} 检查](/assets/images/help/repository/code-scanning-check-failure.png) +![Failed {% data variables.product.prodname_code_scanning %} check on a pull request](/assets/images/help/repository/code-scanning-check-failure.png) -你可以通过指定会导致拉取请求检查失败的严重级别和安全严重性来覆盖仓库设置中的默认行为。 有关详细信息,请参阅“[定义导致拉取请求检查失败的严重性](/code-security/secure-coding/configuring-code-scanning#defining-the-severities-causing-pull-request-check-failure)”。 +You can override the default behavior in your repository settings, by specifying the level of severities and security severities that will cause a pull request check failure. For more information, see "[Defining the severities causing pull request check failure](/code-security/secure-coding/configuring-code-scanning#defining-the-severities-causing-pull-request-check-failure)". -### 其他 {% data variables.product.prodname_code_scanning %} 检查 +### Other {% data variables.product.prodname_code_scanning %} checks -根据您的配置,您可能会看到在配置了 {% data variables.product.prodname_code_scanning %} 的拉取请求上运行其他检查。 这些通常是分析代码或上传 {% data variables.product.prodname_code_scanning %} 结果的工作流程。 当分析出现问题时,这些检查对于故障排除非常有用。 +Depending on your configuration, you may see additional checks running on pull requests with {% data variables.product.prodname_code_scanning %} configured. These are usually workflows that analyze the code or that upload {% data variables.product.prodname_code_scanning %} results. These checks are useful for troubleshooting when there are problems with the analysis. -例如,如果存储库使用 {% data variables.product.prodname_codeql_workflow %},则在结果检查运行之前,将针对每种语言运行 {% data variables.product.prodname_codeql %} / Analyze (LANGUAGE) 检查。 如果存在配置问题,或者拉取请求中断了分析需要编译的语言(例如 C/C ++、C# 或 Java)的构建,则分析检查可能会失败。 +For example, if the repository uses the {% data variables.product.prodname_codeql_workflow %} a **{% data variables.product.prodname_codeql %} / Analyze (LANGUAGE)** check is run for each language before the results check runs. The analysis check may fail if there are configuration problems, or if the pull request breaks the build for a language that the analysis needs to compile (for example, C/C++, C#, or Java). -与其他拉取请求检查一样,可以在“检查”选项卡上看到检查失败的完整详细信息。有关配置和故障排除的详细信息,请参阅“[配置 {% data variables.product.prodname_code_scanning %}](/code-security/secure-coding/configuring-code-scanning)”或“[对 {% data variables.product.prodname_codeql %} 工作流进行故障排除](/code-security/secure-coding/troubleshooting-the-codeql-workflow)”。 +As with other pull request checks, you can see full details of the check failure on the **Checks** tab. For more information about configuring and troubleshooting, see "[Configuring {% data variables.product.prodname_code_scanning %}](/code-security/secure-coding/configuring-code-scanning)" or "[Troubleshooting the {% data variables.product.prodname_codeql %} workflow](/code-security/secure-coding/troubleshooting-the-codeql-workflow)." -## 查看拉取请求上的警报 - -{% ifversion code-scanning-pr-conversations-tab %} 通过查看“对话”选项卡,可以看到拉取请求中引入的任何 {% data variables.product.prodname_code_scanning %} 警报。{% data variables.product.prodname_code_scanning_capc %} 会发布拉取请求审查,该审查将每个警报作为触发警报的代码行上的注释显示。 可以对警报进行注释、关闭警报并直接从注释中查看警报的路径。 可以通过单击“显示更多详细信息”链接来查看警报的完整详细信息,该链接将带你进入警报详细信息页面。 - -![拉取请求“对话”选项卡中的警报注释](/assets/images/help/repository/code-scanning-pr-conversation-tab.png) - -还可以在拉取请求的“已更改的文件”选项卡中查看所有 {% data variables.product.prodname_code_scanning %} 警报。 拉取请求中引入的更改差异之外的文件上的现有 {% data variables.product.prodname_code_scanning %} 警报将只显示在“已更改的文件”选项卡中。 - -{% else %} 通过显示“已更改的文件”选项卡,可以看到拉取请求中引入的任何 {% data variables.product.prodname_code_scanning %} 警报。每个警报都在触发警报的代码行上显示为一条注释。 警报的严重性显示在注释中。 - -![拉取请求差异中的警报注释](/assets/images/help/repository/code-scanning-pr-annotation.png) {% endif %} - -如果您拥有仓库的写入权限,则某些注释将包含警报额外上下文的链接。 在上例中,可以在 {% data variables.product.prodname_codeql %} 分析中单击“用户提供的值”,以查看不受信任的数据进入数据流的位置(这称为源)。 在此例中,还可以通过单击“显示路径”来查看从源到使用数据的代码(池)的完整路径。 这样就很容易检查数据是否不受信任,或者分析是否无法识别源与池之间的数据净化步骤。 有关使用 {% data variables.product.prodname_codeql %} 分析数据流的信息,请参阅“[关于数据流分析](https://codeql.github.com/docs/writing-codeql-queries/about-data-flow-analysis/)”。 - -要查看有关警报的更多信息,拥有写入权限的用户可单击注释中所示的“显示更多详情”链接。 这允许您在警报视图中查看工具提供的所有上下文和元数据。 在下例中,您可以查看显示问题的严重性、类型和相关通用缺陷枚举 (CWE) 的标记。 该视图还显示哪个提交引入了问题。 - -{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} {% data reusables.code-scanning.alert-default-branch %} {% endif %} - -在警报的详细视图中,有些 {% data variables.product.prodname_code_scanning %} 工具(例如 {% data variables.product.prodname_codeql %} 分析)还包括问题描述和“显示更多”链接以指导你如何修复代码。 - -{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} ![警报说明和链接以显示详细信息](/assets/images/help/repository/code-scanning-pr-alert.png) {% else %} ![警报说明和链接以显示详细信息](/assets/images/enterprise/3.4/repository/code-scanning-pr-alert.png) {% endif %} +## Viewing an alert on your pull request {% ifversion code-scanning-pr-conversations-tab %} -## 对拉取请求中的警报进行注释 +You can see any {% data variables.product.prodname_code_scanning %} alerts introduced in a pull request by viewing the **Conversation** tab. {% data variables.product.prodname_code_scanning_capc %} posts a pull request review that shows each alert as an annotation on the lines of code that triggered the alert. You can comment on the alerts, dismiss the alerts, and view paths for the alerts, directly from the annotations. You can view the full details of an alert by clicking the "Show more details" link, which will take you to the alert details page. -可以对由拉取请求中更改引入的任何 {% data variables.product.prodname_code_scanning %} 警报进行注释。 警报在拉取请求的“对话”选项卡中显示为注释,作为拉取请求审查的一部分,也显示在“已更改的文件”选项卡中。只能对拉取请求中的更改引入的警报进行注释 。 拉取请求中引入的更改之外的文件上的现有 {% data variables.product.prodname_code_scanning %} 警报将显示在“文件已更改”选项卡中,但不能注释。 +![Alert annotation within a pull request Conversations tab](/assets/images/help/repository/code-scanning-pr-conversation-tab.png) -可以选择要求拉取请求中的所有对话(包括 {% data variables.product.prodname_code_scanning %} 警报上的对话),以在合并拉取请求之前被解析。 有关详细信息,请参阅“[关于受保护的分支](/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/about-protected-branches#require-conversation-resolution-before-merging)”。 +You can also view all {% data variables.product.prodname_code_scanning %} alerts in the **Files changed** tab of the pull request. Existing {% data variables.product.prodname_code_scanning %} alerts on a file that are outside the diff of the changes introduced in the pull request will only appear in the **Files changed** tab. + +{% else %} +You can see any {% data variables.product.prodname_code_scanning %} alerts introduced in a pull request by displaying the **Files changed** tab. Each alert is shown as an annotation on the lines of code that triggered the alert. The severity of the alert is displayed in the annotation. + +![Alert annotation within a pull request diff](/assets/images/help/repository/code-scanning-pr-annotation.png) {% endif %} -## 修复拉取请求上的警报 -任何对拉取请求具有推送权限的人都可以修复在该拉取请求上已识别的 {% data variables.product.prodname_code_scanning %} 警报。 如果将更改提交到拉取请求,这将触发拉取请求检查的新运行。 如果您的更改修复了问题,则警报将被关闭,注释将被删除。 +If you have write permission for the repository, some annotations contain links with extra context for the alert. In the example above, from {% data variables.product.prodname_codeql %} analysis, you can click **user-provided value** to see where the untrusted data enters the data flow (this is referred to as the source). In this case you can also view the full path from the source to the code that uses the data (the sink) by clicking **Show paths**. This makes it easy to check whether the data is untrusted or if the analysis failed to recognize a data sanitization step between the source and the sink. For information about analyzing data flow using {% data variables.product.prodname_codeql %}, see "[About data flow analysis](https://codeql.github.com/docs/writing-codeql-queries/about-data-flow-analysis/)." -## 忽略拉取请求上的警报 +To see more information about an alert, users with write permission can click the **Show more details** link shown in the annotation. This allows you to see all of the context and metadata provided by the tool in an alert view. In the example below, you can see tags showing the severity, type, and relevant common weakness enumerations (CWEs) for the problem. The view also shows which commit introduced the problem. -关闭警报的另一种办法是忽略它。 您可以忽略您认为不需要修复的警报。 {% data reusables.code-scanning.close-alert-examples %} 如果你拥有存储库的写入权限,则“忽略”按钮在代码注释和警报摘要中可用。 单击“忽略”时,系统会提示你选择关闭警报的原因。 -{% ifversion comment-dismissed-code-scanning-alert %} ![代码扫描警报的屏幕截图,其中选择关闭原因的下拉列表突出显示](/assets/images/help/repository/code-scanning-alert-dropdown-reason.png) {% else %} ![选择关闭警报的原因](/assets/images/help/repository/code-scanning-alert-close-drop-down.png) {% endif %} {% data reusables.code-scanning.choose-alert-dismissal-reason %} +{% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %} +{% data reusables.code-scanning.alert-default-branch %} +{% endif %} + +In the detailed view for an alert, some {% data variables.product.prodname_code_scanning %} tools, like {% data variables.product.prodname_codeql %} analysis, also include a description of the problem and a **Show more** link for guidance on how to fix your code. + +{% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %} +![Alert description and link to show more information](/assets/images/help/repository/code-scanning-pr-alert.png) +{% else %} +![Alert description and link to show more information](/assets/images/enterprise/3.4/repository/code-scanning-pr-alert.png) +{% endif %} + +{% ifversion code-scanning-pr-conversations-tab %} +## Commenting on an alert in a pull request + +You can comment on any {% data variables.product.prodname_code_scanning %} alert introduced by the changes in a pull request. Alerts appear as annotations in the **Conversation** tab of a pull request, as part of a pull request review, and also are shown in the **Files changed** tab. You can only comment on alerts introduced by the changes in a pull request. Existing {% data variables.product.prodname_code_scanning %} alerts, on files that are outside the changes introduced in the pull request, will appear in the **Files changed** tab but cannot be commented on. + +You can choose to require all conversations in a pull request, including those on {% data variables.product.prodname_code_scanning %} alerts, to be resolved before a pull request can be merged. For more information, see "[About protected branches](/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/about-protected-branches#require-conversation-resolution-before-merging)." +{% endif %} +## Fixing an alert on your pull request + +Anyone with push access to a pull request can fix a {% data variables.product.prodname_code_scanning %} alert that's identified on that pull request. If you commit changes to the pull request this triggers a new run of the pull request checks. If your changes fix the problem, the alert is closed and the annotation removed. + +## Dismissing an alert on your pull request + +An alternative way of closing an alert is to dismiss it. You can dismiss an alert if you don't think it needs to be fixed. {% data reusables.code-scanning.close-alert-examples %} If you have write permission for the repository, the **Dismiss** button is available in code annotations and in the alerts summary. When you click **Dismiss** you will be prompted to choose a reason for closing the alert. +{% ifversion comment-dismissed-code-scanning-alert %} +![Screenshot of code scanning alert with dropdown to choose dismissal reason emphasized](/assets/images/help/repository/code-scanning-alert-dropdown-reason.png) +{% else %} +![Choosing a reason for dismissing an alert](/assets/images/help/repository/code-scanning-alert-close-drop-down.png) +{% endif %} +{% data reusables.code-scanning.choose-alert-dismissal-reason %} {% data reusables.code-scanning.false-positive-fix-codeql %} -有关消除警报的详细信息,请参阅 {% ifversion delete-code-scanning-alerts %}“[管理存储库的 {% data variables.product.prodname_code_scanning %} 警报](/code-security/secure-coding/managing-code-scanning-alerts-for-your-repository#dismissing-or-deleting-alerts)”。{% else %}“[管理存储库的 {% data variables.product.prodname_code_scanning %} 警报](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/managing-code-scanning-alerts-for-your-repository#dismissing--alerts)”。{% endif %} +For more information about dismissing alerts, see {% ifversion delete-code-scanning-alerts %}"[Managing {% data variables.product.prodname_code_scanning %} alerts for your repository](/code-security/secure-coding/managing-code-scanning-alerts-for-your-repository#dismissing-or-deleting-alerts)."{% else %} "[Managing {% data variables.product.prodname_code_scanning %} alerts for your repository](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/managing-code-scanning-alerts-for-your-repository#dismissing--alerts)."{% endif %} diff --git a/translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/troubleshooting-the-codeql-workflow.md b/translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/troubleshooting-the-codeql-workflow.md index 10e0bf9a8c..658d44b582 100644 --- a/translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/troubleshooting-the-codeql-workflow.md +++ b/translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/troubleshooting-the-codeql-workflow.md @@ -1,7 +1,7 @@ --- -title: CodeQL 工作流程疑难解答 +title: Troubleshooting the CodeQL workflow shortTitle: Troubleshoot CodeQL workflow -intro: '如果您在 {% data variables.product.prodname_code_scanning %} 方面遇到问题,可使用这些提示来解决问题。' +intro: 'If you''re having problems with {% data variables.product.prodname_code_scanning %}, you can troubleshoot by using these tips for resolving issues.' product: '{% data reusables.gated-features.code-scanning %}' miniTocMaxHeadingLevel: 3 redirect_from: @@ -26,52 +26,51 @@ topics: - C/C++ - C# - Java -ms.openlocfilehash: f4de6a52db9651ed1ad6db49959fffbf696aea9a -ms.sourcegitcommit: 47bd0e48c7dba1dde49baff60bc1eddc91ab10c5 -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/05/2022 -ms.locfileid: '147444619' --- -{% data reusables.code-scanning.beta %} {% data reusables.code-scanning.not-available %} -{% ifversion ghes or ghae %} {% note %} -注意:本文介绍了此版 {% data variables.product.product_name %} 的初始发行版中包含的 CodeQL 操作版本和相关 CodeQL CLI 捆绑包中可用的功能。 如果企业使用较新版本的 CodeQL 操作,请参阅 [{% data variables.product.prodname_ghe_cloud %} 一文](/enterprise-cloud@latest/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/troubleshooting-the-codeql-workflow),了解有关最新功能的信息。 {% ifversion not ghae %}有关使用最新版本的信息,请参阅“[为设备配置代码扫描](/admin/advanced-security/configuring-code-scanning-for-your-appliance#configuring-codeql-analysis-on-a-server-without-internet-access)”。{% endif %} +{% data reusables.code-scanning.beta %} +{% data reusables.code-scanning.not-available %} -{% endnote %} {% endif %} +{% ifversion ghes or ghae %} +{% note %} -## 生成详细的调试日志 +**Note:** This article describes the features available with the version of the CodeQL action and associated CodeQL CLI bundle included in the initial release of this version of {% data variables.product.product_name %}. If your enterprise uses a more recent version of the CodeQL action, see the [{% data variables.product.prodname_ghe_cloud %} article](/enterprise-cloud@latest/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/troubleshooting-the-codeql-workflow) for information on the latest features. {% ifversion not ghae %} For information on using the latest version, see "[Configuring code scanning for your appliance](/admin/advanced-security/configuring-code-scanning-for-your-appliance#configuring-codeql-analysis-on-a-server-without-internet-access)."{% endif %} -要生成更详细的日志输出,您可以启用步骤调试日志记录。 有关详细信息,请参阅“[启用调试日志记录](/actions/managing-workflow-runs/enabling-debug-logging#enabling-step-debug-logging)”。 +{% endnote %} +{% endif %} -{% ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5601 %} +## Producing detailed logs for debugging -## 创建 {% data variables.product.prodname_codeql %} 调试工件 +To produce more detailed logging output, you can enable step debug logging. For more information, see "[Enabling debug logging](/actions/managing-workflow-runs/enabling-debug-logging#enabling-step-debug-logging)." -可以获取生成工件来帮助你调试 {% data variables.product.prodname_codeql %}。 -调试工件作为名为 `debug-artifacts` 的工件上传到工作流运行。 数据包含 {% data variables.product.prodname_codeql %} 日志、 {% data variables.product.prodname_codeql %} 数据库以及工作流程生成的任何 SARIF 文件。 +{% ifversion fpt or ghec or ghes > 3.3 or ghae > 3.3 %} -这些生成工件将帮助你调试 {% data variables.product.prodname_codeql %} {% data variables.product.prodname_code_scanning %} 的问题。 如果您联系 GitHub 支持人员,他们可能会要求您提供此数据。 +## Creating {% data variables.product.prodname_codeql %} debugging artifacts + +You can obtain artifacts to help you debug {% data variables.product.prodname_codeql %}. +The debug artifacts will be uploaded to the workflow run as an artifact named `debug-artifacts`. The data contains the {% data variables.product.prodname_codeql %} logs, {% data variables.product.prodname_codeql %} database(s), and any SARIF file(s) produced by the workflow. + +These artifacts will help you debug problems with {% data variables.product.prodname_codeql %} {% data variables.product.prodname_code_scanning %}. If you contact GitHub support, they might ask for this data. {% endif %} {% ifversion codeql-action-debug-logging %} -### 通过重新运行启用调试日志记录的作业来创建 {% data variables.product.prodname_codeql %} 调试生成工件 +### Creating {% data variables.product.prodname_codeql %} debugging artifacts by re-running jobs with debug logging enabled -可以通过启用调试日志记录和重新运行作业来创建 {% data variables.product.prodname_codeql %} 调试生成工件。 有关重新运行 {% data variables.product.prodname_actions %} 工作流和作业的详细信息,请参阅“[重新运行工作流和作业](/actions/managing-workflow-runs/re-running-workflows-and-jobs)”。 +You can create {% data variables.product.prodname_codeql %} debugging artifacts by enabling debug logging and re-running the jobs. For more information about re-running {% data variables.product.prodname_actions %} workflows and jobs, see "[Re-running workflows and jobs](/actions/managing-workflow-runs/re-running-workflows-and-jobs)." -需要确保选择“启用调试日志记录”。 此选项将为运行启用运行器诊断日志记录和步骤调试日志记录。 然后你便可以下载 `debug-artifacts` 进行进一步调查。 通过重新运行作业创建 {% data variables.product.prodname_codeql %} 调试生成工件时,无需修改工作流文件。 +You need to ensure that you select **Enable debug logging** . This option enables runner diagnostic logging and step debug logging for the run. You'll then be able to download `debug-artifacts` to investigate further. You do not need to modify the workflow file when creating {% data variables.product.prodname_codeql %} debugging artifacts by re-running jobs. {% endif %} -{% ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5601 %} +{% ifversion fpt or ghec or ghes > 3.3 or ghae > 3.3 %} -### 创建 {% data variables.product.prodname_codeql %} 调试生成工件 +### Creating {% data variables.product.prodname_codeql %} debugging artifacts using a workflow flag -可以通过在工作流中使用标志来创建 {% data variables.product.prodname_codeql %} 调试生成工件。 为此,需要修改 {% data variables.product.prodname_codeql_workflow %} 文件的 `init` 步骤并设置 `debug: true`。 +You can create {% data variables.product.prodname_codeql %} debugging artifacts by using a flag in your workflow. For this, you need to modify the `init` step of your {% data variables.product.prodname_codeql_workflow %} file and set `debug: true`. ```yaml - name: Initialize CodeQL @@ -82,15 +81,15 @@ ms.locfileid: '147444619' {% endif %} -## 编译语言的自动构建失败 +## Automatic build for a compiled language fails -如果项目中编译语言的代码自动构建失败,请尝试以下疑难解答步骤。 +If an automatic build of code for a compiled language within your project fails, try the following troubleshooting steps. -- 从 {% data variables.product.prodname_code_scanning %} 工作流中删除 `autobuild` 步骤,并添加特定构建步骤。 有关编辑工作流的信息,请参阅“[配置 {% data variables.product.prodname_code_scanning %}](/code-security/secure-coding/configuring-code-scanning#editing-a-code-scanning-workflow)”。 有关替换 `autobuild` 步骤的详细信息,请参阅“[为已编译语言配置 {% data variables.product.prodname_codeql %} 工作流](/code-security/secure-coding/configuring-the-codeql-workflow-for-compiled-languages#adding-build-steps-for-a-compiled-language)”。 +- Remove the `autobuild` step from your {% data variables.product.prodname_code_scanning %} workflow and add specific build steps. For information about editing the workflow, see "[Configuring {% data variables.product.prodname_code_scanning %}](/code-security/secure-coding/configuring-code-scanning#editing-a-code-scanning-workflow)." For more information about replacing the `autobuild` step, see "[Configuring the {% data variables.product.prodname_codeql %} workflow for compiled languages](/code-security/secure-coding/configuring-the-codeql-workflow-for-compiled-languages#adding-build-steps-for-a-compiled-language)." -- 如果您的工作流程未明确指定要分析的语言,则 {% data variables.product.prodname_codeql %} 会隐式检测代码库中支持的语言。 在此配置中,对于编译语言 C/C++、C# 和 Java,{% data variables.product.prodname_codeql %} 只分析涵盖最多源文件的语言。 编辑工作流并添加一个矩阵,以指定要分析的语言。 默认的 CodeQL 分析工作流程使用这种矩阵。 +- If your workflow doesn't explicitly specify the languages to analyze, {% data variables.product.prodname_codeql %} implicitly detects the supported languages in your code base. In this configuration, out of the compiled languages C/C++, C#, and Java, {% data variables.product.prodname_codeql %} only analyzes the language with the most source files. Edit the workflow and add a matrix specifying the languages you want to analyze. The default CodeQL analysis workflow uses such a matrix. - 以下工作流程摘录显示了如何在作业策略中使用矩阵来指定语言,然后在“初始化 {% data variables.product.prodname_codeql %}”步骤中引用每种语言: + The following extracts from a workflow show how you can use a matrix within the job strategy to specify languages, and then reference each language within the "Initialize {% data variables.product.prodname_codeql %}" step: ```yaml jobs: @@ -112,15 +111,15 @@ ms.locfileid: '147444619' languages: {% raw %}${{ matrix.language }}{% endraw %} ``` - 有关编辑工作流的详细信息,请参阅“[配置代码扫描](/code-security/secure-coding/configuring-code-scanning)”。 + For more information about editing the workflow, see "[Configuring code scanning](/code-security/secure-coding/configuring-code-scanning)." -## 构建过程中找不到代码 +## No code found during the build -如果工作流失败并出现错误 `No source code was seen during the build` 或 `The process '/opt/hostedtoolcache/CodeQL/0.0.0-20200630/x64/codeql/codeql' failed with exit code 32`,则表示 {% data variables.product.prodname_codeql %} 无法监视代码。 有几个原因可以解释这种失败: +If your workflow fails with an error `No source code was seen during the build` or `The process '/opt/hostedtoolcache/CodeQL/0.0.0-20200630/x64/codeql/codeql' failed with exit code 32`, this indicates that {% data variables.product.prodname_codeql %} was unable to monitor your code. Several reasons can explain such a failure: -1. 存储库可能不包含以 {% data variables.product.prodname_codeql %} 支持的语言编写的源代码。 检查受支持的语言列表,如果是这种情况,请删除 {% data variables.product.prodname_codeql %} 工作流。 有关详细信息,请参阅“[关于使用 CodeQL 进行代码扫描](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-with-codeql#about-codeql)”。 +1. The repository may not contain source code that is written in languages supported by {% data variables.product.prodname_codeql %}. Check the list of supported languages and, if this is the case, remove the {% data variables.product.prodname_codeql %} workflow. For more information, see "[About code scanning with CodeQL](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-with-codeql#about-codeql) -1. 自动语言检测发现了受支持的语言,但仓库中没有该语言的可分析代码。 一个典型的例子是,我们的语言检测服务发现了一个与特定的编程语言相关的文件,例如 `.h` 或 `.gyp` 文件,但存储库中没有相应的可执行代码。 要解决此问题,可通过更新 `language` 矩阵中的语言列表来手动定义要分析的语言。 例如,以下配置将仅分析 Go 和 JavaScript。 +1. Automatic language detection identified a supported language, but there is no analyzable code of that language in the repository. A typical example is when our language detection service finds a file associated with a particular programming language like a `.h`, or `.gyp` file, but no corresponding executable code is present in the repository. To solve the problem, you can manually define the languages you want to analyze by updating the list of languages in the `language` matrix. For example, the following configuration will analyze only Go, and JavaScript. ```yaml strategy: @@ -131,46 +130,46 @@ ms.locfileid: '147444619' language: ['go', 'javascript'] ``` - 有关详细信息,请参阅上述“[编译语言的自动生成失败](#automatic-build-for-a-compiled-language-fails)”中的工作流提取。 -1. {% data variables.product.prodname_code_scanning %} 工作流程在分析一种已编译的语言(C、C++、C# 或 Java),但代码尚未编译。 默认情况下,{% data variables.product.prodname_codeql %} 分析工作流包含 `autobuild` 步骤,但是,此步骤是一个尽力而为的过程,可能无法成功构建你的代码,具体取决于你的特定构建环境。 如果你删除了 `autobuild` 步骤但没有手动添加构建步骤,编译也可能会失败。 有关指定构建步骤的详细信息,请参阅“[为已编译语言配置 {% data variables.product.prodname_codeql %} 工作流](/code-security/secure-coding/configuring-the-codeql-workflow-for-compiled-languages#adding-build-steps-for-a-compiled-language)”。 -1. 工作流程在分析一种编译语言(C、C++、C# 或 Java),但构建的一部分被缓存以提高性能(最有可能发生在 Gradle 或 Bazel 等构建系统中)。 因为 {% data variables.product.prodname_codeql %} 观察编译器的活动以了解仓库中的数据流,因此 {% data variables.product.prodname_codeql %} 需要进行完整的构建才能执行分析。 -1. 工作流可分析编译语言(C、C++、C# 或 Java),但工作流程中的 `init` 与 `analyze` 步骤之间不发生编译。 {% data variables.product.prodname_codeql %} 需要这两个步骤之间发生构建以观察编译器的活动并执行分析。 -1. 您的编译代码(使用 C、C ++、C# 或 Java)已成功编译,但 {% data variables.product.prodname_codeql %} 无法检测到编译器调用。 最常见原因是: + For more information, see the workflow extract in "[Automatic build for a compiled language fails](#automatic-build-for-a-compiled-language-fails)" above. +1. Your {% data variables.product.prodname_code_scanning %} workflow is analyzing a compiled language (C, C++, C#, or Java), but the code was not compiled. By default, the {% data variables.product.prodname_codeql %} analysis workflow contains an `autobuild` step, however, this step represents a best effort process, and may not succeed in building your code, depending on your specific build environment. Compilation may also fail if you have removed the `autobuild` step and did not include build steps manually. For more information about specifying build steps, see "[Configuring the {% data variables.product.prodname_codeql %} workflow for compiled languages](/code-security/secure-coding/configuring-the-codeql-workflow-for-compiled-languages#adding-build-steps-for-a-compiled-language)." +1. Your workflow is analyzing a compiled language (C, C++, C#, or Java), but portions of your build are cached to improve performance (most likely to occur with build systems like Gradle or Bazel). Since {% data variables.product.prodname_codeql %} observes the activity of the compiler to understand the data flows in a repository, {% data variables.product.prodname_codeql %} requires a complete build to take place in order to perform analysis. +1. Your workflow is analyzing a compiled language (C, C++, C#, or Java), but compilation does not occur between the `init` and `analyze` steps in the workflow. {% data variables.product.prodname_codeql %} requires that your build happens in between these two steps in order to observe the activity of the compiler and perform analysis. +1. Your compiled code (in C, C++, C#, or Java) was compiled successfully, but {% data variables.product.prodname_codeql %} was unable to detect the compiler invocations. The most common causes are: - * 在独立于 {% data variables.product.prodname_codeql %} 的容器中运行构建过程。 有关详细信息,请参阅[在容器中运行 CodeQL 代码扫描](/code-security/secure-coding/running-codeql-code-scanning-in-a-container)。 - * 使用 GitHub Actions 外部的分布式构建系统,使用守护进程构建。 - * {% data variables.product.prodname_codeql %} 不知道您使用的特定编译器。 + * Running your build process in a separate container to {% data variables.product.prodname_codeql %}. For more information, see "[Running CodeQL code scanning in a container](/code-security/secure-coding/running-codeql-code-scanning-in-a-container)." + * Building using a distributed build system external to GitHub Actions, using a daemon process. + * {% data variables.product.prodname_codeql %} isn't aware of the specific compiler you are using. - 对于 .NET Framework 项目以及使用 `dotnet build` 或 `msbuild` 的 C# 项目,应在构建代码时在工作流的 `run` 步骤中指定 `/p:UseSharedCompilation=false`。 + For .NET Framework projects, and for C# projects using either `dotnet build` or `msbuild`, you should specify `/p:UseSharedCompilation=false` in your workflow's `run` step, when you build your code. - 例如,以下 C# 的配置将在第一个构建步骤中传递标志。 + For example, the following configuration for C# will pass the flag during the first build step. ``` yaml - run: | dotnet build /p:UseSharedCompilation=false ``` - 如果您在特定编译器或配置方面遇到其他问题,请联系 {% data variables.contact.contact_support %}。 + If you encounter another problem with your specific compiler or configuration, contact {% data variables.contact.contact_support %}. -有关指定构建步骤的详细信息,请参阅“[为已编译语言配置 {% data variables.product.prodname_codeql %} 工作流](/code-security/secure-coding/configuring-the-codeql-workflow-for-compiled-languages#adding-build-steps-for-a-compiled-language)”。 +For more information about specifying build steps, see "[Configuring the {% data variables.product.prodname_codeql %} workflow for compiled languages](/code-security/secure-coding/configuring-the-codeql-workflow-for-compiled-languages#adding-build-steps-for-a-compiled-language)." {% ifversion fpt or ghes > 3.1 or ghae or ghec %} -## 扫描的代码行数低于预期 +## Lines of code scanned are lower than expected -对于 C/C++、C#、Go 和 Java 等编译语言,{% data variables.product.prodname_codeql %} 仅扫描在分析过程中生成的文件。 因此,如果某些源代码未正确编译,则扫描的代码行数将低于预期。 这可能是多种原因引起的: +For compiled languages like C/C++, C#, Go, and Java, {% data variables.product.prodname_codeql %} only scans files that are built during the analysis. Therefore the number of lines of code scanned will be lower than expected if some of the source code isn't compiled correctly. This can happen for several reasons: -1. {% data variables.product.prodname_codeql %} `autobuild` 功能使用启发式方法在存储库中生成代码。 但是,有时这种方法会导致对存储库的分析不完整。 例如,当单个存储库中存在多个 `build.sh` 命令时,分析可能不完整,因为 `autobuild` 步骤将仅执行其中一个命令,因此可能无法编译某些源文件。 -1. 某些编译器无法使用 {% data variables.product.prodname_codeql %} ,因此在分析代码时可能会导致问题。 例如,Lombok 项目使用非公共编译器 API 来修改编译器行为。 这些编译器修改中使用的假设不适用于 {% data variables.product.prodname_codeql %} 的 Java 提取器,因此无法分析代码。 +1. The {% data variables.product.prodname_codeql %} `autobuild` feature uses heuristics to build the code in a repository. However, sometimes this approach results in an incomplete analysis of a repository. For example, when multiple `build.sh` commands exist in a single repository, the analysis may not be complete since the `autobuild` step will only execute one of the commands, and therefore some source files may not be compiled. +1. Some compilers do not work with {% data variables.product.prodname_codeql %} and can cause issues while analyzing the code. For example, Project Lombok uses non-public compiler APIs to modify compiler behavior. The assumptions used in these compiler modifications are not valid for {% data variables.product.prodname_codeql %}'s Java extractor, so the code cannot be analyzed. -如果 {% data variables.product.prodname_codeql %} 分析扫描的代码行数少于预期,则可以尝试使用多种方法来确保编译了所有必需的源文件。 +If your {% data variables.product.prodname_codeql %} analysis scans fewer lines of code than expected, there are several approaches you can try to make sure all the necessary source files are compiled. -### 替换 `autobuild` 步骤 +### Replace the `autobuild` step -将 `autobuild` 步骤替换为将在生产中使用的相同生成命令。 这可以确保 {% data variables.product.prodname_codeql %} 确切地知道如何编译要扫描的所有源文件。 -有关详细信息,请参阅“[为已编译语言配置 {% data variables.product.prodname_codeql %} 工作流](/code-security/secure-coding/configuring-the-codeql-workflow-for-compiled-languages#adding-build-steps-for-a-compiled-language)”。 +Replace the `autobuild` step with the same build commands you would use in production. This makes sure that {% data variables.product.prodname_codeql %} knows exactly how to compile all of the source files you want to scan. +For more information, see "[Configuring the {% data variables.product.prodname_codeql %} workflow for compiled languages](/code-security/secure-coding/configuring-the-codeql-workflow-for-compiled-languages#adding-build-steps-for-a-compiled-language)." -### 检查 {% data variables.product.prodname_codeql %} 数据库中源文件的副本 -您可以通过检查 {% data variables.product.prodname_codeql %} 数据库中包含的源代码副本来了解为什么没有分析某些源文件。 要从 Actions 工作流中获取数据库,请修改 {% data variables.product.prodname_codeql %} 工作流文件的 `init` 步骤,并设置 `debug: true`。 +### Inspect the copy of the source files in the {% data variables.product.prodname_codeql %} database +You may be able to understand why some source files haven't been analyzed by inspecting the copy of the source code included with the {% data variables.product.prodname_codeql %} database. To obtain the database from your Actions workflow, modify the `init` step of your {% data variables.product.prodname_codeql %} workflow file and set `debug: true`. ```yaml - name: Initialize CodeQL @@ -179,86 +178,89 @@ ms.locfileid: '147444619' debug: true ``` -这会将数据库作为操作构件上传,您可以将其下载到本地计算机。 有关详细信息,请参阅“[存储工作流工件](/actions/guides/storing-workflow-data-as-artifacts)”。 +This uploads the database as an actions artifact that you can download to your local machine. For more information, see "[Storing workflow artifacts](/actions/guides/storing-workflow-data-as-artifacts)." -该构件将包含由名为 src.zip 的 {% data variables.product.prodname_codeql %} 扫描的源文件存档副本。 如果比较存储库中的源代码文件和 src.zip 中的文件,则可以看到缺少哪些类型的文件。 一旦您知道了哪些类型的文件没有被分析,就更容易理解了如何更改 {% data variables.product.prodname_codeql %} 分析的工作流程。 +The artifact will contain an archived copy of the source files scanned by {% data variables.product.prodname_codeql %} called _src.zip_. If you compare the source code files in the repository and the files in _src.zip_, you can see which types of file are missing. Once you know what types of file are not being analyzed, it is easier to understand how you may need to change the workflow for {% data variables.product.prodname_codeql %} analysis. -## 在生成的代码中找到的警报 +## Alerts found in generated code {% data reusables.code-scanning.alerts-found-in-generated-code %} -## 数据库中的提取错误 +## Extraction errors in the database -{% data variables.product.prodname_codeql %} 团队不断处理关键的提取错误,以确保可以扫描所有源文件。 但是,{% data variables.product.prodname_codeql %} 提取程序偶尔会在数据库创建过程中生成错误。 {% data variables.product.prodname_codeql %} 提供有关在日志文件中创建数据库期间生成的提取错误和警告的信息。 提取诊断信息指示数据库的整体运行状况。 大多数提取程序错误不会显著影响分析。 少量提取程序错误是正常的,通常表示分析状态良好。 +The {% data variables.product.prodname_codeql %} team constantly works on critical extraction errors to make sure that all source files can be scanned. However, the {% data variables.product.prodname_codeql %} extractors do occasionally generate errors during database creation. {% data variables.product.prodname_codeql %} provides information about extraction errors and warnings generated during database creation in a log file. +The extraction diagnostics information gives an indication of overall database health. Most extractor errors do not significantly impact the analysis. A small number of extractor errors is healthy and typically indicates a good state of analysis. -但是,如果在数据库创建期间编译的绝大多数文件中看到提取程序错误,则应更详细地查看这些错误,以尝试了解为什么某些源文件未正确提取。 +However, if you see extractor errors in the overwhelming majority of files that were compiled during database creation, you should look into the errors in more detail to try to understand why some source files weren't extracted properly. {% else %} -## 我的存储库中有部分内容未使用 `autobuild` 进行分析 +## Portions of my repository were not analyzed using `autobuild` -{% data variables.product.prodname_codeql %} `autobuild` 功能使用启发式方法在存储库中构建代码,但有时这种方法会导致对存储库的分析不完整。 例如,当单个存储库中存在多个 `build.sh` 命令时,分析可能不完整,因为 `autobuild` 步骤将只执行其中一个命令。 解决方案是将 `autobuild` 步骤替换为可构建要分析的所有源代码的构建步骤。 有关详细信息,请参阅“[为已编译语言配置 {% data variables.product.prodname_codeql %} 工作流](/code-security/secure-coding/configuring-the-codeql-workflow-for-compiled-languages#adding-build-steps-for-a-compiled-language)”。 +The {% data variables.product.prodname_codeql %} `autobuild` feature uses heuristics to build the code in a repository, however, sometimes this approach results in incomplete analysis of a repository. For example, when multiple `build.sh` commands exist in a single repository, the analysis may not complete since the `autobuild` step will only execute one of the commands. The solution is to replace the `autobuild` step with build steps which build all of the source code which you wish to analyze. For more information, see "[Configuring the {% data variables.product.prodname_codeql %} workflow for compiled languages](/code-security/secure-coding/configuring-the-codeql-workflow-for-compiled-languages#adding-build-steps-for-a-compiled-language)." {% endif %} -## 构建耗时过长 +## The build takes too long -如果使用 {% data variables.product.prodname_codeql %} 分析进行的构建花费的时间太长,则可以尝试几种方法来减少构建时间。 +If your build with {% data variables.product.prodname_codeql %} analysis takes too long to run, there are several approaches you can try to reduce the build time. -### 增加内存或内核 +### Increase the memory or cores -如果使用自托管运行器运行 {% data variables.product.prodname_codeql %} 分析,您可以增加这些运行器上的内存或内核数。 +If you use self-hosted runners to run {% data variables.product.prodname_codeql %} analysis, you can increase the memory or the number of cores on those runners. -### 使用矩阵构建来并行化分析 +### Use matrix builds to parallelize the analysis -默认 {% data variables.product.prodname_codeql_workflow %} 使用语言的矩阵,这会导致每种语言的分析并行运行。 如果在“初始化 CodeQL”步骤中指定了要直接分析的语言,则将依次进行每种语言的分析。 要加快对多种语言的分析,请修改工作流程以使用矩阵。 有关详细信息,请参阅上述“[编译语言的自动生成失败](#automatic-build-for-a-compiled-language-fails)”中的工作流提取。 +The default {% data variables.product.prodname_codeql_workflow %} uses a matrix of languages, which causes the analysis of each language to run in parallel. If you have specified the languages you want to analyze directly in the "Initialize CodeQL" step, analysis of each language will happen sequentially. To speed up analysis of multiple languages, modify your workflow to use a matrix. For more information, see the workflow extract in "[Automatic build for a compiled language fails](#automatic-build-for-a-compiled-language-fails)" above. -### 减少单个工作流程中要分析的代码量 +### Reduce the amount of code being analyzed in a single workflow -分析时间通常与所分析的代码量成正比。 您可以通过减少一次分析的代码量来缩短分析时间,例如,排除测试代码,或将分析分解为多个工作流程,这些工作流程一次只分析一部分代码。 +Analysis time is typically proportional to the amount of code being analyzed. You can reduce the analysis time by reducing the amount of code being analyzed at once, for example, by excluding test code, or breaking analysis into multiple workflows that analyze only a subset of your code at a time. {% data reusables.code-scanning.alerts-found-in-generated-code %} -如果你按上文所述将分析拆分为多个工作流,我们仍然建议你至少保留一个按 `schedule` 运行的工作流分析存储库中的所有代码。 因为 {% data variables.product.prodname_codeql %} 分析组件之间的数据流量,所以某些复杂的安全行为只能在完整的构建中检测到。 +If you split your analysis into multiple workflows as described above, we still recommend that you have at least one workflow which runs on a `schedule` which analyzes all of the code in your repository. Because {% data variables.product.prodname_codeql %} analyzes data flows between components, some complex security behaviors may only be detected on a complete build. -### 仅在 `schedule` 事件期间运行 +### Run only during a `schedule` event -如果分析速度太慢,而无法在 `push` 或 `pull_request` 事件期间运行,建议仅在 `schedule` 事件上触发分析。 有关详细信息,请参阅“[事件](/actions/learn-github-actions/introduction-to-github-actions#events)”。 +If your analysis is still too slow to be run during `push` or `pull_request` events, then you may want to only trigger analysis on the `schedule` event. For more information, see "[Events](/actions/learn-github-actions/introduction-to-github-actions#events)." -### 检查工作流程运行的查询套件 +### Check which query suites the workflow runs -默认情况下,每种语言都有三个主要查询套件可用。 如果已优化 CodeQL 数据库生成,但过程仍然太长,则可以减少运行的查询数。 默认查询套件将自动运行;它包含最快的安全查询,误报结果率最低。 +By default, there are three main query suites available for each language. If you have optimized the CodeQL database build and the process is still too long, you could reduce the number of queries you run. The default query suite is run automatically; it contains the fastest security queries with the lowest rates of false positive results. -除了默认查询之外,您可能还会运行额外的查询或查询套件。 检查工作流是否定义了其他查询套件或要使用 `queries` 元素运行的其他查询。 您可以尝试禁用其他一个或多个查询套件。 有关详细信息,请参阅“[配置 {% data variables.product.prodname_code_scanning %}](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs)”。 +You may be running extra queries or query suites in addition to the default queries. Check whether the workflow defines an additional query suite or additional queries to run using the `queries` element. You can experiment with disabling the additional query suite or queries. For more information, see "[Configuring {% data variables.product.prodname_code_scanning %}](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs)." -{% ifversion codeql-ml-queries %} {% note %} +{% ifversion codeql-ml-queries %} +{% note %} -**注意:** 如果运行 `security-extended` JavaScript 或 `security-and-quality` 查询套件,则某些查询使用实验技术。 有关详细信息,请参阅“[关于代码扫描警报](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-alerts#about-experimental-alerts)”。 -{% endnote %} {% endif %} +**Note:** If you run the `security-extended` or `security-and-quality` query suite for JavaScript, then some queries use experimental technology. For more information, see "[About code scanning alerts](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-alerts#about-experimental-alerts)." +{% endnote %} +{% endif %} {% ifversion fpt or ghec %} -## 分析平台之间的结果差异 +## Results differ between analysis platforms -如果您分析的是使用 Python 编写的代码,根据您是在 Linux、macOS 还是 Windows 上运行 {% data variables.product.prodname_codeql_workflow %},可能会看到不同的结果。 +If you are analyzing code written in Python, you may see different results depending on whether you run the {% data variables.product.prodname_codeql_workflow %} on Linux, macOS, or Windows. -在使用 Linux 的 GitHub 托管运行器上,{% data variables.product.prodname_codeql_workflow %} 会尝试安装和分析 Python 依赖项,这可能导致更多结果。 若要禁用自动安装,请将 `setup-python-dependencies: false` 添加到工作流的“初始化 CodeQL”步骤。 有关配置 Python 依赖项分析的详细信息,请参阅“[分析 Python 依赖项](/code-security/secure-coding/configuring-code-scanning#analyzing-python-dependencies)”。 +On GitHub-hosted runners that use Linux, the {% data variables.product.prodname_codeql_workflow %} tries to install and analyze Python dependencies, which could lead to more results. To disable the auto-install, add `setup-python-dependencies: false` to the "Initialize CodeQL" step of the workflow. For more information about configuring the analysis of Python dependencies, see "[Analyzing Python dependencies](/code-security/secure-coding/configuring-code-scanning#analyzing-python-dependencies)." {% endif %} -## 错误:“服务器错误” +## Error: "Server error" -如果 {% data variables.product.prodname_code_scanning %} 的工作流程运行因服务器错误而失败,请尝试再次运行工作流程。 如果问题仍然存在,请联系 {% data variables.contact.contact_support %}。 +If the run of a workflow for {% data variables.product.prodname_code_scanning %} fails due to a server error, try running the workflow again. If the problem persists, contact {% data variables.contact.contact_support %}. -## 错误:“磁盘不足”或“内存不足” +## Error: "Out of disk" or "Out of memory" -在非常大的项目中, {% data variables.product.prodname_codeql %} 运行器上的磁盘或内存可能会耗尽。 -{% ifversion fpt or ghec %}如果你在托管的 {% data variables.product.prodname_actions %} 运行器上遇到此问题,请联系 {% data variables.contact.contact_support %},以便我们对问题调查。 -{% else %}如果遇到此问题,请尝试增加运行器上的内存。{% endif %} +On very large projects, {% data variables.product.prodname_codeql %} may run out of disk or memory on the runner. +{% ifversion fpt or ghec %}If you encounter this issue on a hosted {% data variables.product.prodname_actions %} runner, contact {% data variables.contact.contact_support %} so that we can investigate the problem. +{% else %}If you encounter this issue, try increasing the memory on the runner.{% endif %} {% ifversion fpt or ghec %} -## 使用 {% data variables.product.prodname_dependabot %} 时出现错误:403“集成无法访问资源” +## Error: 403 "Resource not accessible by integration" when using {% data variables.product.prodname_dependabot %} -{% data variables.product.prodname_dependabot %} 在触发工作流运行时被视为不信任,工作流程将以只读范围运行。 为分支上传 {% data variables.product.prodname_code_scanning %} 结果通常需要 `security_events: write` 范围。 但是,当 `pull_request` 事件触发操作运行时,{% data variables.product.prodname_code_scanning %} 始终允许上传结果。 因此,对于 {% data variables.product.prodname_dependabot %} 分支,建议使用 `pull_request` 事件,而不是 `push` 事件。 +{% data variables.product.prodname_dependabot %} is considered untrusted when it triggers a workflow run, and the workflow will run with read-only scopes. Uploading {% data variables.product.prodname_code_scanning %} results for a branch usually requires the `security_events: write` scope. However, {% data variables.product.prodname_code_scanning %} always allows the uploading of results when the `pull_request` event triggers the action run. This is why, for {% data variables.product.prodname_dependabot %} branches, we recommend you use the `pull_request` event instead of the `push` event. -一个简单的方法是推送到默认分支和任何其他重要的长期分支,以及在此组分支上打开的拉取请求: +A simple approach is to run on pushes to the default branch and any other important long-running branches, as well as pull requests opened against this set of branches: ```yaml on: push: @@ -268,7 +270,7 @@ on: branches: - main ``` -另一种方法是运行除 {% data variables.product.prodname_dependabot %} 分支以外的所有推送: +An alternative approach is to run on all pushes except for {% data variables.product.prodname_dependabot %} branches: ```yaml on: push: @@ -277,27 +279,27 @@ on: pull_request: ``` -### 默认分支上的分析仍然失败 +### Analysis still failing on the default branch -如果 {% data variables.product.prodname_codeql_workflow %} 在默认分支上的提交仍然失败,您需要检查: -- {% data variables.product.prodname_dependabot %} 是否撰写了提交 -- 包含该提交的请求是否已使用 `@dependabot squash and merge` 进行合并 +If the {% data variables.product.prodname_codeql_workflow %} still fails on a commit made on the default branch, you need to check: +- whether {% data variables.product.prodname_dependabot %} authored the commit +- whether the pull request that includes the commit has been merged using `@dependabot squash and merge` -此类型的合并提交由 {% data variables.product.prodname_dependabot %} 编写,因此在提交上运行的任何工作流程都将具有只读权限。 如果在存储库上启用了 {% data variables.product.prodname_code_scanning %} 和 {% data variables.product.prodname_dependabot %} 安全更新或版本更新,建议避免使用 {% data variables.product.prodname_dependabot %} `@dependabot squash and merge` 命令。 不过,你可以为存储库启用自动合并。 这意味着,如果满足所有必需的评审并已通过状态检查,将自动合并拉取请求。 有关启用自动合并的详细信息,请参阅“[自动合并拉取请求](/github/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/automatically-merging-a-pull-request#enabling-auto-merge)”。 +This type of merge commit is authored by {% data variables.product.prodname_dependabot %} and therefore, any workflows running on the commit will have read-only permissions. If you enabled {% data variables.product.prodname_code_scanning %} and {% data variables.product.prodname_dependabot %} security updates or version updates on your repository, we recommend you avoid using the {% data variables.product.prodname_dependabot %} `@dependabot squash and merge` command. Instead, you can enable auto-merge for your repository. This means that pull requests will be automatically merged when all required reviews are met and status checks have passed. For more information about enabling auto-merge, see "[Automatically merging a pull request](/github/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/automatically-merging-a-pull-request#enabling-auto-merge)." {% endif %} -## 错误:“不是 .ql 文件、.qls 文件、目录或查询包规范” +## Error: "is not a .ql file, .qls file, a directory, or a query pack specification" -如果 CodeQL 在工作流中请求的位置找不到命名查询、查询套件或查询包,则会看到此错误。 此错误有两个常见的原因。 +You will see this error if CodeQL is unable to find the named query, query suite, or query pack at the location requested in the workflow. There are two common reasons for this error. -- 工作流中有拼写错误。 -- 工作流通过路径引用的资源被重命名、删除或移动到新位置。 +- There is a typo in the workflow. +- A resource the workflow refers to by path was renamed, deleted, or moved to a new location. -验证资源的位置后,可以更新工作流以指定正确的位置。 如果在 Go 分析中运行其他查询,则可能受到源文件重定位的影响。 有关详细信息,请参阅[重定位公告:`github/codeql-go` 移动到 github/codeql-go 存储库中的 `github/codeql`](https://github.com/github/codeql-go/issues/741)。 +After verifying the location of the resource, you can update the workflow to specify the correct location. If you run additional queries in Go analysis, you may have been affected by the relocation of the source files. For more information, see [Relocation announcement: `github/codeql-go` moving into `github/codeql`](https://github.com/github/codeql-go/issues/741) in the github/codeql-go repository. -## 警告:“不再需要 git checkout HEAD^2” +## Warning: "git checkout HEAD^2 is no longer necessary" -如果您使用的是旧 {% data variables.product.prodname_codeql %} 工作流程,您可能会在输出中收到来自“初始化 {% data variables.product.prodname_codeql %}”操作的以下警告: +If you're using an old {% data variables.product.prodname_codeql %} workflow you may get the following warning in the output from the "Initialize {% data variables.product.prodname_codeql %}" action: ``` Warning: 1 issue was detected with this workflow: git checkout HEAD^2 is no longer @@ -305,7 +307,7 @@ necessary. Please remove this step as Code Scanning recommends analyzing the mer commit for best results. ``` -通过从 {% data variables.product.prodname_codeql %} 工作流程中删除以下行来修复此问题。 这些行包含在 {% data variables.product.prodname_codeql %} 工作流初始版本中 `Analyze` 作业的 `steps` 部分。 +Fix this by removing the following lines from the {% data variables.product.prodname_codeql %} workflow. These lines were included in the `steps` section of the `Analyze` job in initial versions of the {% data variables.product.prodname_codeql %} workflow. ```yaml with: @@ -319,7 +321,7 @@ commit for best results. if: {% raw %}${{ github.event_name == 'pull_request' }}{% endraw %} ``` -修改后的工作流的 `steps` 部分将如下所示: +The revised `steps` section of the workflow will look like this: ```yaml steps: @@ -333,4 +335,4 @@ commit for best results. ... ``` -有关编辑 {% data variables.product.prodname_codeql %} 工作流文件的详细信息,请参阅“[配置 {% data variables.product.prodname_code_scanning %}](/code-security/secure-coding/configuring-code-scanning#editing-a-code-scanning-workflow)”。 +For more information about editing the {% data variables.product.prodname_codeql %} workflow file, see "[Configuring {% data variables.product.prodname_code_scanning %}](/code-security/secure-coding/configuring-code-scanning#editing-a-code-scanning-workflow)." diff --git a/translations/zh-CN/content/code-security/code-scanning/integrating-with-code-scanning/about-integration-with-code-scanning.md b/translations/zh-CN/content/code-security/code-scanning/integrating-with-code-scanning/about-integration-with-code-scanning.md index 30e5c22aa7..91b0d93bb8 100644 --- a/translations/zh-CN/content/code-security/code-scanning/integrating-with-code-scanning/about-integration-with-code-scanning.md +++ b/translations/zh-CN/content/code-security/code-scanning/integrating-with-code-scanning/about-integration-with-code-scanning.md @@ -1,7 +1,7 @@ --- -title: 关于与代码扫描的集成 +title: About integration with code scanning shortTitle: About integration -intro: '您可以在外部执行 {% data variables.product.prodname_code_scanning %},然后在 {% data variables.product.prodname_dotcom %} 中显示结果,或者设置侦听仓库中 {% data variables.product.prodname_code_scanning %} 活动的 web 挂钩。' +intro: 'You can perform {% data variables.product.prodname_code_scanning %} externally and then display the results in {% data variables.product.prodname_dotcom %}, or set up webhooks that listen to {% data variables.product.prodname_code_scanning %} activity in your repository.' product: '{% data reusables.gated-features.code-scanning %}' redirect_from: - /github/finding-security-vulnerabilities-and-errors-in-your-code/about-integration-with-code-scanning @@ -18,27 +18,26 @@ topics: - Code scanning - Webhooks - Integration -ms.openlocfilehash: b12f5146a90cae0ed1bd38d452e43eb611232e72 -ms.sourcegitcommit: 47bd0e48c7dba1dde49baff60bc1eddc91ab10c5 -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/05/2022 -ms.locfileid: '145099099' --- -{% data reusables.code-scanning.beta %} {% data reusables.code-scanning.enterprise-enable-code-scanning %} -作为在 {% data variables.product.prodname_dotcom %} 中运行 {% data variables.product.prodname_code_scanning %} 的替代方法,您可以在其他地方执行分析,然后上传结果。 在外部运行的 {% data variables.product.prodname_code_scanning %} 的警报显示方式与在 {% data variables.product.prodname_dotcom %} 内运行的 {% data variables.product.prodname_code_scanning %} 的警报显示方式相同。 有关详细信息,请参阅“[管理存储库的 {% data variables.product.prodname_code_scanning %} 警报](/code-security/secure-coding/managing-code-scanning-alerts-for-your-repository)”。 -如果使用可生成结果为静态分析结果交换格式 (SARIF) 2.1.0 数据的第三方静态分析工具,您可以将其上传到 {% data variables.product.prodname_dotcom %}。 有关详细信息,请参阅“[将 SARIF 文件上传到 GitHub](/code-security/secure-coding/uploading-a-sarif-file-to-github)”。 +{% data reusables.code-scanning.beta %} +{% data reusables.code-scanning.enterprise-enable-code-scanning %} -{% ifversion fpt or ghes > 3.4 or ghae-issue-6251 or ghec %} {% data reusables.code-scanning.about-analysis-origins-link %} {% endif %} +As an alternative to running {% data variables.product.prodname_code_scanning %} within {% data variables.product.prodname_dotcom %}, you can perform analysis elsewhere and then upload the results. Alerts for {% data variables.product.prodname_code_scanning %} that you run externally are displayed in the same way as those for {% data variables.product.prodname_code_scanning %} that you run within {% data variables.product.prodname_dotcom %}. For more information, see "[Managing {% data variables.product.prodname_code_scanning %} alerts for your repository](/code-security/secure-coding/managing-code-scanning-alerts-for-your-repository)." -## 与 web 挂钩集成 +If you use a third-party static analysis tool that can produce results as Static Analysis Results Interchange Format (SARIF) 2.1.0 data, you can upload this to {% data variables.product.prodname_dotcom %}. For more information, see "[Uploading a SARIF file to GitHub](/code-security/secure-coding/uploading-a-sarif-file-to-github)." -可以使用 {% data variables.product.prodname_code_scanning %} Webhook 构建或设置集成,例如 [{% data variables.product.prodname_github_apps %}](/apps/building-github-apps/) 或 [{% data variables.product.prodname_oauth_apps %}](/apps/building-oauth-apps/),以订阅存储库中的 {% data variables.product.prodname_code_scanning %} 事件。 例如,可以构建在 {% data variables.product.product_name %} 上创建问题,或者在存储库中新增 {% data variables.product.prodname_code_scanning %} 警报时向你发送 Slack 通知的集成。 有关详细信息,请参阅“[创建 Webhook](/developers/webhooks-and-events/creating-webhooks)”和“[Webhook 事件和有效负载](/developers/webhooks-and-events/webhook-events-and-payloads#code_scanning_alert)”。 +{% ifversion fpt or ghes > 3.4 or ghae > 3.4 or ghec %} +{% data reusables.code-scanning.about-analysis-origins-link %} +{% endif %} -## 延伸阅读 +## Integrations with webhooks -* [关于 {% data variables.product.prodname_code_scanning %}](/code-security/secure-coding/about-code-scanning) -* [将 {% data variables.product.prodname_codeql %} {% data variables.product.prodname_code_scanning %} 与现有 CI 系统配合使用](/code-security/secure-coding/using-codeql-code-scanning-with-your-existing-ci-system) -* [{% data variables.product.prodname_code_scanning %} 的 SARIF 支持](/code-security/secure-coding/sarif-support-for-code-scanning) +You can use {% data variables.product.prodname_code_scanning %} webhooks to build or set up integrations, such as [{% data variables.product.prodname_github_apps %}](/apps/building-github-apps/) or [{% data variables.product.prodname_oauth_apps %}](/apps/building-oauth-apps/), that subscribe to {% data variables.product.prodname_code_scanning %} events in your repository. For example, you could build an integration that creates an issue on {% data variables.product.product_name %} or sends you a Slack notification when a new {% data variables.product.prodname_code_scanning %} alert is added in your repository. For more information, see "[Creating webhooks](/developers/webhooks-and-events/creating-webhooks)" and "[Webhook events and payloads](/developers/webhooks-and-events/webhook-events-and-payloads#code_scanning_alert)." + +## Further reading + +* "[About {% data variables.product.prodname_code_scanning %}](/code-security/secure-coding/about-code-scanning)" +* "[Using {% data variables.product.prodname_codeql %} {% data variables.product.prodname_code_scanning %} with your existing CI system](/code-security/secure-coding/using-codeql-code-scanning-with-your-existing-ci-system)" +* "[SARIF support for {% data variables.product.prodname_code_scanning %}](/code-security/secure-coding/sarif-support-for-code-scanning)" diff --git a/translations/zh-CN/content/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/about-codeql-code-scanning-in-your-ci-system.md b/translations/zh-CN/content/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/about-codeql-code-scanning-in-your-ci-system.md index 73135f1be7..2f4203d676 100644 --- a/translations/zh-CN/content/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/about-codeql-code-scanning-in-your-ci-system.md +++ b/translations/zh-CN/content/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/about-codeql-code-scanning-in-your-ci-system.md @@ -1,7 +1,7 @@ --- -title: 关于 CI 系统中的 CodeQL 代码扫描 +title: About CodeQL code scanning in your CI system shortTitle: Code scanning in your CI -intro: '您可以在第三方持续集成 系统中用 {% data variables.product.prodname_codeql %} 分析您的代码,并将结果上传到 {% data variables.product.product_location %}。 由此产生的 {% data variables.product.prodname_code_scanning %} 警报与 {% data variables.product.product_name %} 内生成的任何警报一起显示。' +intro: 'You can analyze your code with {% data variables.product.prodname_codeql %} in a third-party continuous integration system and upload the results to {% data variables.product.product_location %}. The resulting {% data variables.product.prodname_code_scanning %} alerts are shown alongside any alerts generated within {% data variables.product.product_name %}.' product: '{% data reusables.gated-features.code-scanning %}' versions: fpt: '*' @@ -20,20 +20,15 @@ topics: redirect_from: - /code-security/secure-coding/about-codeql-code-scanning-in-your-ci-system - /code-security/secure-coding/using-codeql-code-scanning-with-your-existing-ci-system/about-codeql-code-scanning-in-your-ci-system -ms.openlocfilehash: 9f64b56bb5c766aaeb9a9fd59d8f7f009f19fa89 -ms.sourcegitcommit: 47bd0e48c7dba1dde49baff60bc1eddc91ab10c5 -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/05/2022 -ms.locfileid: '147061448' --- -{% data reusables.code-scanning.beta %} {% data reusables.code-scanning.enterprise-enable-code-scanning %} +{% data reusables.code-scanning.beta %} +{% data reusables.code-scanning.enterprise-enable-code-scanning %} -## 关于 CI 系统中的 {% data variables.product.prodname_codeql %} {% data variables.product.prodname_code_scanning %} +## About {% data variables.product.prodname_codeql %} {% data variables.product.prodname_code_scanning %} in your CI system -{% data reusables.code-scanning.about-code-scanning %} 有关信息,请参阅“[关于使用 {% data variables.product.prodname_codeql %} 进行 {% data variables.product.prodname_code_scanning %}](/code-security/secure-coding/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-with-codeql)”。 +{% data reusables.code-scanning.about-code-scanning %} For information, see "[About {% data variables.product.prodname_code_scanning %} with {% data variables.product.prodname_codeql %}](/code-security/secure-coding/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-with-codeql)." {% data reusables.code-scanning.codeql-context-for-actions-and-third-party-tools %} @@ -41,28 +36,30 @@ ms.locfileid: '147061448' {% data reusables.code-scanning.codeql-cli-context-for-third-party-tools %} -{% ifversion fpt or ghes > 3.4 or ghae-issue-6251 or ghec %} {% data reusables.code-scanning.about-analysis-origins-link %} {% endif %} +{% ifversion fpt or ghes > 3.4 or ghae > 3.4 or ghec %} +{% data reusables.code-scanning.about-analysis-origins-link %} +{% endif %} {% data reusables.code-scanning.upload-sarif-ghas %} -## 关于 {% data variables.product.prodname_codeql_cli %} +## About the {% data variables.product.prodname_codeql_cli %} {% data reusables.code-scanning.what-is-codeql-cli %} -使用 {% data variables.product.prodname_codeql_cli %} 分析: +Use the {% data variables.product.prodname_codeql_cli %} to analyze: -- 动态语言,例如 JavaScript 和 Python。 -- 编译的语言,例如 C/C++、C# 和 Java。 -- 以多种语言编写的代码库。 +- Dynamic languages, for example, JavaScript and Python. +- Compiled languages, for example, C/C++, C# and Java. +- Codebases written in a mixture of languages. -有关详细信息,请参阅“[在 CI 系统中安装 {% data variables.product.prodname_codeql_cli %}](/code-security/secure-coding/using-codeql-code-scanning-with-your-existing-ci-system/installing-codeql-cli-in-your-ci-system)”。 +For more information, see "[Installing {% data variables.product.prodname_codeql_cli %} in your CI system](/code-security/secure-coding/using-codeql-code-scanning-with-your-existing-ci-system/installing-codeql-cli-in-your-ci-system)." {% data reusables.code-scanning.licensing-note %} {% ifversion ghes = 3.2 %} -自版本 2.6.3 以来,{% data variables.product.prodname_codeql_cli %} 与 {% data variables.product.prodname_codeql_runner %} 的功能完全同等。 +Since version 2.6.3, the {% data variables.product.prodname_codeql_cli %} has had full feature parity with the {% data variables.product.prodname_codeql_runner %}. {% data reusables.code-scanning.deprecation-codeql-runner %} diff --git a/translations/zh-CN/content/code-security/dependabot/dependabot-alerts/browsing-security-advisories-in-the-github-advisory-database.md b/translations/zh-CN/content/code-security/dependabot/dependabot-alerts/browsing-security-advisories-in-the-github-advisory-database.md index 0a31422a67..0db86c6b94 100644 --- a/translations/zh-CN/content/code-security/dependabot/dependabot-alerts/browsing-security-advisories-in-the-github-advisory-database.md +++ b/translations/zh-CN/content/code-security/dependabot/dependabot-alerts/browsing-security-advisories-in-the-github-advisory-database.md @@ -52,7 +52,7 @@ Generally, we name our supported ecosystems after the software programming langu - Composer (registry: https://packagist.org/){% ifversion GH-advisory-db-erlang-support %} - Erlang (registry: https://hex.pm/){% endif %} - Go (registry: https://pkg.go.dev/) -{%- ifversion fpt or ghec or ghes > 3.6 or ghae-issue-7508 %} +{%- ifversion fpt or ghec or ghes > 3.6 or ghae > 3.6 %} - GitHub Actions (https://github.com/marketplace?type=actions/) {% endif %} - Maven (registry: https://repo.maven.apache.org/maven2) - npm (registry: https://www.npmjs.com/) diff --git a/translations/zh-CN/content/code-security/dependabot/dependabot-alerts/viewing-and-updating-dependabot-alerts.md b/translations/zh-CN/content/code-security/dependabot/dependabot-alerts/viewing-and-updating-dependabot-alerts.md index 146c44a368..28df5d5e99 100644 --- a/translations/zh-CN/content/code-security/dependabot/dependabot-alerts/viewing-and-updating-dependabot-alerts.md +++ b/translations/zh-CN/content/code-security/dependabot/dependabot-alerts/viewing-and-updating-dependabot-alerts.md @@ -26,7 +26,7 @@ topics: {% data reusables.dependabot.beta-security-and-version-updates %} {% data reusables.dependabot.enterprise-enable-dependabot %} -Your repository's {% data variables.product.prodname_dependabot_alerts %} tab lists all open and closed {% data variables.product.prodname_dependabot_alerts %}{% ifversion fpt or ghec or ghes > 3.2 %} and corresponding {% data variables.product.prodname_dependabot_security_updates %}{% endif %}. You can{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5638 %} filter alerts by package, ecosystem, or manifest. You can {% endif %} sort the list of alerts, and you can click into specific alerts for more details. {% ifversion dependabot-bulk-alerts %}You can also dismiss or reopen alerts, either one by one or by selecting multiple alerts at once.{% else %}You can also dismiss or reopen alerts. {% endif %} For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)." +Your repository's {% data variables.product.prodname_dependabot_alerts %} tab lists all open and closed {% data variables.product.prodname_dependabot_alerts %}{% ifversion fpt or ghec or ghes > 3.2 %} and corresponding {% data variables.product.prodname_dependabot_security_updates %}{% endif %}. You can{% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %} filter alerts by package, ecosystem, or manifest. You can {% endif %} sort the list of alerts, and you can click into specific alerts for more details. {% ifversion dependabot-bulk-alerts %}You can also dismiss or reopen alerts, either one by one or by selecting multiple alerts at once.{% else %}You can also dismiss or reopen alerts. {% endif %} For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)." {% ifversion fpt or ghec or ghes > 3.2 %} You can enable automatic security updates for any repository that uses {% data variables.product.prodname_dependabot_alerts %} and the dependency graph. For more information, see "[About {% data variables.product.prodname_dependabot_security_updates %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates)." @@ -39,7 +39,7 @@ You can enable automatic security updates for any repository that uses {% data v Each {% data variables.product.prodname_dependabot %} alert has a unique numeric identifier and the {% data variables.product.prodname_dependabot_alerts %} tab lists an alert for every detected vulnerability. Legacy {% data variables.product.prodname_dependabot_alerts %} grouped vulnerabilities by dependency and generated a single alert per dependency. If you navigate to a legacy {% data variables.product.prodname_dependabot %} alert, you will be redirected to a {% data variables.product.prodname_dependabot_alerts %} tab filtered for that package. {% endif %} -{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5638 %} +{% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %} You can filter and sort {% data variables.product.prodname_dependabot_alerts %} using a variety of filters and sort options available on the user interface. For more information, see "[Prioritizing {% data variables.product.prodname_dependabot_alerts %}](#prioritizing-across--data-variablesproductprodname_dependabot_alerts-)" below. ## Prioritizing {% data variables.product.prodname_dependabot_alerts %} @@ -107,7 +107,7 @@ For more information, see "[Reviewing and fixing alerts](#reviewing-and-fixing-a ## Viewing {% data variables.product.prodname_dependabot_alerts %} -{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5638 %} +{% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %} {% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-security %} {% data reusables.repositories.sidebar-dependabot-alerts %} diff --git a/translations/zh-CN/content/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates.md b/translations/zh-CN/content/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates.md index 1c9f48b83e..c653fba912 100644 --- a/translations/zh-CN/content/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates.md +++ b/translations/zh-CN/content/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates.md @@ -1,6 +1,6 @@ --- -title: 关于 Dependabot 安全更新 -intro: '{% data variables.product.prodname_dependabot %} 可通过提出安全更新拉取请求为您修复有漏洞依赖项。' +title: About Dependabot security updates +intro: '{% data variables.product.prodname_dependabot %} can fix vulnerable dependencies for you by raising pull requests with security updates.' shortTitle: Dependabot security updates redirect_from: - /github/managing-security-vulnerabilities/about-github-dependabot-security-updates @@ -19,55 +19,50 @@ topics: - Repositories - Dependencies - Pull requests -ms.openlocfilehash: 993fb0c4a810f24c63d0b4063029a7a5801ff85a -ms.sourcegitcommit: 478f2931167988096ae6478a257f492ecaa11794 -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/09/2022 -ms.locfileid: '147861666' --- + -{% data reusables.dependabot.beta-security-and-version-updates %} {% data reusables.dependabot.enterprise-enable-dependabot %} +{% data reusables.dependabot.beta-security-and-version-updates %} +{% data reusables.dependabot.enterprise-enable-dependabot %} -## 关于 {% data variables.product.prodname_dependabot_security_updates %} +## About {% data variables.product.prodname_dependabot_security_updates %} -{% data variables.product.prodname_dependabot_security_updates %} 使您更容易修复仓库中的有漏洞依赖项。 如果启用此功能,当针对存储库依赖项关系图中有漏洞的依赖项发出 {% data variables.product.prodname_dependabot %} 警报时,{% data variables.product.prodname_dependabot %} 将自动尝试对其进行修复。 有关详细信息,请参阅“[关于 {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)”和“[配置 {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/configuring-dependabot-security-updates)”。 +{% data variables.product.prodname_dependabot_security_updates %} make it easier for you to fix vulnerable dependencies in your repository. If you enable this feature, when a {% data variables.product.prodname_dependabot %} alert is raised for a vulnerable dependency in the dependency graph of your repository, {% data variables.product.prodname_dependabot %} automatically tries to fix it. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)" and "[Configuring {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/configuring-dependabot-security-updates)." -{% data variables.product.prodname_dotcom %} 可能会向受最近发布的 {% data variables.product.prodname_dotcom %} 安全通告披露的漏洞影响的仓库发送 {% data variables.product.prodname_dependabot_alerts %}。 {% data reusables.security-advisory.link-browsing-advisory-db %} - -{% data variables.product.prodname_dependabot %} 将检查是否可以在不破坏仓库依赖关系图的情况下将有漏洞依赖项升级到已修复版本。 然后 {% data variables.product.prodname_dependabot %} 提出拉取请求以将依赖项更新到包含补丁的最低版本,并将拉取请求链接到 {% data variables.product.prodname_dependabot %} 警报,或者在警报中报告错误。 有关详细信息,请参阅“[排查 {% data variables.product.prodname_dependabot %} 错误](/github/managing-security-vulnerabilities/troubleshooting-dependabot-errors)”。 +{% data variables.product.prodname_dotcom %} may send {% data variables.product.prodname_dependabot_alerts %} to repositories affected by a vulnerability disclosed by a recently published {% data variables.product.prodname_dotcom %} security advisory. {% data reusables.security-advisory.link-browsing-advisory-db %} +{% data variables.product.prodname_dependabot %} checks whether it's possible to upgrade the vulnerable dependency to a fixed version without disrupting the dependency graph for the repository. Then {% data variables.product.prodname_dependabot %} raises a pull request to update the dependency to the minimum version that includes the patch and links the pull request to the {% data variables.product.prodname_dependabot %} alert, or reports an error on the alert. For more information, see "[Troubleshooting {% data variables.product.prodname_dependabot %} errors](/github/managing-security-vulnerabilities/troubleshooting-dependabot-errors)." +The {% data variables.product.prodname_dependabot_security_updates %} feature is available for repositories where you have enabled the dependency graph and {% data variables.product.prodname_dependabot_alerts %}. You will see a {% data variables.product.prodname_dependabot %} alert for every vulnerable dependency identified in your full dependency graph. However, security updates are triggered only for dependencies that are specified in a manifest or lock file. For more information, see "[About the dependency graph](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph#dependencies-included)." +{% ifversion dependabot-security-updates-unlock-transitive-dependencies %} {% note %} -注意:{% data variables.product.prodname_dependabot_security_updates %} 功能适用于已启用依赖项关系图和 {% data variables.product.prodname_dependabot_alerts %} 的存储库。 你将在完整依赖项关系图中看到针对已识别的每个有漏洞依赖项的 {% data variables.product.prodname_dependabot %} 警报。 但是,安全更新仅针对清单或锁定文件中指定的依赖项而触发。 有关详细信息,请参阅“[关于依赖项关系图](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph#dependencies-included)”。{% ifversion dependabot-security-updates-unlock-transitive-dependencies %} +**Note**: For npm, {% data variables.product.prodname_dependabot %} will raise a pull request to update an explicitly defined dependency to a secure version, even if it means updating the parent dependency or dependencies{% ifversion dependabot-security-updates-npm %}, or even removing a sub-dependency that is no longer needed by the parent{% endif %}. For other ecosystems, {% data variables.product.prodname_dependabot %} is unable to update an indirect or transitive dependency if it would also require an update to the parent dependency. For more information, see "[Dependabot tries to update dependencies without an alert](/en/code-security/dependabot/working-with-dependabot/troubleshooting-dependabot-errors#dependabot-tries-to-update-dependencies-without-an-alert)." -对于 npm,{% data variables.product.prodname_dependabot %} 会引发拉取请求,以将显式定义的依赖项更新到安全版本,即使这意味着更新父依赖项或其他依赖项。 对于其他生态系统,如果 {% data variables.product.prodname_dependabot %} 还需要更新父依赖项,则无法更新间接依赖项或可传递依赖项。 有关详细信息,请参阅“[Dependabot 尝试在没有警报的情况下更新依赖项](/en/code-security/dependabot/working-with-dependabot/troubleshooting-dependabot-errors#dependabot-tries-to-update-dependencies-without-an-alert)”。{% endif %} +{% endnote %}{% endif %} -{% endnote %} - -您可以启用相关功能 {% data variables.product.prodname_dependabot_version_updates %},这样无论 {% data variables.product.prodname_dependabot %} 是否检测到过期的依赖项,都可以提出拉取请求,以将清单更新到依赖项的最新版本。 有关详细信息,请参阅“[关于 {% data variables.product.prodname_dependabot %} 版本更新](/github/administering-a-repository/about-dependabot-version-updates)”。 +You can enable a related feature, {% data variables.product.prodname_dependabot_version_updates %}, so that {% data variables.product.prodname_dependabot %} raises pull requests to update the manifest to the latest version of the dependency, whenever it detects an outdated dependency. For more information, see "[About {% data variables.product.prodname_dependabot %} version updates](/github/administering-a-repository/about-dependabot-version-updates)." {% data reusables.dependabot.pull-request-security-vs-version-updates %} -## 关于安全更新的拉取请求 +## About pull requests for security updates -每个拉取请求都包含快速、安全地查看提议的修复程序并将其合并到项目中所需的全部内容。 这包括漏洞的相关信息,如发行说明、变更日志条目和提交详细信息。 无法访问仓库的 {% data variables.product.prodname_dependabot_alerts %} 的任何人都看不到拉取请求所解决的漏洞详细信息。 +Each pull request contains everything you need to quickly and safely review and merge a proposed fix into your project. This includes information about the vulnerability like release notes, changelog entries, and commit details. Details of which vulnerability a pull request resolves are hidden from anyone who does not have access to {% data variables.product.prodname_dependabot_alerts %} for the repository. -合并包含安全更新程序的拉取请求时,存储库相应的 {% data variables.product.prodname_dependabot %} 警报会标记为已解决。 有关 {% data variables.product.prodname_dependabot %} 拉取请求的详细信息,请参阅“[管理依赖项更新的拉取请求](/github/administering-a-repository/managing-pull-requests-for-dependency-updates)”。 +When you merge a pull request that contains a security update, the corresponding {% data variables.product.prodname_dependabot %} alert is marked as resolved for your repository. For more information about {% data variables.product.prodname_dependabot %} pull requests, see "[Managing pull requests for dependency updates](/github/administering-a-repository/managing-pull-requests-for-dependency-updates)." {% data reusables.dependabot.automated-tests-note %} {% ifversion fpt or ghec %} -## 关于兼容性分数 +## About compatibility scores -{% data variables.product.prodname_dependabot_security_updates %} 可能包括兼容性分数,以便您了解更新依赖项是否可能导致对项目的重大更改。 这些分数是根据已生成相同安全更新的其他公共仓库中的 CI 测试计算的。 更新的兼容性分数是在依赖项的特定版本之间进行更新时,CI 运行被视为通过的百分比。 +{% data variables.product.prodname_dependabot_security_updates %} may include compatibility scores to let you know whether updating a dependency could cause breaking changes to your project. These are calculated from CI tests in other public repositories where the same security update has been generated. An update's compatibility score is the percentage of CI runs that passed when updating between specific versions of the dependency. {% endif %} -## 关于 {% data variables.product.prodname_dependabot %} 安全更新通知 +## About notifications for {% data variables.product.prodname_dependabot %} security updates -您可以在 {% data variables.product.company_short %} 上过滤通知以显示 {% data variables.product.prodname_dependabot %} 安全更新。 有关详细信息,请参阅“[管理收件箱中的通知](/github/managing-subscriptions-and-notifications-on-github/managing-notifications-from-your-inbox#dependabot-custom-filters)”。 +You can filter your notifications on {% data variables.product.company_short %} to show {% data variables.product.prodname_dependabot %} security updates. For more information, see "[Managing notifications from your inbox](/github/managing-subscriptions-and-notifications-on-github/managing-notifications-from-your-inbox#dependabot-custom-filters)." diff --git a/translations/zh-CN/content/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates.md b/translations/zh-CN/content/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates.md index 9aa2d56b0c..320c6a0c45 100644 --- a/translations/zh-CN/content/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates.md +++ b/translations/zh-CN/content/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates.md @@ -56,7 +56,7 @@ You can also enable or disable {% data variables.product.prodname_dependabot_sec {% data reusables.repositories.sidebar-settings %} {% data reusables.repositories.navigate-to-code-security-and-analysis %} 1. Under "Code security and analysis", to the right of "{% data variables.product.prodname_dependabot %} security updates", click **Enable** to enable the feature or **Disable** to disable it. {% ifversion fpt or ghec %}For public repositories, the button is disabled if the feature is always enabled.{% endif %} - {% ifversion fpt or ghec %}![Screenshot of "Code security and analysis" section with button to enable {% data variables.product.prodname_dependabot_security_updates %}](/assets/images/help/repository/security-and-analysis-disable-or-enable-fpt-private.png){% elsif ghes > 3.6 or ghae-issue-7044 %} {% else %}![Screenshot of "Code security and analysis" section with button to enable {% data variables.product.prodname_dependabot_security_updates %}](/assets/images/enterprise/3.3/repository/security-and-analysis-disable-or-enable-ghes.png){% endif %} + {% ifversion fpt or ghec %}![Screenshot of "Code security and analysis" section with button to enable {% data variables.product.prodname_dependabot_security_updates %}](/assets/images/help/repository/security-and-analysis-disable-or-enable-fpt-private.png){% elsif ghes > 3.6 or ghae > 3.6 %} {% else %}![Screenshot of "Code security and analysis" section with button to enable {% data variables.product.prodname_dependabot_security_updates %}](/assets/images/enterprise/3.3/repository/security-and-analysis-disable-or-enable-ghes.png){% endif %} ## Overriding the default behavior with a configuration file diff --git a/translations/zh-CN/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md b/translations/zh-CN/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md index 5c48243fbc..267e8a3424 100644 --- a/translations/zh-CN/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md +++ b/translations/zh-CN/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md @@ -283,7 +283,7 @@ updates: If you use the same configuration as in the example above, bumping the `requests` library in the `pip` development dependency group will generate a commit message of: `pip dev: bump requests from 1.0.0 to 1.0.1` - + ### `ignore` {% data reusables.dependabot.default-dependencies-allow-ignore %} @@ -776,11 +776,15 @@ registries: ### `docker-registry` -{% note %} +{% data variables.product.prodname_dependabot %} works with container registries that implement the OCI container registry. For more information, see [https://github.com/opencontainers/distribution-spec/blob/main/spec.md](https://github.com/opencontainers/distribution-spec/blob/main/spec.md). {% data variables.product.prodname_dependabot %} supports authentication to private registries via a central service. For further details, see [Token Authentication Specification](https://docs.docker.com/registry/spec/auth/token/) in the Docker documentation. -**Note:** We don't support the Azure Container Registry (ACR). +We currently support the container registries listed here: + +* Docker Hub +* {% data variables.product.company_short %} {% data variables.product.prodname_container_registry %} +* GCR (Google Cloud) +* Private ECR (AWS) - public ECR support is tracked in [https://github.com/dependabot/dependabot-core/issues/4212](https://github.com/dependabot/dependabot-core/issues/4212). -{% endnote %} The `docker-registry` type supports username and password. @@ -795,7 +799,7 @@ registries: ``` {% endraw %} -The `docker-registry` type can also be used to pull from Amazon ECR using static AWS credentials. +The `docker-registry` type can also be used to pull from private Amazon ECR using static AWS credentials. {% raw %} ```yaml @@ -972,7 +976,7 @@ registries: ``` {% endraw %} -{% ifversion fpt or ghec or ghes > 3.4 %} +{% ifversion fpt or ghec or ghes > 3.4 %} ## Enabling support for beta-level ecosystems ### `enable-beta-ecosystems` diff --git a/translations/zh-CN/content/code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions.md b/translations/zh-CN/content/code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions.md index de37f52f34..b6cf7bad95 100644 --- a/translations/zh-CN/content/code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions.md +++ b/translations/zh-CN/content/code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions.md @@ -1,12 +1,13 @@ --- -title: 通过 GitHub Actions 自动化 Dependabot -intro: '如何使用 {% data variables.product.prodname_actions %} 来自动执行常见 {% data variables.product.prodname_dependabot %} 相关任务的示例。' +title: Automating Dependabot with GitHub Actions +intro: 'Examples of how you can use {% data variables.product.prodname_actions %} to automate common {% data variables.product.prodname_dependabot %} related tasks.' permissions: 'People with write permissions to a repository can configure {% data variables.product.prodname_actions %} to respond to {% data variables.product.prodname_dependabot %}-created pull requests.' miniTocMaxHeadingLevel: 3 versions: fpt: '*' ghec: '*' ghes: '>3.2' + ghae: '*' type: how_to topics: - Actions @@ -19,40 +20,39 @@ topics: shortTitle: Use Dependabot with Actions redirect_from: - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/automating-dependabot-with-github-actions -ms.openlocfilehash: 573304093b85fcc05d86a99934a94904aa98b816 -ms.sourcegitcommit: 47bd0e48c7dba1dde49baff60bc1eddc91ab10c5 -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/05/2022 -ms.locfileid: '147429730' --- -{% data reusables.dependabot.beta-security-and-version-updates %} {% data reusables.dependabot.enterprise-enable-dependabot %} -## 关于 {% data variables.product.prodname_dependabot %} 与 {% data variables.product.prodname_actions %} +{% data reusables.dependabot.beta-security-and-version-updates %} +{% data reusables.dependabot.enterprise-enable-dependabot %} -{% data variables.product.prodname_dependabot %} 创建拉动请求以保持依赖项的最新状态,并且当创建这些拉取请求时,您可以使用 {% data variables.product.prodname_actions %} 执行自动任务。 例如,获取其他构件、添加标签、运行测试或修改拉取请求。 +## About {% data variables.product.prodname_dependabot %} and {% data variables.product.prodname_actions %} -## 响应事件 +{% data variables.product.prodname_dependabot %} creates pull requests to keep your dependencies up to date, and you can use {% data variables.product.prodname_actions %} to perform automated tasks when these pull requests are created. For example, fetch additional artifacts, add labels, run tests, or otherwise modifying the pull request. -{% data variables.product.prodname_dependabot %} 能够在其拉取请求和评论上触发 {% data variables.product.prodname_actions %} 工作流程;但是,某些事件的处理方式不同。 +## Responding to events -{% ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5792 %} 对于 {% data variables.product.prodname_dependabot %} (`github.actor == 'dependabot[bot]'`) 使用 `pull_request`、`pull_request_review`、`pull_request_review_comment`、`push`、`create`、`deployment` 和 `deployment_status` 事件发起的工作流,适用以下限制:{% endif %} +{% data variables.product.prodname_dependabot %} is able to trigger {% data variables.product.prodname_actions %} workflows on its pull requests and comments; however, certain events are treated differently. -- {% ifversion ghes = 3.3 %}`GITHUB_TOKEN` 具有只读权限,除非管理员已移除限制。{% else %}默认情况下,`GITHUB_TOKEN` 具有只读权限。{% endif %} -- {% ifversion ghes = 3.3 %}机密是不可访问的,除非管理员已删除限制。{% else %}机密是从 {% data variables.product.prodname_dependabot %} 机密填充的。 {% data variables.product.prodname_actions %} 机密不可用。{% endif %} - -{% ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5792 %} 对于 {% data variables.product.prodname_dependabot %} (`github.actor == 'dependabot[bot]'`) 使用 `pull_request_target` 事件发起的工作流,如果拉取请求的基本引用是由 {% data variables.product.prodname_dependabot %} (`github.actor == 'dependabot[bot]'`) 创建的,`GITHUB_TOKEN` 将是只读的,并且机密不可用。 +{% ifversion fpt or ghec or ghes > 3.3 or ghae > 3.3 %} +For workflows initiated by {% data variables.product.prodname_dependabot %} (`github.actor == 'dependabot[bot]'`) using the `pull_request`, `pull_request_review`, `pull_request_review_comment`, `push`, `create`, `deployment`, and `deployment_status` events, the following restrictions apply: {% endif %} -{% ifversion actions-stable-actor-ids %}即使工作流由其他参与者重新运行,这些限制也适用。{% endif %} +- {% ifversion ghes = 3.3 %}`GITHUB_TOKEN` has read-only permissions, unless your administrator has removed restrictions.{% else %}`GITHUB_TOKEN` has read-only permissions by default.{% endif %} +- {% ifversion ghes = 3.3 %}Secrets are inaccessible, unless your administrator has removed restrictions.{% else %}Secrets are populated from {% data variables.product.prodname_dependabot %} secrets. {% data variables.product.prodname_actions %} secrets are not available.{% endif %} -有关详细信息,请参阅[“确保 GitHub Actions 和工作流安全:阻止 pwn 请求”](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)。 +{% ifversion fpt or ghec or ghes > 3.3 or ghae > 3.3 %} +For workflows initiated by {% data variables.product.prodname_dependabot %} (`github.actor == 'dependabot[bot]'`) using the `pull_request_target` event, if the base ref of the pull request was created by {% data variables.product.prodname_dependabot %} (`github.actor == 'dependabot[bot]'`), the `GITHUB_TOKEN` will be read-only and secrets are not available. +{% endif %} + +{% ifversion actions-stable-actor-ids %}These restrictions apply even if the workflow is re-run by a different actor.{% endif %} + +For more information, see ["Keeping your GitHub Actions and workflows secure: Preventing pwn requests"](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/). {% ifversion fpt or ghec or ghes > 3.3 %} -### 更改 `GITHUB_TOKEN` 权限 +### Changing `GITHUB_TOKEN` permissions -默认情况下,由 {% data variables.product.prodname_dependabot %} 触发的 {% data variables.product.prodname_actions %} 工作流都会获得具有只读权限的 `GITHUB_TOKEN`。 可以使用工作流中的 `permissions` 密钥来增加对令牌的访问权限: +By default, {% data variables.product.prodname_actions %} workflows triggered by {% data variables.product.prodname_dependabot %} get a `GITHUB_TOKEN` with read-only permissions. You can use the `permissions` key in your workflow to increase the access for the token: {% raw %} @@ -73,17 +73,17 @@ jobs: {% endraw %} -有关详细信息,请参阅“[修改 GITHUB_TOKEN 的权限](/actions/security-guides/automatic-token-authentication#modifying-the-permissions-for-the-github_token)”。 +For more information, see "[Modifying the permissions for the GITHUB_TOKEN](/actions/security-guides/automatic-token-authentication#modifying-the-permissions-for-the-github_token)." -### 访问密钥 +### Accessing secrets -当 {% data variables.product.prodname_dependabot %} 事件触发工作流程时,工作流程唯一可用的机密是 {% data variables.product.prodname_dependabot %} 机密。 {% data variables.product.prodname_actions %} 机密不可用。 因此,必须将 {% data variables.product.prodname_dependabot %} 事件触发的工作流程使用的任何机密存储为 {% data variables.product.prodname_dependabot %} 机密。 有关详细信息,请参阅“[管理 Dependabot 的加密机密](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-encrypted-secrets-for-dependabot)”。 +When a {% data variables.product.prodname_dependabot %} event triggers a workflow, the only secrets available to the workflow are {% data variables.product.prodname_dependabot %} secrets. {% data variables.product.prodname_actions %} secrets are not available. Consequently, you must store any secrets that are used by a workflow triggered by {% data variables.product.prodname_dependabot %} events as {% data variables.product.prodname_dependabot %} secrets. For more information, see "[Managing encrypted secrets for Dependabot](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-encrypted-secrets-for-dependabot)". -{% data variables.product.prodname_dependabot %} 机密添加到 `secrets` 上下文,并使用与 {% data variables.product.prodname_actions %} 的机密完全相同的语法进行引用。 有关详细信息,请参阅“[加密机密](/actions/security-guides/encrypted-secrets#using-encrypted-secrets-in-a-workflow)”。 +{% data variables.product.prodname_dependabot %} secrets are added to the `secrets` context and referenced using exactly the same syntax as secrets for {% data variables.product.prodname_actions %}. For more information, see "[Encrypted secrets](/actions/security-guides/encrypted-secrets#using-encrypted-secrets-in-a-workflow)." -如果您的工作流程将由 {% data variables.product.prodname_dependabot %} 和其他参与者触发,则最简单的解决方案是将令牌与操作以及名称相同的 {% data variables.product.prodname_dependabot %} 密钥中所需的权限一起存储。 然后,工作流程可以包括对这些机密的单个调用。 如果 {% data variables.product.prodname_dependabot %} 的机密具有不同的名称,请使用条件指定正确的机密,以供不同的参与者使用。 有关使用条件的示例,请参阅下面的“[常见自动化](#common-dependabot-automations)”。 +If you have a workflow that will be triggered by {% data variables.product.prodname_dependabot %} and also by other actors, the simplest solution is to store the token with the permissions required in an action and in a {% data variables.product.prodname_dependabot %} secret with identical names. Then the workflow can include a single call to these secrets. If the secret for {% data variables.product.prodname_dependabot %} has a different name, use conditions to specify the correct secrets for different actors to use. For examples that use conditions, see "[Common automations](#common-dependabot-automations)" below. -要使用用户名和密码访问 AWS 上的私有容器注册表,工作流必须包含 `username` 和 `password` 的机密。 在下面的示例中,当 {% data variables.product.prodname_dependabot %} 触发工作流时,将使用名称为 `READONLY_AWS_ACCESS_KEY_ID` 和 `READONLY_AWS_ACCESS_KEY` 的 {% data variables.product.prodname_dependabot %} 机密。 如果另一个执行组件触发了工作流程,则使用具有这些名称的操作机密。 +To access a private container registry on AWS with a user name and password, a workflow must include a secret for `username` and `password`. In the example below, when {% data variables.product.prodname_dependabot %} triggers the workflow, the {% data variables.product.prodname_dependabot %} secrets with the names `READONLY_AWS_ACCESS_KEY_ID` and `READONLY_AWS_ACCESS_KEY` are used. If another actor triggers the workflow, the actions secrets with those names are used. ```yaml name: CI @@ -115,17 +115,17 @@ jobs: {% note %} -注意:站点管理员可以覆盖 {% data variables.product.product_location %} 的这些限制。 有关详细信息,请参阅[排查企业 {% data variables.product.prodname_actions %} 问题](/admin/github-actions/advanced-configuration-and-troubleshooting/troubleshooting-github-actions-for-your-enterprise#troubleshooting-failures-when-dependabot-triggers-existing-workflows)。 +**Note:** Your site administrator can override these restrictions for {% data variables.product.product_location %}. For more information, see "[Troubleshooting {% data variables.product.prodname_actions %} for your enterprise](/admin/github-actions/advanced-configuration-and-troubleshooting/troubleshooting-github-actions-for-your-enterprise#troubleshooting-failures-when-dependabot-triggers-existing-workflows)." -如果移除限制,则当工作流由 {% data variables.product.prodname_dependabot %} 触发时,它将有权访问 {% data variables.product.prodname_actions %} 机密,并且可以使用 `permissions` 一词增加 `GITHUB_TOKEN` 只读访问权限的默认范围。 可以忽略“处理 `pull_request` 事件”和“处理 `push` 事件”部分中的特定步骤,因为不再适用。 +If the restrictions are removed, when a workflow is triggered by {% data variables.product.prodname_dependabot %} it will have access to {% data variables.product.prodname_actions %} secrets and can use the `permissions` term to increase the default scope of the `GITHUB_TOKEN` from read-only access. You can ignore the specific steps in the "Handling `pull_request` events" and "Handling `push` events" sections, as it no longer applies. {% endnote %} -### 处理 `pull_request` 事件 +### Handling `pull_request` events -如果工作流需要访问机密或具有写入权限的 `GITHUB_TOKEN`,则有两个选项:使用`pull_request_target`或使用两个单独的工作流。 我们将在本部分中详细介绍如何使用 `pull_request_target`,以及如何在“[处理 `push` 事件](#handling-push-events)”中使用以下两个工作流。 +If your workflow needs access to secrets or a `GITHUB_TOKEN` with write permissions, you have two options: using `pull_request_target`, or using two separate workflows. We will detail using `pull_request_target` in this section, and using two workflows below in "[Handling `push` events](#handling-push-events)." -下面是一个简单的 `pull_request` 工作流示例,该工作流现在可能失败: +Below is a simple example of a `pull_request` workflow that might now be failing: ```yaml ### This workflow now has no secrets and a read-only token @@ -142,11 +142,11 @@ jobs: - uses: {% data reusables.actions.action-checkout %} ``` -可以将 `pull_request` 替换为 `pull_request_target`,后者用于来自分叉的拉取请求,然后显式签出拉取请求 `HEAD`。 +You can replace `pull_request` with `pull_request_target`, which is used for pull requests from forks, and explicitly check out the pull request `HEAD`. {% warning %} -警告:使用 `pull_request_target` 替代 `pull_request` 会使你面临不安全的行为。 建议使用双工作流方法,如“[处理 `push` 事件](#handling-push-events)”中所述。 +**Warning:** Using `pull_request_target` as a substitute for `pull_request` exposes you to insecure behavior. We recommend you use the two workflow method, as described below in "[Handling `push` events](#handling-push-events)." {% endwarning %} @@ -171,13 +171,13 @@ jobs: github-token: {% raw %}${{ secrets.GITHUB_TOKEN }}{% endraw %} ``` -还强烈建议你缩小授予 `GITHUB_TOKEN` 的权限范围,以避免泄露具有不必要特权的令牌。 有关详细信息,请参阅“[`GITHUB_TOKEN` 的权限](/actions/reference/authentication-in-a-workflow#permissions-for-the-github_token)”。 +It is also strongly recommended that you downscope the permissions granted to the `GITHUB_TOKEN` in order to avoid leaking a token with more privilege than necessary. For more information, see "[Permissions for the `GITHUB_TOKEN`](/actions/reference/authentication-in-a-workflow#permissions-for-the-github_token)." -### 处理 `push` 事件 +### Handling `push` events -因为没有等效于 `push` 事件的 `pull_request_target`,因此必须使用两个工作流程:一个是以上传构件结束的不可信工作流,它将触发第二个下载构件并继续处理的可信任工作流程。 +As there is no `pull_request_target` equivalent for `push` events, you will have to use two workflows: one untrusted workflow that ends by uploading artifacts, which triggers a second trusted workflow that downloads artifacts and continues processing. -第一个工作流程执行任何不信任的工作: +The first workflow performs any untrusted work: {% raw %} @@ -197,7 +197,7 @@ jobs: {% endraw %} -第二个工作流程在第一个工作流程成功完成后执行受信任的工作: +The second workflow performs trusted work after the first workflow completes successfully: {% raw %} @@ -225,37 +225,37 @@ jobs: {% endif %} -### 手动重新运行工作流程 +### Manually re-running a workflow {% ifversion actions-stable-actor-ids %} -手动重新运行 Dependabot 工作流时,即使发起重新运行的用户具有不同的权限,该工作流也会使用以前所用的权限运行。 有关详细信息,请参阅“[重新运行工作流和作业](/actions/managing-workflow-runs/re-running-workflows-and-jobs)”。 +When you manually re-run a Dependabot workflow, it will run with the same privileges as before even if the user who initiated the rerun has different privileges. For more information, see "[Re-running workflows and jobs](/actions/managing-workflow-runs/re-running-workflows-and-jobs)." {% else %} -您还可以手动重新运行失败的 Dependabot 工作流程,它将以读写令牌运行并访问密码。 在手动重新运行失败的工作流程之前,您应始终检查更新的依赖项,以确保更改不会引入任何恶意或意外行为。 +You can also manually re-run a failed Dependabot workflow, and it will run with a read-write token and access to secrets. Before manually re-running a failed workflow, you should always check the dependency being updated to ensure that the change doesn't introduce any malicious or unintended behavior. {% endif %} -## 常用 Dependabot 自动化 +## Common Dependabot automations -以下是可以使用 {% data variables.product.prodname_actions %} 自动化的几个常见场景。 +Here are several common scenarios that can be automated using {% data variables.product.prodname_actions %}. {% ifversion ghes = 3.3 %} {% note %} -注意:如果站点管理员已覆盖对 {% data variables.product.product_location %} 上的 {% data variables.product.prodname_dependabot %} 的限制,则可以在以下工作流中使用 `pull_request`,而不是 `pull_request_target`。 +**Note:** If your site administrator has overridden restrictions for {% data variables.product.prodname_dependabot %} on {% data variables.product.product_location %}, you can use `pull_request` instead of `pull_request_target` in the following workflows. {% endnote %} {% endif %} -### 获取有关拉取请求的元数据 +### Fetch metadata about a pull request -大量自动化需要了解拉取请求内容的信息:依赖项名称是什么,是否为生产依赖项,以及是否为主要、次要或补丁更新。 +A large amount of automation requires knowing information about the contents of the pull request: what the dependency name was, if it's a production dependency, and if it's a major, minor, or patch update. -`dependabot/fetch-metadata` 操作为你提供了所有这些信息: +The `dependabot/fetch-metadata` action provides all that information for you: {% ifversion ghes = 3.3 %} @@ -321,13 +321,13 @@ jobs: {% endif %} -有关详细信息,请参阅 [`dependabot/fetch-metadata`](https://github.com/dependabot/fetch-metadata) 存储库。 +For more information, see the [`dependabot/fetch-metadata`](https://github.com/dependabot/fetch-metadata) repository. -### 标记拉取请求 +### Label a pull request -如果您有基于 {% data variables.product.prodname_dotcom %} 标签的其他自动化或分类工作流程,则可以配置操作以根据提供的元数据分配标签。 +If you have other automation or triage workflows based on {% data variables.product.prodname_dotcom %} labels, you can configure an action to assign labels based on the metadata provided. -例如,如果您想用标签标记所有生产依赖项更新: +For example, if you want to flag all production dependency updates with a label: {% ifversion ghes = 3.3 %} @@ -395,9 +395,9 @@ jobs: {% endif %} -### 批准拉取请求 +### Approve a pull request -如果您想要自动批准 Dependabot 拉取请求,您可以在工作流程中使用 {% data variables.product.prodname_cli %}: +If you want to automatically approve Dependabot pull requests, you can use the {% data variables.product.prodname_cli %} in a workflow: {% ifversion ghes = 3.3 %} @@ -461,11 +461,11 @@ jobs: {% endif %} -### 在拉取请求上启用自动合并 +### Enable auto-merge on a pull request -如果要允许维护者标记某些拉取请求以进行自动合并,可以使用 {% data variables.product.prodname_dotcom %} 的自动合并功能。 这样,当所有所需的测试和批准都成功满足时,拉取请求即可合并。 有关自动合并的详细信息,请参阅“[自动合并拉取请求](/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/automatically-merging-a-pull-request)”。 +If you want to allow maintainers to mark certain pull requests for auto-merge, you can use {% data variables.product.prodname_dotcom %}'s auto-merge functionality. This enables the pull request to be merged when all required tests and approvals are successfully met. For more information on auto-merge, see "[Automatically merging a pull request](/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/automatically-merging-a-pull-request)." -可以改为使用 {% data variables.product.prodname_actions %} 和 {% data variables.product.prodname_cli %}。 以下示例会将所有补丁更新自动合并为 `my-dependency`: +You can instead use {% data variables.product.prodname_actions %} and the {% data variables.product.prodname_cli %}. Here is an example that auto merges all patch updates to `my-dependency`: {% ifversion ghes = 3.3 %} @@ -533,24 +533,24 @@ jobs: {% endif %} -## 失败的工作流程运行故障排除 +## Troubleshooting failed workflow runs -如果您的工作流程运行失败,请检查以下情况: +If your workflow run fails, check the following: {% ifversion ghes = 3.3 %} -- 只有当正确的角色触发工作流程时,才运行工作流程。 -- 你正在检查 `pull_request` 的正确 `ref` 值。 -- 你不会尝试从 Dependabot 触发的 `pull_request`、`pull_request_review`、`pull_request_review_comment` 或 `push` 事件中访问机密。 -- 你不会尝试从 Dependabot 触发的 `pull_request`、`pull_request_review`、`pull_request_review_comment` 或 `push` 事件中执行任何 `write` 操作。 +- You are running the workflow only when the correct actor triggers it. +- You are checking out the correct `ref` for your `pull_request`. +- You aren't trying to access secrets from within a Dependabot-triggered `pull_request`, `pull_request_review`, `pull_request_review_comment`, or `push` event. +- You aren't trying to perform any `write` actions from within a Dependabot-triggered `pull_request`, `pull_request_review`, `pull_request_review_comment`, or `push` event. {% else %} -- 只有当正确的角色触发工作流程时,才运行工作流程。 -- 你正在检查 `pull_request` 的正确 `ref` 值。 -- 您的机密在 {% data variables.product.prodname_dependabot %} 机密中可用,而不是作为 {% data variables.product.prodname_actions %} 机密。 -- 你有一个具有适当权限的 `GITHUB_TOKEN`。 +- You are running the workflow only when the correct actor triggers it. +- You are checking out the correct `ref` for your `pull_request`. +- Your secrets are available in {% data variables.product.prodname_dependabot %} secrets rather than as {% data variables.product.prodname_actions %} secrets. +- You have a `GITHUB_TOKEN` with the correct permissions. {% endif %} -有关编写和调试 {% data variables.product.prodname_actions %} 的详细信息,请参阅“[了解 GitHub Actions](/actions/learn-github-actions)”。 +For information on writing and debugging {% data variables.product.prodname_actions %}, see "[Learning GitHub Actions](/actions/learn-github-actions)." diff --git a/translations/zh-CN/content/code-security/getting-started/github-security-features.md b/translations/zh-CN/content/code-security/getting-started/github-security-features.md index db25b68d5d..5e7ed85861 100644 --- a/translations/zh-CN/content/code-security/getting-started/github-security-features.md +++ b/translations/zh-CN/content/code-security/getting-started/github-security-features.md @@ -1,6 +1,6 @@ --- -title: GitHub 安全功能 -intro: '{% data variables.product.prodname_dotcom %} 安全功能概述。' +title: GitHub security features +intro: 'An overview of {% data variables.product.prodname_dotcom %} security features.' versions: fpt: '*' ghes: '*' @@ -12,34 +12,31 @@ topics: - Dependencies - Vulnerabilities - Advanced Security -ms.openlocfilehash: fc2e4452e83245535c3d5f7ead70b1b23a5d874a -ms.sourcegitcommit: fb047f9450b41b24afc43d9512a5db2a2b750a2a -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/11/2022 -ms.locfileid: '147881483' --- -## 关于 {% data variables.product.prodname_dotcom %} 安全功能 -{% data variables.product.prodname_dotcom %} 具有安全功能,有助于在仓库和组织间保持代码和秘密安全。 {% data reusables.advanced-security.security-feature-availability %} +## About {% data variables.product.prodname_dotcom %}'s security features -{% data variables.product.prodname_advisory_database %} 包含您可以查看、搜索和过滤的安全漏洞列表。 {% data reusables.security-advisory.link-browsing-advisory-db %} +{% data variables.product.prodname_dotcom %} has security features that help keep code and secrets secure in repositories and across organizations. {% data reusables.advanced-security.security-feature-availability %} -## 适用于所有仓库 -### 安全策略 +The {% data variables.product.prodname_advisory_database %} contains a curated list of security vulnerabilities that you can view, search, and filter. {% data reusables.security-advisory.link-browsing-advisory-db %} -让您的用户能够轻松地秘密报告他们在仓库中发现的安全漏洞。 有关详细信息,请参阅“[向存储库添加安全策略](/code-security/getting-started/adding-a-security-policy-to-your-repository)”。 +## Available for all repositories +### Security policy + +Make it easy for your users to confidentially report security vulnerabilities they've found in your repository. For more information, see "[Adding a security policy to your repository](/code-security/getting-started/adding-a-security-policy-to-your-repository)." {% ifversion fpt or ghec %} -### 安全通知 +### Security advisories -私下讨论并修复仓库代码中的安全漏洞。 然后,您可以发布安全通告,提醒您的社区注意漏洞并鼓励社区成员升级。 有关详细信息,请参阅“[关于 {% data variables.product.prodname_security_advisories %}](/github/managing-security-vulnerabilities/about-github-security-advisories)”。 +Privately discuss and fix security vulnerabilities in your repository's code. You can then publish a security advisory to alert your community to the vulnerability and encourage community members to upgrade. For more information, see "[About {% data variables.product.prodname_security_advisories %}](/github/managing-security-vulnerabilities/about-github-security-advisories)." -{% endif %} {% ifversion fpt or ghec or ghes > 3.2 %} +{% endif %} +{% ifversion fpt or ghec or ghes > 3.2 %} -### {% data variables.product.prodname_dependabot_alerts %} 和安全更新 +### {% data variables.product.prodname_dependabot_alerts %} and security updates -查看有关已知包含安全漏洞的依赖项的警报,并选择是否自动生成拉取请求以更新这些依赖项。 有关详细信息,请参阅“[关于 {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)”和“[关于 {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)”。 +View alerts about dependencies that are known to contain security vulnerabilities, and choose whether to have pull requests generated automatically to update these dependencies. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)" +and "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)." {% endif %} {% ifversion ghes < 3.3 or ghae %} @@ -47,73 +44,79 @@ ms.locfileid: '147881483' {% data reusables.dependabot.dependabot-alerts-beta %} -查看有关已知包含安全漏洞的依赖项的警报,并管理这些警报。 有关详细信息,请参阅“[关于 {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)”。 +View alerts about dependencies that are known to contain security vulnerabilities, and manage these alerts. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)." {% endif %} {% ifversion fpt or ghec or ghes > 3.2 %} ### {% data variables.product.prodname_dependabot %} version updates -使用 {% data variables.product.prodname_dependabot %} 自动提出拉取请求以保持依赖项的更新。 这有助于减少您暴露于旧版本依赖项。 如果发现安全漏洞,使用更新后的版本就更容易打补丁,{% data variables.product.prodname_dependabot_security_updates %} 也更容易成功地提出拉取请求以升级有漏洞的依赖项。 有关详细信息,请参阅“[关于 {% data variables.product.prodname_dependabot_version_updates %}](/github/administering-a-repository/about-dependabot-version-updates)”。 +Use {% data variables.product.prodname_dependabot %} to automatically raise pull requests to keep your dependencies up-to-date. This helps reduce your exposure to older versions of dependencies. Using newer versions makes it easier to apply patches if security vulnerabilities are discovered, and also makes it easier for {% data variables.product.prodname_dependabot_security_updates %} to successfully raise pull requests to upgrade vulnerable dependencies. For more information, see "[About {% data variables.product.prodname_dependabot_version_updates %}](/github/administering-a-repository/about-dependabot-version-updates)." {% endif %} -### 依赖关系图 -依赖关系图允许您探索仓库所依赖的生态系统和包,以及依赖于您的仓库的仓库和包。 +### Dependency graph +The dependency graph allows you to explore the ecosystems and packages that your repository depends on and the repositories and packages that depend on your repository. -你可以在存储库的“见解”选项卡上找到依赖项关系图。 有关详细信息,请参阅[关于依赖项关系图](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph)。 +You can find the dependency graph on the **Insights** tab for your repository. For more information, see "[About the dependency graph](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph)." {% ifversion security-overview-displayed-alerts %} -### 安全概述 +### Security overview -通过安全概览,可以查看安全配置和警报,从而轻松识别面临最大风险的存储库和组织。 有关详细信息,请参阅“[关于安全概述](/code-security/security-overview/about-the-security-overview)”。 +The security overview allows you to review security configurations and alerts, making it easy to identify the repositories and organizations at greatest risk. For more information, see "[About the security overview](/code-security/security-overview/about-the-security-overview)." {% else %} -### 存储库的安全概述 -安全概览显示为存储库启用了哪些安全功能,并提供用于配置尚未启用的任何可用安全功能的选项。 +### Security overview for repositories +The security overview shows which security features are enabled for the repository, and offers you the option of configuring any available security features that are not already enabled. {% endif %} -## 通过 {% data variables.product.prodname_GH_advanced_security %} 可用 +## Available with {% data variables.product.prodname_GH_advanced_security %} -{% ifversion fpt %} {% data variables.product.prodname_dotcom_the_website %} 上的公共存储库免费提供以下 {% data variables.product.prodname_GH_advanced_security %} 功能。 使用具有 {% data variables.product.prodname_GH_advanced_security %} 许可证的 {% data variables.product.prodname_ghe_cloud %} 的组织可以在其任何存储库中使用完整的功能集。 有关 {% data variables.product.prodname_ghe_cloud %} 可用功能的列表,请参阅 [{% data variables.product.prodname_ghe_cloud %} 文档](/enterprise-cloud@latest/code-security/getting-started/github-security-features#available-with-github-advanced-security)。 +{% ifversion fpt %} +The following {% data variables.product.prodname_GH_advanced_security %} features are available and free of charge for public repositories on {% data variables.product.prodname_dotcom_the_website %}. Organizations that use {% data variables.product.prodname_ghe_cloud %} with a license for {% data variables.product.prodname_GH_advanced_security %} can use the full set of features in any of their repositories. For a list of the features available with {% data variables.product.prodname_ghe_cloud %}, see the [{% data variables.product.prodname_ghe_cloud %} documentation](/enterprise-cloud@latest/code-security/getting-started/github-security-features#available-with-github-advanced-security). -{% elsif ghec %} {% data variables.product.prodname_dotcom_the_website %} 上的公共存储库免费提供了许多 {% data variables.product.prodname_GH_advanced_security %} 功能。 企业中具有 {% data variables.product.prodname_GH_advanced_security %} 许可证的组织可以在其所有存储库上使用以下功能。 {% data reusables.advanced-security.more-info-ghas %} +{% elsif ghec %} +Many {% data variables.product.prodname_GH_advanced_security %} features are available and free of charge for public repositories on {% data variables.product.prodname_dotcom_the_website %}. Organizations within an enterprise that have a {% data variables.product.prodname_GH_advanced_security %} license can use the following features on all their repositories. {% data reusables.advanced-security.more-info-ghas %} -{% elsif ghes %} {% data variables.product.prodname_GH_advanced_security %} 功能适用于具有 {% data variables.product.prodname_GH_advanced_security %} 许可证的企业。 这些功能仅限于组织拥有的存储库。 {% data reusables.advanced-security.more-info-ghas %} +{% elsif ghes %} +{% data variables.product.prodname_GH_advanced_security %} features are available for enterprises with a license for {% data variables.product.prodname_GH_advanced_security %}. The features are restricted to repositories owned by an organization. {% data reusables.advanced-security.more-info-ghas %} -{% elsif ghae %} {% data variables.product.prodname_GH_advanced_security %} 功能可用于组织拥有的存储库。 {% data reusables.advanced-security.more-info-ghas %} {% endif %} +{% elsif ghae %} +{% data variables.product.prodname_GH_advanced_security %} features are available for repositories owned by an organization. {% data reusables.advanced-security.more-info-ghas %} +{% endif %} ### {% data variables.product.prodname_code_scanning_capc %} -自动检测新代码或修改代码中的安全漏洞和编码错误。 潜在的问题被高亮显示,并附有详细信息,允许您在将代码合并到默认分支之前修复它。 有关详细信息,请参阅“[关于代码扫描](/github/finding-security-vulnerabilities-and-errors-in-your-code/about-code-scanning)”。 +Automatically detect security vulnerabilities and coding errors in new or modified code. Potential problems are highlighted, with detailed information, allowing you to fix the code before it's merged into your default branch. For more information, see "[About code scanning](/github/finding-security-vulnerabilities-and-errors-in-your-code/about-code-scanning)." {% ifversion fpt or ghec %} ### {% data variables.product.prodname_secret_scanning_partner_caps %} -自动检测所有公共存储库中泄露的机密。 {% data variables.product.company_short %} 通知相关服务提供商机密可能已泄露。 有关支持的机密和服务提供商的详细信息,请参阅 “[{% data variables.product.prodname_secret_scanning_caps %} 模式](/code-security/secret-scanning/secret-scanning-patterns)”。 +Automatically detect leaked secrets across all public repositories. {% data variables.product.company_short %} informs the relevant service provider that the secret may be compromised. For details of the supported secrets and service providers, see "[{% data variables.product.prodname_secret_scanning_caps %} patterns](/code-security/secret-scanning/secret-scanning-patterns)." {% endif %} {% ifversion ghec or ghes or ghae %} ### {% data variables.product.prodname_secret_scanning_GHAS_caps %} -{% ifversion ghec %} 仅通过 {% data variables.product.prodname_GH_advanced_security %} 的许可证提供。 +{% ifversion ghec %} +Available only with a license for {% data variables.product.prodname_GH_advanced_security %}. {% endif %} -自动检测已签入存储库的令牌或凭据。 您可以查看 {% data variables.product.company_short %} 代码中找到的任何机密的警报,以便知道哪些令牌或凭据被视为已泄露。 有关详细信息,请参阅“[关于机密扫描](/code-security/secret-scanning/about-secret-scanning#about-secret-scanning-for-advanced-security)”。 +Automatically detect tokens or credentials that have been checked into a repository. You can view alerts for any secrets that {% data variables.product.company_short %} finds in your code, so that you know which tokens or credentials to treat as compromised. For more information, see "[About secret scanning](/code-security/secret-scanning/about-secret-scanning#about-secret-scanning-for-advanced-security)." {% endif %} -### 依赖项检查 +### Dependency review -在合并拉取请求之前显示依赖项更改的全部影响以及任何有漏洞版本的详情。 有关详细信息,请参阅“[关于依赖项审查](/code-security/supply-chain-security/about-dependency-review)”。 +Show the full impact of changes to dependencies and see details of any vulnerable versions before you merge a pull request. For more information, see "[About dependency review](/code-security/supply-chain-security/about-dependency-review)." {% ifversion security-overview-displayed-alerts %} {% elsif fpt %} {% else %} -### 组织{% ifversion ghes > 3.4 or ghae-issue-6199 %}、企业、{% endif %}和团队的安全概览 +### Security overview for organizations{% ifversion ghes > 3.4 or ghae > 3.4 %}, enterprises,{% endif %} and teams -检查组织的安全配置和警报,并确定风险最大的存储库。 有关详细信息,请参阅“[关于安全概述](/code-security/security-overview/about-the-security-overview)”。 +Review the security configuration and alerts for your organization and identify the repositories at greatest risk. For more information, see "[About the security overview](/code-security/security-overview/about-the-security-overview)." {% endif %} -## 延伸阅读 -- [{% data variables.product.prodname_dotcom %} 的产品](/github/getting-started-with-github/githubs-products) -- [{% data variables.product.prodname_dotcom %} 语言支持](/github/getting-started-with-github/github-language-support) +## Further reading +- "[{% data variables.product.prodname_dotcom %}'s products](/github/getting-started-with-github/githubs-products)" +- "[{% data variables.product.prodname_dotcom %} language support](/github/getting-started-with-github/github-language-support)" diff --git a/translations/zh-CN/content/code-security/getting-started/securing-your-repository.md b/translations/zh-CN/content/code-security/getting-started/securing-your-repository.md index 9b523ed971..919f1b2fdd 100644 --- a/translations/zh-CN/content/code-security/getting-started/securing-your-repository.md +++ b/translations/zh-CN/content/code-security/getting-started/securing-your-repository.md @@ -1,6 +1,6 @@ --- -title: 保护您的仓库 -intro: '您可以使用许多 {% data variables.product.prodname_dotcom %} 功能来帮助保护仓库的安全。' +title: Securing your repository +intro: 'You can use a number of {% data variables.product.prodname_dotcom %} features to help keep your repository secure.' permissions: Repository administrators and organization owners can configure repository security settings. redirect_from: - /github/administering-a-repository/about-securing-your-repository @@ -17,123 +17,122 @@ topics: - Vulnerabilities - Advanced Security shortTitle: Secure your repository -ms.openlocfilehash: 46addd796d3eee772dcc14da7604f7a375ac14b7 -ms.sourcegitcommit: 47bd0e48c7dba1dde49baff60bc1eddc91ab10c5 -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/05/2022 -ms.locfileid: '147526684' --- -## 简介 -本指南向您展示如何配置仓库的安全功能。 您必须是仓库管理员或组织所有者才能配置仓库的安全设置。 -您的安全需求是仓库独有的,因此您可能不需要启用仓库的每个功能。 有关详细信息,请参阅“[{% data variables.product.prodname_dotcom %} 安全功能](/code-security/getting-started/github-security-features)”。 +## Introduction +This guide shows you how to configure security features for a repository. You must be a repository administrator or organization owner to configure security settings for a repository. + +Your security needs are unique to your repository, so you may not need to enable every feature for your repository. For more information, see "[{% data variables.product.prodname_dotcom %} security features](/code-security/getting-started/github-security-features)." {% data reusables.advanced-security.security-feature-availability %} -## 管理对仓库的访问 +## Managing access to your repository -保护仓库的第一步是设置谁可以查看和修改您的代码。 有关详细信息,请参阅“[管理存储库设置](/github/administering-a-repository/managing-repository-settings)”。 +The first step to securing a repository is to set up who can see and modify your code. For more information, see "[Managing repository settings](/github/administering-a-repository/managing-repository-settings)." -从存储库的主页中,单击“{% octicon "gear" aria-label="The Settings gear" %}设置”,然后向下滚动到“危险区域”。 +From the main page of your repository, click **{% octicon "gear" aria-label="The Settings gear" %}Settings**, then scroll down to the "Danger Zone." -- 要更改谁可以查看存储库,请单击“更改可见性”。 有关详细信息,请参阅“[设置存储库可见性](/github/administering-a-repository/setting-repository-visibility)”。{% ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5974 %} -- 要更改谁可以访问存储库并调整权限,请单击“管理访问权限”。 有关详细信息,请参阅“[管理有权访问存储库的团队和人员](/github/administering-a-repository/managing-teams-and-people-with-access-to-your-repository)”。{% endif %} +- To change who can view your repository, click **Change visibility**. For more information, see "[Setting repository visibility](/github/administering-a-repository/setting-repository-visibility)."{% ifversion fpt or ghec or ghes > 3.3 or ghae > 3.3 %} +- To change who can access your repository and adjust permissions, click **Manage access**. For more information, see"[Managing teams and people with access to your repository](/github/administering-a-repository/managing-teams-and-people-with-access-to-your-repository)."{% endif %} -## 设置安全策略 +## Setting a security policy -1. 从存储库的主页中,单击“{% octicon "shield" aria-label="The shield symbol" %} 安全性”。 -2. 单击“安全策略”。 -3. 单击“开始设置”。 -4. 添加关于项目受支持版本以及如何报告漏洞的信息。 +1. From the main page of your repository, click **{% octicon "shield" aria-label="The shield symbol" %} Security**. +2. Click **Security policy**. +3. Click **Start setup**. +4. Add information about supported versions of your project and how to report vulnerabilities. -有关详细信息,请参阅“[向存储库添加安全策略](/code-security/getting-started/adding-a-security-policy-to-your-repository)”。 +For more information, see "[Adding a security policy to your repository](/code-security/getting-started/adding-a-security-policy-to-your-repository)." -## 管理依赖关系图 +## Managing the dependency graph -{% ifversion fpt or ghec %} 依赖项关系图自动为所有公共存储库生成,你可以选择为专用存储库启用它。 它解释存储库中的清单和锁定文件以识别依赖项。 +{% ifversion fpt or ghec %} +The dependency graph is automatically generated for all public repositories, and you can choose to enable it for private repositories. It interprets manifest and lock files in a repository to identify dependencies. -1. 从存储库的主页中,单击“{% octicon "gear" aria-label="The Settings gear" %} 设置”。 -2. 单击“安全性和分析”。 -3. 在依赖项关系图旁边,单击“启用”或“禁用” 。 +1. From the main page of your repository, click **{% octicon "gear" aria-label="The Settings gear" %} Settings**. +2. Click **Security & analysis**. +3. Next to Dependency graph, click **Enable** or **Disable**. {% endif %} {% data reusables.dependabot.dependabot-alerts-dependency-graph-enterprise %} -有关详细信息,请参阅“[探索存储库的依赖项](/code-security/supply-chain-security/exploring-the-dependencies-of-a-repository#enabling-and-disabling-the-dependency-graph-for-a-private-repository)”。 +For more information, see "[Exploring the dependencies of a repository](/code-security/supply-chain-security/exploring-the-dependencies-of-a-repository#enabling-and-disabling-the-dependency-graph-for-a-private-repository)." -## 管理 {% data variables.product.prodname_dependabot_alerts %} +## Managing {% data variables.product.prodname_dependabot_alerts %} -当 {% data variables.product.prodname_dotcom %} 在依赖关系图中标识具有漏洞的依赖项时,将生成 {% data variables.product.prodname_dependabot_alerts %} 。 {% ifversion fpt or ghec %}您可以为任何存储库启用 {% data variables.product.prodname_dependabot_alerts %}。{% endif %} +{% data variables.product.prodname_dependabot_alerts %} are generated when {% data variables.product.prodname_dotcom %} identifies a dependency in the dependency graph with a vulnerability. {% ifversion fpt or ghec %}You can enable {% data variables.product.prodname_dependabot_alerts %} for any repository.{% endif %} {% ifversion fpt or ghec %} -1. 单击你的个人资料照片,然后单击“设置”。 -2. 单击“安全性和分析”。 -3. 单击 {% data variables.product.prodname_dependabot_alerts %} 旁边的“全部启用”。 +1. Click your profile photo, then click **Settings**. +2. Click **Security & analysis**. +3. Click **Enable all** next to {% data variables.product.prodname_dependabot_alerts %}. {% endif %} -{% data reusables.dependabot.dependabot-alerts-beta %} {% data reusables.dependabot.dependabot-alerts-dependency-graph-enterprise %} +{% data reusables.dependabot.dependabot-alerts-beta %} +{% data reusables.dependabot.dependabot-alerts-dependency-graph-enterprise %} -有关详细信息,请参阅“[关于 {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies){% ifversion fpt or ghec %}”和“[管理个人帐户的安全和分析设置](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-personal-account-settings/managing-security-and-analysis-settings-for-your-personal-account){% endif %}”。 +For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies){% ifversion fpt or ghec %}" and "[Managing security and analysis settings for your personal account](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-personal-account-settings/managing-security-and-analysis-settings-for-your-personal-account){% endif %}." -## 管理依赖项审查 +## Managing dependency review -依赖项审查可让您在合并到仓库之前在拉取请求中显示依赖关系的变化。 有关详细信息,请参阅“[关于依赖项审查](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review)”。 +Dependency review lets you visualize dependency changes in pull requests before they are merged into your repositories. For more information, see "[About dependency review](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review)." -依赖项审查是一项 {% data variables.product.prodname_GH_advanced_security %} 功能。 {% ifversion fpt or ghec %} 已为所有公共存储库启用了依赖项审查。 {% ifversion fpt %}将 {% data variables.product.prodname_ghe_cloud %} 与 {% data variables.product.prodname_advanced_security %} 一起使用的组织还可以对私有和内部存储库启用依赖项审查。 有关详细信息,请参阅 [{% data variables.product.prodname_ghe_cloud %} 文档](/enterprise-cloud@latest/code-security/getting-started/securing-your-repository#managing-dependency-review)。 {% endif %}{% endif %}{% ifversion ghec or ghes or ghae %}要为 {% ifversion ghec %}私有或内部 {% endif %}存储库启用依赖项审查,请确保已启用依赖项关系图并启用 {% data variables.product.prodname_GH_advanced_security %}。 +Dependency review is a {% data variables.product.prodname_GH_advanced_security %} feature. {% ifversion fpt or ghec %}Dependency review is already enabled for all public repositories. {% ifversion fpt %}Organizations that use {% data variables.product.prodname_ghe_cloud %} with {% data variables.product.prodname_advanced_security %} can additionally enable dependency review for private and internal repositories. For more information, see the [{% data variables.product.prodname_ghe_cloud %} documentation](/enterprise-cloud@latest/code-security/getting-started/securing-your-repository#managing-dependency-review). {% endif %}{% endif %}{% ifversion ghec or ghes or ghae %}To enable dependency review for a {% ifversion ghec %}private or internal {% endif %}repository, ensure that the dependency graph is enabled and enable {% data variables.product.prodname_GH_advanced_security %}. -1. 从存储库的主页中,单击“{% octicon "gear" aria-label="The Settings gear" %}设置”。 -2. 单击“安全性和分析”。 -3. {% ifversion ghec %}如果尚未启用依赖项关系图,请单击“启用”。{% elsif ghes or ghae %}检查是否已为企业配置依赖项关系图。{% endif %} -4. 如果尚未启用 {% data variables.product.prodname_GH_advanced_security %},请单击“启用”。 +1. From the main page of your repository, click **{% octicon "gear" aria-label="The Settings gear" %}Settings**. +2. Click **Security & analysis**. +3. {% ifversion ghec %}If dependency graph is not already enabled, click **Enable**.{% elsif ghes or ghae %}Check that dependency graph is configured for your enterprise.{% endif %} +4. If {% data variables.product.prodname_GH_advanced_security %} is not already enabled, click **Enable**. {% endif %} {% ifversion fpt or ghec or ghes > 3.2 %} -## 管理 {% data variables.product.prodname_dependabot_security_updates %} +## Managing {% data variables.product.prodname_dependabot_security_updates %} -对于任何使用 {% data variables.product.prodname_dependabot_alerts %} 的仓库,您可以启用 {% data variables.product.prodname_dependabot_security_updates %} 在检测到漏洞时提出带有安全更新的拉取请求。 +For any repository that uses {% data variables.product.prodname_dependabot_alerts %}, you can enable {% data variables.product.prodname_dependabot_security_updates %} to raise pull requests with security updates when vulnerabilities are detected. -1. 从存储库的主页中,单击“{% octicon "gear" aria-label="The Settings gear" %}设置”。 -2. 单击“安全性和分析”。 -3. 在 {% data variables.product.prodname_dependabot_security_updates %} 旁边,单击“启用”。 +1. From the main page of your repository, click **{% octicon "gear" aria-label="The Settings gear" %}Settings**. +2. Click **Security & analysis**. +3. Next to {% data variables.product.prodname_dependabot_security_updates %}, click **Enable**. -有关详细信息,请参阅“[关于 {% data variables.product.prodname_dependabot_security_updates %}](/code-security/supply-chain-security/about-dependabot-security-updates)”和“[配置 {% data variables.product.prodname_dependabot_security_updates %}](/code-security/supply-chain-security/configuring-dependabot-security-updates)”。 +For more information, see "[About {% data variables.product.prodname_dependabot_security_updates %}](/code-security/supply-chain-security/about-dependabot-security-updates)" and "[Configuring {% data variables.product.prodname_dependabot_security_updates %}](/code-security/supply-chain-security/configuring-dependabot-security-updates)." -## 管理 {% data variables.product.prodname_dependabot_version_updates %} +## Managing {% data variables.product.prodname_dependabot_version_updates %} -您可以让 {% data variables.product.prodname_dependabot %} 自动提出拉取请求以保持依赖项的更新。 有关详细信息,请参阅“[关于 {% data variables.product.prodname_dependabot_version_updates %}](/code-security/supply-chain-security/about-dependabot-version-updates)”。 +You can enable {% data variables.product.prodname_dependabot %} to automatically raise pull requests to keep your dependencies up-to-date. For more information, see "[About {% data variables.product.prodname_dependabot_version_updates %}](/code-security/supply-chain-security/about-dependabot-version-updates)." {% ifversion dependabot-settings-update-37 %} -1. 从存储库的主页中,单击“{% octicon "gear" aria-label="The Settings gear" %} 设置”。 -2. 单击“安全性和分析”。 -3. 在 {% data variables.product.prodname_dependabot_version_updates %} 旁,单击“启用”以创建基本 dependabot.yml 配置文件。 -4. 指定要更新文件并将文件提交到存储库的依赖项。 有关详细信息,请参阅“[配置 Dependabot 版本更新](/code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates#enabling-dependabot-version-updates)”。 +1. From the main page of your repository, click **{% octicon "gear" aria-label="The Settings gear" %} Settings**. +2. Click **Security & analysis**. +3. Next to {% data variables.product.prodname_dependabot_version_updates %}, click **Enable** to create a basic *dependabot.yml* configuration file. +4. Specify the dependencies to update and commit the file to the repository. For more information, see "[Configuring Dependabot version updates](/code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates#enabling-dependabot-version-updates)." -{% else %} 要启用 {% data variables.product.prodname_dependabot_version_updates %},必须创建 dependabot.yml 配置文件。 有关详细信息,请参阅“[配置 {% data variables.product.prodname_dependabot %} 版本更新](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)”。 +{% else %} +To enable {% data variables.product.prodname_dependabot_version_updates %}, you must create a *dependabot.yml* configuration file. For more information, see "[Configuring {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)." {% endif %} {% endif %} -## 配置 {% data variables.product.prodname_code_scanning %} +## Configuring {% data variables.product.prodname_code_scanning %} -您可以设置 {% data variables.product.prodname_code_scanning %} 使用 {% data variables.product.prodname_codeql_workflow %} 或第三方工具自动识别仓库中存储的代码中的漏洞和错误。 有关详细信息,请参阅“[为存储库设置 {% data variables.product.prodname_code_scanning %}](/code-security/secure-coding/setting-up-code-scanning-for-a-repository)”。 +You can set up {% data variables.product.prodname_code_scanning %} to automatically identify vulnerabilities and errors in the code stored in your repository by using a {% data variables.product.prodname_codeql_workflow %} or third-party tool. For more information, see "[Setting up {% data variables.product.prodname_code_scanning %} for a repository](/code-security/secure-coding/setting-up-code-scanning-for-a-repository)." -{% data variables.product.prodname_code_scanning_capc %} 适用于{% ifversion fpt or ghec %}所有公共存储库,以及属于具有许可证的企业一部分的组织所拥有的私有存储库{% else %}组织拥有的仓库(如果您的企业使用 {% endif %}{% data variables.product.prodname_GH_advanced_security %})。 +{% data variables.product.prodname_code_scanning_capc %} is available {% ifversion fpt or ghec %}for all public repositories, and for private repositories owned by organizations that are part of an enterprise with a license for {% else %}for organization-owned repositories if your enterprise uses {% endif %}{% data variables.product.prodname_GH_advanced_security %}. -## 配置 {% data variables.product.prodname_secret_scanning %} +## Configuring {% data variables.product.prodname_secret_scanning %} -{% data variables.product.prodname_secret_scanning_caps %} 可{% ifversion fpt or ghec %}对所有公共存储库启用,并且可用于属于具有许可证的企业一部分的组织所拥有的私有存储库{% else %}组织拥有的仓库(如果您的企业使用 {% endif %}{% data variables.product.prodname_GH_advanced_security %})。 {% ifversion fpt %}有关详细信息,请参阅 [{% data variables.product.prodname_ghe_cloud %} 文档](/enterprise-cloud@latest/code-security/getting-started/securing-your-repository#configuring-secret-scanning)。{% else %}可能已为存储库启用 {% data variables.product.prodname_secret_scanning_caps %},具体取决于组织的设置。 +{% data variables.product.prodname_secret_scanning_caps %} is {% ifversion fpt or ghec %}enabled for all public repositories and is available for private repositories owned by organizations that are part of an enterprise with a license for {% else %}available for organization-owned repositories if your enterprise uses {% endif %}{% data variables.product.prodname_GH_advanced_security %}. {% ifversion fpt %}For more information, see the [{% data variables.product.prodname_ghe_cloud %} documentation](/enterprise-cloud@latest/code-security/getting-started/securing-your-repository#configuring-secret-scanning).{% else %}{% data variables.product.prodname_secret_scanning_caps %} may already be enabled for your repository, depending upon your organization's settings. -1. 从存储库的主页中,单击“{% octicon "gear" aria-label="The Settings gear" %}设置”。 -2. 单击“安全性和分析”。 -3. 如果尚未启用 {% data variables.product.prodname_GH_advanced_security %},请单击“启用”。 -4. 在 {% data variables.product.prodname_secret_scanning_caps %} 旁边,单击“启用”。 {% endif %} - -## 后续步骤 -您可以查看和管理来自安全功能的警报,以解决代码中的依赖项和漏洞。 有关详细信息,请参阅{% ifversion fpt or ghes or ghec %}“[查看和更新 {% data variables.product.prodname_dependabot_alerts %}](/code-security/dependabot/dependabot-alerts/viewing-and-updating-dependabot-alerts)”、{% endif %} {% ifversion fpt or ghec or ghes > 3.2 %}“[管理用于依赖项更新的拉取请求](/code-security/supply-chain-security/managing-pull-requests-for-dependency-updates)”、{% endif %}“[管理存储库的 {% data variables.product.prodname_code_scanning %}](/code-security/secure-coding/managing-code-scanning-alerts-for-your-repository)”和“[管理来自 {% data variables.product.prodname_secret_scanning %} 的警报](/code-security/secret-security/managing-alerts-from-secret-scanning)”。 - -{% ifversion fpt or ghec %}如果您存在安全漏洞,您可以创建安全通告,以私下讨论和修复该漏洞。 有关详细信息,请参阅“[关于 {% data variables.product.prodname_security_advisories %}](/code-security/security-advisories/about-github-security-advisories)”和“[创建安全通告](/code-security/security-advisories/creating-a-security-advisory)”。 +1. From the main page of your repository, click **{% octicon "gear" aria-label="The Settings gear" %}Settings**. +2. Click **Security & analysis**. +3. If {% data variables.product.prodname_GH_advanced_security %} is not already enabled, click **Enable**. +4. Next to {% data variables.product.prodname_secret_scanning_caps %}, click **Enable**. +{% endif %} + +## Next steps +You can view and manage alerts from security features to address dependencies and vulnerabilities in your code. For more information, see {% ifversion fpt or ghes or ghec %} "[Viewing and updating {% data variables.product.prodname_dependabot_alerts %}](/code-security/dependabot/dependabot-alerts/viewing-and-updating-dependabot-alerts),"{% endif %} {% ifversion fpt or ghec or ghes > 3.2 %}"[Managing pull requests for dependency updates](/code-security/supply-chain-security/managing-pull-requests-for-dependency-updates)," {% endif %}"[Managing {% data variables.product.prodname_code_scanning %} for your repository](/code-security/secure-coding/managing-code-scanning-alerts-for-your-repository)," and "[Managing alerts from {% data variables.product.prodname_secret_scanning %}](/code-security/secret-security/managing-alerts-from-secret-scanning)." + +{% ifversion fpt or ghec %}If you have a security vulnerability, you can create a security advisory to privately discuss and fix the vulnerability. For more information, see "[About {% data variables.product.prodname_security_advisories %}](/code-security/security-advisories/about-github-security-advisories)" and "[Creating a security advisory](/code-security/security-advisories/creating-a-security-advisory)." {% endif %} diff --git a/translations/zh-CN/content/code-security/secret-scanning/about-secret-scanning.md b/translations/zh-CN/content/code-security/secret-scanning/about-secret-scanning.md index 0110c45c23..e785be75ea 100644 --- a/translations/zh-CN/content/code-security/secret-scanning/about-secret-scanning.md +++ b/translations/zh-CN/content/code-security/secret-scanning/about-secret-scanning.md @@ -26,7 +26,7 @@ topics: If your project communicates with an external service, you might use a token or private key for authentication. Tokens and private keys are examples of secrets that a service provider can issue. If you check a secret into a repository, anyone who has read access to the repository can use the secret to access the external service with your privileges. We recommend that you store secrets in a dedicated, secure location outside of the repository for your project. -{% data variables.product.prodname_secret_scanning_caps %} will scan your entire Git history on all branches present in your {% data variables.product.prodname_dotcom %} repository for secrets{% ifversion ghec or ghes > 3.4 or ghae-issue-6329 %}, even if the repository is archived{% endif %}. +{% data variables.product.prodname_secret_scanning_caps %} will scan your entire Git history on all branches present in your {% data variables.product.prodname_dotcom %} repository for secrets{% ifversion ghec or ghes > 3.4 or ghae > 3.4 %}, even if the repository is archived{% endif %}. {% ifversion fpt or ghec %} {% data variables.product.prodname_secret_scanning_caps %} is available on {% data variables.product.prodname_dotcom_the_website %} in two forms: @@ -70,7 +70,7 @@ You cannot change the configuration of {% data variables.product.prodname_secret {% data variables.product.prodname_secret_scanning_GHAS_caps %} is available on all organization-owned repositories as part of {% data variables.product.prodname_GH_advanced_security %}. It is not available on user-owned repositories. When you enable {% data variables.product.prodname_secret_scanning %} for a repository, {% data variables.product.prodname_dotcom %} scans the code for patterns that match secrets used by many service providers. For more information, see "{% ifversion ghec %}[Supported secrets for advanced security](/code-security/secret-scanning/secret-scanning-patterns#supported-secrets-for-advanced-security){% else %}[{% data variables.product.prodname_secret_scanning_caps %} patterns](/code-security/secret-scanning/secret-scanning-patterns){% endif %}." -If you're a repository administrator you can enable {% data variables.product.prodname_secret_scanning_GHAS %} for any repository{% ifversion ghec or ghes > 3.4 or ghae-issue-6329 %}, including archived repositories{% endif %}. Organization owners can also enable {% data variables.product.prodname_secret_scanning_GHAS %} for all repositories or for all new repositories within an organization. For more information, see "[Managing security and analysis settings for your repository](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository)" and "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization)." +If you're a repository administrator you can enable {% data variables.product.prodname_secret_scanning_GHAS %} for any repository{% ifversion ghec or ghes > 3.4 or ghae > 3.4 %}, including archived repositories{% endif %}. Organization owners can also enable {% data variables.product.prodname_secret_scanning_GHAS %} for all repositories or for all new repositories within an organization. For more information, see "[Managing security and analysis settings for your repository](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository)" and "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization)." {% ifversion ghes or ghae or ghec %}You can also define custom {% data variables.product.prodname_secret_scanning %} patterns for a repository, organization, or enterprise. For more information, see "[Defining custom patterns for {% data variables.product.prodname_secret_scanning %}](/code-security/secret-security/defining-custom-patterns-for-secret-scanning)." {% endif %} @@ -91,12 +91,12 @@ For more information about viewing and resolving {% data variables.product.prodn Repository administrators and organization owners can grant users and teams access to {% data variables.product.prodname_secret_scanning %} alerts. For more information, see "[Managing security and analysis settings for your repository](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository#granting-access-to-security-alerts)." -{% ifversion ghec or ghes or ghae-issue-5503 %} +{% ifversion ghec or ghes or ghae > 3.4 %} You can use the security overview to see an organization-level view of which repositories have enabled {% data variables.product.prodname_secret_scanning %} and the alerts found. For more information, see "[Viewing the security overview](/code-security/security-overview/viewing-the-security-overview)." {% endif %} -{%- ifversion ghec or ghes %}You can also use the REST API to {% endif %} -monitor results from {% data variables.product.prodname_secret_scanning %} across your {% ifversion ghec %}private {% endif %}repositories{% ifversion ghes %} or your organization{% endif %}. For more information about API endpoints, see "[{% data variables.product.prodname_secret_scanning_caps %}](/rest/reference/secret-scanning)." +{%- ifversion ghec or ghes or ghae %}You can also use the REST API to +monitor results from {% data variables.product.prodname_secret_scanning %} across your {% ifversion ghec %}private {% endif %}repositories{% ifversion ghes %} or your organization{% endif %}. For more information about API endpoints, see "[{% data variables.product.prodname_secret_scanning_caps %}](/rest/reference/secret-scanning)."{% endif %} {% endif %} diff --git a/translations/zh-CN/content/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning.md b/translations/zh-CN/content/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning.md index c259957538..2e8604b4c8 100644 --- a/translations/zh-CN/content/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning.md +++ b/translations/zh-CN/content/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning.md @@ -1,7 +1,7 @@ --- -title: 为机密扫描定义自定义模式 +title: Defining custom patterns for secret scanning shortTitle: Define custom patterns -intro: '您可以扩展 {% data variables.product.prodname_secret_scanning_GHAS %} 以检测默认模式之外的机密。' +intro: 'You can extend {% data variables.product.prodname_secret_scanning_GHAS %} to detect secrets beyond the default patterns.' product: '{% data reusables.gated-features.secret-scanning %}' redirect_from: - /code-security/secret-security/defining-custom-patterns-for-secret-scanning @@ -13,74 +13,82 @@ type: how_to topics: - Advanced Security - Secret scanning -ms.openlocfilehash: 7182de1985019ab2c0a3244f923944f78dc6060e -ms.sourcegitcommit: 47bd0e48c7dba1dde49baff60bc1eddc91ab10c5 -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/05/2022 -ms.locfileid: '147549098' --- -{% ifversion ghes < 3.3 %} {% note %} -**注意:** {% data variables.product.prodname_secret_scanning %} 的自定义模式目前为 beta 版本,可能会有变动。 +{% ifversion ghes < 3.3 %} +{% note %} -{% endnote %} {% endif %} +**Note:** Custom patterns for {% data variables.product.prodname_secret_scanning %} is currently in beta and is subject to change. -## 关于 {% data variables.product.prodname_secret_scanning %} 的自定义模式 +{% endnote %} +{% endif %} -您可以定义自定义模式来标识 {% data variables.product.prodname_secret_scanning %} 支持的默认模式未检测到的机密。 例如,您可能有一个属于您组织内部的密钥模式。 有关支持的机密和服务提供商的详细信息,请参阅 “[{% data variables.product.prodname_secret_scanning_caps %} 模式](/code-security/secret-scanning/secret-scanning-patterns)”。 +## About custom patterns for {% data variables.product.prodname_secret_scanning %} -您可以为企业、组织或存储库定义自定义模式。 {% data variables.product.prodname_secret_scanning_caps %} 支持每个组织或企业帐户最多 {%- ifversion fpt or ghec or ghes > 3.3 or ghae-issue-7297 %} 500 个自定义模式,每个存储库最多 100 个自定义模式。 -{%- elsif ghes = 3.2 %}每个组织或企业帐户有 20 个自定义模式,每个存储库也有 20 个自定义模式。 -{%- else %}每个组织或企业帐户有 100 个自定义模式,每个存储库有 20 个自定义模式。 +You can define custom patterns to identify secrets that are not detected by the default patterns supported by {% data variables.product.prodname_secret_scanning %}. For example, you might have a secret pattern that is internal to your organization. For details of the supported secrets and service providers, see "[{% data variables.product.prodname_secret_scanning_caps %} patterns](/code-security/secret-scanning/secret-scanning-patterns)." + +You can define custom patterns for your enterprise, organization, or repository. {% data variables.product.prodname_secret_scanning_caps %} supports up to +{%- ifversion fpt or ghec or ghes > 3.3 or ghae > 3.3 %} 500 custom patterns for each organization or enterprise account, and up to 100 custom patterns per repository. +{%- elsif ghes = 3.2 %} 20 custom patterns for each organization or enterprise account, and per repository. +{%- else %} 100 custom patterns for each organization or enterprise account, and 20 per repository. {%- endif %} -{% ifversion ghes < 3.3 %} {% note %} +{% ifversion ghes < 3.3 %} +{% note %} -**注意:** 在 beta 版本中,对 {% data variables.product.prodname_secret_scanning %} 使用自定义模式时存在一些限制: +**Note:** During the beta, there are some limitations when using custom patterns for {% data variables.product.prodname_secret_scanning %}: -* 没有干运行功能。 -* 创建自定义模式后,您无法对其进行编辑。 要更改模式,您必须将其删除并重新创建。 -* 没有用于创建、编辑或删除自定义模式的 API。 但是,自定义模式的结果在[密钥扫描警报 API](/rest/reference/secret-scanning) 中返回。 +* There is no dry-run functionality. +* You cannot edit custom patterns after they're created. To change a pattern, you must delete it and recreate it. +* There is no API for creating, editing, or deleting custom patterns. However, results for custom patterns are returned in the [secret scanning alerts API](/rest/reference/secret-scanning). -{% endnote %} {% endif %} +{% endnote %} +{% endif %} -## 自定义模式的正则表达式语法 +## Regular expression syntax for custom patterns -您可以将 {% data variables.product.prodname_secret_scanning_GHAS %} 的自定义模式指定为一个或多个正则表达式。 +You can specify custom patterns for {% data variables.product.prodname_secret_scanning_GHAS %} as one or more regular expressions. -- **机密格式:** 描述机密本身格式的表达式。 -- **机密之前:** 描述机密之前的字符的表达式。 默认情况下,此值设置为 `\A|[^0-9A-Za-z]`,这意味着机密必须位于行首或前面有非字母数字字符。 -- **机密之后:** 描述机密后面的字符的表达式。 默认情况下,此值设置为 `\z|[^0-9A-Za-z]`,这意味着机密后面必须跟有新行或非字母数字字符。 -- **其他匹配要求:** 机密本身必须或不得匹配的一个或多个可选表达式。 +- **Secret format:** an expression that describes the format of the secret itself. +- **Before secret:** an expression that describes the characters that come before the secret. By default, this is set to `\A|[^0-9A-Za-z]` which means that the secret must be at the start of a line or be preceded by a non-alphanumeric character. +- **After secret:** an expression that describes the characters that come after the secret. By default, this is set to `\z|[^0-9A-Za-z]` which means that the secret must be followed by a new line or a non-alphanumeric character. +- **Additional match requirements:** one or more optional expressions that the secret itself must or must not match. -对于简单令牌,通常只需指定机密格式。 其他字段提供了灵活性,以便您可以指定更复杂的机密,而无需创建复杂的正则表达式。 有关自定义模式的示例,请参阅下面的“[使用附加要求指定的自定义模式示例](#example-of-a-custom-pattern-specified-using-additional-requirements)”。 +For simple tokens you will usually only need to specify a secret format. The other fields provide flexibility so that you can specify more complex secrets without creating complex regular expressions. For an example of a custom pattern, see "[Example of a custom pattern specified using additional requirements](#example-of-a-custom-pattern-specified-using-additional-requirements)" below. -{% data variables.product.prodname_secret_scanning_caps %} 使用 [Hyperscan 库](https://github.com/intel/hyperscan),只支持 Hyperscan 正则表达式构造(PCRE 语法的子集)。 不支持 Hyperscan 选项修饰符。 有关 Hyperscan 模式构造的详细信息,请参阅 Hyperscan 文档中的“[模式支持](http://intel.github.io/hyperscan/dev-reference/compilation.html#pattern-support)”。 +{% data variables.product.prodname_secret_scanning_caps %} uses the [Hyperscan library](https://github.com/intel/hyperscan) and only supports Hyperscan regex constructs, which are a subset of PCRE syntax. Hyperscan option modifiers are not supported. For more information on Hyperscan pattern constructs, see "[Pattern support](http://intel.github.io/hyperscan/dev-reference/compilation.html#pattern-support)" in the Hyperscan documentation. -## 定义仓库的自定义模式 +## Defining a custom pattern for a repository -在定义自定义模式之前,您必须确保仓库上启用了 {% data variables.product.prodname_secret_scanning %}。 有关详细信息,请参阅“[为存储库配置 {% data variables.product.prodname_secret_scanning %}](/code-security/secret-security/configuring-secret-scanning-for-your-repositories)”。 +Before defining a custom pattern, you must ensure that {% data variables.product.prodname_secret_scanning %} is enabled on your repository. For more information, see "[Configuring {% data variables.product.prodname_secret_scanning %} for your repositories](/code-security/secret-security/configuring-secret-scanning-for-your-repositories)." -{% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-settings %} {% data reusables.repositories.navigate-to-code-security-and-analysis %} {% data reusables.repositories.navigate-to-ghas-settings %} {% data reusables.advanced-security.secret-scanning-new-custom-pattern %} {% data reusables.advanced-security.secret-scanning-add-custom-pattern-details %}{% ifversion secret-scanning-custom-enterprise-35 or custom-pattern-dry-run-ga %} -1. 准备好测试新的自定义模式时,若要识别存储库中的匹配项而不创建警报,请单击“保存并试运行”。 -{% data reusables.advanced-security.secret-scanning-dry-run-results %} {%- ifversion secret-scanning-custom-enterprise-35 %}{% indented_data_reference reusables.secret-scanning.beta-dry-runs spaces=3 %}{% endif %} {% endif %} {% data reusables.advanced-security.secret-scanning-create-custom-pattern %} +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.sidebar-settings %} +{% data reusables.repositories.navigate-to-code-security-and-analysis %} +{% data reusables.repositories.navigate-to-ghas-settings %} +{% data reusables.advanced-security.secret-scanning-new-custom-pattern %} +{% data reusables.advanced-security.secret-scanning-add-custom-pattern-details %}{% ifversion secret-scanning-custom-enterprise-35 or custom-pattern-dry-run-ga %} +1. When you're ready to test your new custom pattern, to identify matches in the repository without creating alerts, click **Save and dry run**. +{% data reusables.advanced-security.secret-scanning-dry-run-results %} +{%- ifversion secret-scanning-custom-enterprise-35 %}{% indented_data_reference reusables.secret-scanning.beta-dry-runs spaces=3 %}{% endif %} +{% endif %} +{% data reusables.advanced-security.secret-scanning-create-custom-pattern %} -模式创建后,{% data reusables.secret-scanning.secret-scanning-process %} 有关查看 {% data variables.product.prodname_secret_scanning %} 警报的详细信息,请参阅“[管理来自 {% data variables.product.prodname_secret_scanning %} 的警报](/code-security/secret-security/managing-alerts-from-secret-scanning)”。 +After your pattern is created, {% data reusables.secret-scanning.secret-scanning-process %} For more information on viewing {% data variables.product.prodname_secret_scanning %} alerts, see "[Managing alerts from {% data variables.product.prodname_secret_scanning %}](/code-security/secret-security/managing-alerts-from-secret-scanning)." -### 使用其他要求指定的自定义模式示例 +### Example of a custom pattern specified using additional requirements -公司具有具有五个特征的内部令牌。 它们使用不同的字段来指定如何标识令牌,如下所示: +A company has an internal token with five characteristics. They use the different fields to specify how to identify tokens as follows: -| **特征** | **字段和正则表达式** | +| **Characteristic** | **Field and regular expression** | |----------------|------------------------------| -| 长度介于 5 到 10 个字符之间 | 机密格式:`[$#%@AA-Za-z0-9]{5,10}` | -| 不以 `.` 结尾 | 机密之后:`[^\.]` | -| 包含数字和大写字母 | 其他要求:机密必须匹配 `[A-Z]` 和 `[0-9]` | -| 一行中不包含多个小写字母 | 其他要求:机密不得匹配 `[a-z]{2,}` | -| 包含 `$%@!` 之一 | 其他要求:机密必须匹配 `[$%@!]` | +| Length between 5 and 10 characters | Secret format: `[$#%@AA-Za-z0-9]{5,10}` | +| Does not end in a `.` | After secret: `[^\.]` | +| Contains numbers and uppercase letters | Additional requirements: secret must match `[A-Z]` and `[0-9]` | +| Does not include more than one lowercase letter in a row | Additional requirements: secret must not match `[a-z]{2,}` | +| Contains one of `$%@!` | Additional requirements: secret must match `[$%@!]` | -这些令牌将与上述自定义模式匹配: +These tokens would match the custom pattern described above: ``` a9@AAfT! # Secret string match: a9@AAfT @@ -88,7 +96,7 @@ ee95GG@ZA942@aa # Secret string match: @ZA942@a a9@AA!ee9 # Secret string match: a9@AA ``` -这些字符串与上述自定义模式不匹配: +These strings would not match the custom pattern described above: ``` a9@AA.! @@ -97,75 +105,98 @@ aa9@AA!ee9 aAAAe9 ``` -## 定义组织的自定义模式 +## Defining a custom pattern for an organization -在定义自定义模式之前,您必须确保在组织中为要扫描的仓库启用 {% data variables.product.prodname_secret_scanning %}。 若要在组织中的所有存储库上启用 {% data variables.product.prodname_secret_scanning %},请参阅“[管理组织的安全和分析设置](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization)”。 +Before defining a custom pattern, you must ensure that you enable {% data variables.product.prodname_secret_scanning %} for the repositories that you want to scan in your organization. To enable {% data variables.product.prodname_secret_scanning %} on all repositories in your organization, see "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization)." -{% ifversion ghes < 3.5 or ghae %} {% note %} +{% ifversion ghes < 3.5 or ghae %} +{% note %} -**注意:** 由于没有试运行功能,我们建议你先在存储库中测试自定义模式,然后再为整个组织定义它们。 这样,可以避免创建过多的误报 {% data variables.product.prodname_secret_scanning %} 警报。 +**Note:** As there is no dry-run functionality, we recommend that you test your custom patterns in a repository before defining them for your entire organization. That way, you can avoid creating excess false-positive {% data variables.product.prodname_secret_scanning %} alerts. -{% endnote %} {% endif %} +{% endnote %} +{% endif %} -{% data reusables.profile.access_org %} {% data reusables.profile.org_settings %} {% data reusables.organizations.security-and-analysis %} {% data reusables.repositories.navigate-to-ghas-settings %} {% data reusables.advanced-security.secret-scanning-new-custom-pattern %} {% data reusables.advanced-security.secret-scanning-add-custom-pattern-details %} {%- ifversion secret-scanning-custom-enterprise-35 or custom-pattern-dry-run-ga %} -1. 准备好测试新的自定义模式时,若要在不创建警报的情况下识别所选存储库中的匹配项,请单击“保存并试运行”。 -{% data reusables.advanced-security.secret-scanning-dry-run-select-repos %} {% data reusables.advanced-security.secret-scanning-dry-run-results %} {%- ifversion secret-scanning-custom-enterprise-35 %}{% indented_data_reference reusables.secret-scanning.beta-dry-runs spaces=3 %}{% endif %} {%- endif %} {% data reusables.advanced-security.secret-scanning-create-custom-pattern %} +{% data reusables.profile.access_org %} +{% data reusables.profile.org_settings %} +{% data reusables.organizations.security-and-analysis %} +{% data reusables.repositories.navigate-to-ghas-settings %} +{% data reusables.advanced-security.secret-scanning-new-custom-pattern %} +{% data reusables.advanced-security.secret-scanning-add-custom-pattern-details %} +{%- ifversion secret-scanning-custom-enterprise-35 or custom-pattern-dry-run-ga %} +1. When you're ready to test your new custom pattern, to identify matches in select repositories without creating alerts, click **Save and dry run**. +{% data reusables.advanced-security.secret-scanning-dry-run-select-repos %} +{% data reusables.advanced-security.secret-scanning-dry-run-results %} +{%- ifversion secret-scanning-custom-enterprise-35 %}{% indented_data_reference reusables.secret-scanning.beta-dry-runs spaces=3 %}{% endif %} +{%- endif %} +{% data reusables.advanced-security.secret-scanning-create-custom-pattern %} -创建模式后,{% data variables.product.prodname_secret_scanning %} 扫描组织的仓库中的任何密钥,包括其所有分支的整个 Git 历史记录。 组织所有者和仓库管理员将会收到发现的任何密钥警报通知,并且可以审查发现密钥的仓库中的警报。 有关查看 {% data variables.product.prodname_secret_scanning %} 警报的详细信息,请参阅“[管理来自 {% data variables.product.prodname_secret_scanning %} 的警报](/code-security/secret-security/managing-alerts-from-secret-scanning)”。 +After your pattern is created, {% data variables.product.prodname_secret_scanning %} scans for any secrets in repositories in your organization, including their entire Git history on all branches. Organization owners and repository administrators will be alerted to any secrets found and can review the alert in the repository where the secret is found. For more information on viewing {% data variables.product.prodname_secret_scanning %} alerts, see "[Managing alerts from {% data variables.product.prodname_secret_scanning %}](/code-security/secret-security/managing-alerts-from-secret-scanning)." -## 为企业帐户定义自定义模式 +## Defining a custom pattern for an enterprise account {% ifversion fpt or ghec or ghes %} -在定义自定义模式之前,必须确保为企业帐户启用机密扫描。 有关详细信息,请参阅“[为企业启用 {% data variables.product.prodname_GH_advanced_security %}]({% ifversion fpt or ghec %}/enterprise-server@latest/{% endif %}/admin/advanced-security/enabling-github-advanced-security-for-your-enterprise)”。 +Before defining a custom pattern, you must ensure that you enable secret scanning for your enterprise account. For more information, see "[Enabling {% data variables.product.prodname_GH_advanced_security %} for your enterprise]({% ifversion fpt or ghec %}/enterprise-server@latest/{% endif %}/admin/advanced-security/enabling-github-advanced-security-for-your-enterprise)." {% endif %} {% note %} -{% ifversion secret-scanning-custom-enterprise-36 or custom-pattern-dry-run-ga %} **注意:** -- 在企业级别,只有自定义模式的创建者才能编辑模式,并在试运行中使用它。 -- 企业所有者只能对有权访问的存储库使用试运行,并且企业所有者不一定有权访问企业中的所有组织或存储库。 -{% else %} 注意:由于没有试运行功能,我们建议你先在存储库中测试自定义模式,然后再为整个企业定义它们。 这样,可以避免创建过多的误报 {% data variables.product.prodname_secret_scanning %} 警报。 +{% ifversion secret-scanning-custom-enterprise-36 or custom-pattern-dry-run-ga %} +**Notes:** +- At the enterprise level, only the creator of a custom pattern can edit the pattern, and use it in a dry run. +- Enterprise owners can only make use of dry runs on repositories that they have access to, and enterprise owners do not necessarily have access to all the organizations or repositories within the enterprise. +{% else %} +**Note:** As there is no dry-run functionality, we recommend that you test your custom patterns in a repository before defining them for your entire enterprise. That way, you can avoid creating excess false-positive {% data variables.product.prodname_secret_scanning %} alerts. {% endif %} {% endnote %} -{% data reusables.enterprise-accounts.access-enterprise %} {% data reusables.enterprise-accounts.policies-tab %} {% data reusables.enterprise-accounts.advanced-security-policies %} {% data reusables.enterprise-accounts.advanced-security-security-features %} -1. 在“机密扫描自定义模式”下,单击{% ifversion ghes = 3.2 %}“新建自定义模式”{% else %}“新建模式”{% endif %} 。 -{% data reusables.advanced-security.secret-scanning-add-custom-pattern-details %} {%- ifversion secret-scanning-custom-enterprise-36 or custom-pattern-dry-run-ga %} -1. 准备好测试新的自定义模式时,若要识别企业中的匹配项而不创建警报,请单击“保存并试运行”。 -{% data reusables.advanced-security.secret-scanning-dry-run-select-enterprise-repos %} {% data reusables.advanced-security.secret-scanning-dry-run-results %} {%- ifversion secret-scanning-custom-enterprise-36 %}{% indented_data_reference reusables.secret-scanning.beta-dry-runs spaces=3 %}{% endif %} {%- endif %} {% data reusables.advanced-security.secret-scanning-create-custom-pattern %} +{% data reusables.enterprise-accounts.access-enterprise %} +{% data reusables.enterprise-accounts.policies-tab %} +{% data reusables.enterprise-accounts.advanced-security-policies %} +{% data reusables.enterprise-accounts.advanced-security-security-features %} +1. Under "Secret scanning custom patterns", click {% ifversion ghes = 3.2 %}**New custom pattern**{% else %}**New pattern**{% endif %}. +{% data reusables.advanced-security.secret-scanning-add-custom-pattern-details %} +{%- ifversion secret-scanning-custom-enterprise-36 or custom-pattern-dry-run-ga %} +1. When you're ready to test your new custom pattern, to identify matches in the enterprise without creating alerts, click **Save and dry run**. +{% data reusables.advanced-security.secret-scanning-dry-run-select-enterprise-repos %} +{% data reusables.advanced-security.secret-scanning-dry-run-results %} +{%- ifversion secret-scanning-custom-enterprise-36 %}{% indented_data_reference reusables.secret-scanning.beta-dry-runs spaces=3 %}{% endif %} +{%- endif %} +{% data reusables.advanced-security.secret-scanning-create-custom-pattern %} -创建模式后,{% data variables.product.prodname_secret_scanning %} 扫描企业组织内存储库中的任何机密,并启用 {% data variables.product.prodname_GH_advanced_security %},包括其所有分支上的整个 Git 历史记录。 组织所有者和仓库管理员将会收到发现的任何密钥警报通知,并且可以审查发现密钥的仓库中的警报。 有关查看 {% data variables.product.prodname_secret_scanning %} 警报的详细信息,请参阅“[管理来自 {% data variables.product.prodname_secret_scanning %} 的警报](/code-security/secret-security/managing-alerts-from-secret-scanning)”。 +After your pattern is created, {% data variables.product.prodname_secret_scanning %} scans for any secrets in repositories within your enterprise's organizations with {% data variables.product.prodname_GH_advanced_security %} enabled, including their entire Git history on all branches. Organization owners and repository administrators will be alerted to any secrets found, and can review the alert in the repository where the secret is found. For more information on viewing {% data variables.product.prodname_secret_scanning %} alerts, see "[Managing alerts from {% data variables.product.prodname_secret_scanning %}](/code-security/secret-security/managing-alerts-from-secret-scanning)." {% ifversion fpt or ghes > 3.2 or ghec or ghae %} -## 编辑自定义模式 +## Editing a custom pattern -将更改保存到自定义模式时,这将关闭使用该模式的先前版本创建的所有 {% data variables.product.prodname_secret_scanning %} 警报。 -1. 导航到创建自定义模式的位置。 可以在存储库、组织或企业帐户中创建自定义模式。 - * 对于存储库或组织,显示创建自定义模式的存储库或组织的“安全和分析”设置。 有关详细信息,请参阅上面的“[为存储库定义自定义模式](#defining-a-custom-pattern-for-a-repository)”或“[为组织定义自定义模式](#defining-a-custom-pattern-for-an-organization)”。 - * 对于企业,在“策略”下显示“高级安全”区域,然后单击“安全功能”。 有关详细信息,请参阅上面的“[为企业帐户定义自定义模式](#defining-a-custom-pattern-for-an-enterprise-account)”。 -2. 在“{% data variables.product.prodname_secret_scanning_caps %}”下要编辑的自定义模式的右侧,单击 {% octicon "pencil" aria-label="The edit icon" %}。 +When you save a change to a custom pattern, this closes all the {% data variables.product.prodname_secret_scanning %} alerts that were created using the previous version of the pattern. +1. Navigate to where the custom pattern was created. A custom pattern can be created in a repository, organization, or enterprise account. + * For a repository or organization, display the "Security & analysis" settings for the repository or organization where the custom pattern was created. For more information, see "[Defining a custom pattern for a repository](#defining-a-custom-pattern-for-a-repository)" or "[Defining a custom pattern for an organization](#defining-a-custom-pattern-for-an-organization)" above. + * For an enterprise, under "Policies" display the "Advanced Security" area, and then click **Security features**. For more information, see "[Defining a custom pattern for an enterprise account](#defining-a-custom-pattern-for-an-enterprise-account)" above. +2. Under "{% data variables.product.prodname_secret_scanning_caps %}", to the right of the custom pattern you want to edit, click {% octicon "pencil" aria-label="The edit icon" %}. {%- ifversion secret-scanning-custom-enterprise-36 or custom-pattern-dry-run-ga %} -3. 准备好测试编辑后的自定义模式时,若要识别匹配项而不创建警报,请单击“保存并试运行”。 +3. When you're ready to test your edited custom pattern, to identify matches without creating alerts, click **Save and dry run**. {%- endif %} -4. 查看并测试更改后,单击“保存更改”。 +4. When you have reviewed and tested your changes, click **Save changes**. {% endif %} -## 删除自定义模式 +## Removing a custom pattern -1. 导航到创建自定义模式的位置。 可以在存储库、组织或企业帐户中创建自定义模式。 +1. Navigate to where the custom pattern was created. A custom pattern can be created in a repository, organization, or enterprise account. - * 对于存储库或组织,显示创建自定义模式的存储库或组织的“安全和分析”设置。 有关详细信息,请参阅上面的“[为存储库定义自定义模式](#defining-a-custom-pattern-for-a-repository)”或“[为组织定义自定义模式](#defining-a-custom-pattern-for-an-organization)”。 - * 对于企业,在“策略”下显示“高级安全”区域,然后单击“安全功能”。 有关详细信息,请参阅上面的“[为企业帐户定义自定义模式](#defining-a-custom-pattern-for-an-enterprise-account)”。 + * For a repository or organization, display the "Security & analysis" settings for the repository or organization where the custom pattern was created. For more information, see "[Defining a custom pattern for a repository](#defining-a-custom-pattern-for-a-repository)" or "[Defining a custom pattern for an organization](#defining-a-custom-pattern-for-an-organization)" above. + * For an enterprise, under "Policies" display the "Advanced Security" area, and then click **Security features**. For more information, see "[Defining a custom pattern for an enterprise account](#defining-a-custom-pattern-for-an-enterprise-account)" above. {%- ifversion ghec or ghes > 3.2 or ghae %} -1. 在要删除的自定义模式的右侧,单击 {% octicon "trash" aria-label="The trash icon" %}。 -1. 查看确认,并选择一种方法来处理与自定义模式相关的任何打开的警报。 -1. 单击“是,删除此模式”。 +1. To the right of the custom pattern you want to remove, click {% octicon "trash" aria-label="The trash icon" %}. +1. Review the confirmation, and select a method for dealing with any open alerts relating to the custom pattern. +1. Click **Yes, delete this pattern**. - ![确认删除自定义 {% data variables.product.prodname_secret_scanning %} 模式 ](/assets/images/help/repository/secret-scanning-confirm-deletion-custom-pattern.png) {%- elsif ghes = 3.2 %} -1. 在要删除的自定义模式的右侧,单击“删除”。 -1. 查看确认信息,然后单击“删除自定义模式”。 + ![Confirming deletion of a custom {% data variables.product.prodname_secret_scanning %} pattern ](/assets/images/help/repository/secret-scanning-confirm-deletion-custom-pattern.png) +{%- elsif ghes = 3.2 %} +1. To the right of the custom pattern you want to remove, click **Remove**. +1. Review the confirmation, and click **Remove custom pattern**. {%- endif %} diff --git a/translations/zh-CN/content/code-security/security-overview/about-the-security-overview.md b/translations/zh-CN/content/code-security/security-overview/about-the-security-overview.md index cdde16ab50..1d531390f5 100644 --- a/translations/zh-CN/content/code-security/security-overview/about-the-security-overview.md +++ b/translations/zh-CN/content/code-security/security-overview/about-the-security-overview.md @@ -1,6 +1,6 @@ --- -title: 关于安全性概述 -intro: 可在“安全概述”页查看、筛选和排序组织或团队拥有的存储库的安全警报。 +title: About the security overview +intro: 'You can view, filter, and sort security alerts for repositories owned by your organization or team in one place: the Security Overview page.' permissions: '{% data reusables.security-overview.permissions %}' product: '{% data reusables.gated-features.security-overview %}' redirect_from: @@ -20,66 +20,64 @@ topics: - Organizations - Teams shortTitle: About security overview -ms.openlocfilehash: ac069277564d7249d36b54f218c78f33eefc3c47 -ms.sourcegitcommit: fb047f9450b41b24afc43d9512a5db2a2b750a2a -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/11/2022 -ms.locfileid: '147881475' --- -{% ifversion ghes < 3.5 or ghae %} {% data reusables.security-overview.beta %} {% endif %} -## 关于安全性概述 +{% ifversion ghes < 3.5 or ghae %} +{% data reusables.security-overview.beta %} +{% endif %} -{% ifversion ghes or ghec or ghae %}你的{% elsif fpt %}使用 {% data variables.product.prodname_ghe_cloud %}{% endif %} 的组织可以使用安全概述来概括性了解{% ifversion ghes or ghec or ghae %}你的{% elsif fpt %}他们{% endif %}组织的状态或识别需要干预的有问题的存储库。 {% ifversion ghes or ghec or ghae %} {% elsif fpt %}这些组织{% endif %} 可以在安全概述中查看聚合或特定于存储库的安全信息。 {% ifversion ghes or ghec or ghae %}你的{% elsif fpt %}使用 {% data variables.product.prodname_ghe_cloud %}{% endif %} 的组织还可以使用安全概述查看为{% ifversion ghes or ghec or ghae %}你的{% elsif fpt %}他们的{% endif %}存储库启用了哪些安全功能,并配置当前未使用的任何可用安全功能。 {% ifversion fpt %} 有关详细信息,请参阅 [{% data variables.product.prodname_ghe_cloud %} 文档](/enterprise-cloud@latest/code-security/security-overview/about-the-security-overview)。{% endif %} +## About the security overview -{% ifversion ghec or ghes or ghae %} 安全概述指示是否为组织拥有的存储库启用了{% ifversion fpt or ghes or ghec %}安全{% endif %}{% ifversion ghae %}{% data variables.product.prodname_GH_advanced_security %}{% endif %}功能,并合并了每个功能的警报。{% ifversion fpt or ghes or ghec %}安全功能包括 {% data variables.product.prodname_GH_advanced_security %} 功能,例如 {% data variables.product.prodname_code_scanning %} 和 {% data variables.product.prodname_secret_scanning %},以及 {% data variables.product.prodname_dependabot_alerts %}。{% endif %} 有关 {% data variables.product.prodname_GH_advanced_security %} 功能的详细信息,请参阅“[关于 {% data variables.product.prodname_GH_advanced_security %}](/get-started/learning-about-github/about-github-advanced-security)”。{% ifversion fpt or ghes or ghec %} 有关 {% data variables.product.prodname_dependabot_alerts %} 的详细信息,请参阅“[关于 {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies#dependabot-alerts-for-vulnerable-dependencies)”。{% endif %} +{% ifversion ghes or ghec or ghae %}You{% elsif fpt %}Organizations that use {% data variables.product.prodname_ghe_cloud %}{% endif %} can use the security overview for a high-level view of the security status of {% ifversion ghes or ghec or ghae %}your {% elsif fpt %}their{% endif %} organization or to identify problematic repositories that require intervention. {% ifversion ghes or ghec or ghae %}You {% elsif fpt %}These organizations{% endif %} can view aggregate or repository-specific security information in the security overview. {% ifversion ghes or ghec or ghae %}You {% elsif fpt %} Organizations that use {% data variables.product.prodname_ghe_cloud %}{% endif %} can also use the security overview to see which security features are enabled for {% ifversion ghes or ghec or ghae %}your {% elsif fpt %}their {% endif %} repositories and to configure any available security features that are not currently in use. {% ifversion fpt %}For more information, see [the {% data variables.product.prodname_ghe_cloud %} documentation](/enterprise-cloud@latest/code-security/security-overview/about-the-security-overview).{% endif %} -有关在存储库和组织级别保护代码的详细信息,请参阅“[保护存储库](/code-security/getting-started/securing-your-repository)”和“[保护组织](/code-security/getting-started/securing-your-organization)”。 +{% ifversion ghec or ghes or ghae %} +The security overview indicates whether {% ifversion fpt or ghes or ghec %}security{% endif %}{% ifversion ghae %}{% data variables.product.prodname_GH_advanced_security %}{% endif %} features are enabled for repositories owned by your organization and consolidates alerts for each feature.{% ifversion fpt or ghes or ghec %} Security features include {% data variables.product.prodname_GH_advanced_security %} features, such as {% data variables.product.prodname_code_scanning %} and {% data variables.product.prodname_secret_scanning %}, as well as {% data variables.product.prodname_dependabot_alerts %}.{% endif %} For more information about {% data variables.product.prodname_GH_advanced_security %} features, see "[About {% data variables.product.prodname_GH_advanced_security %}](/get-started/learning-about-github/about-github-advanced-security)."{% ifversion fpt or ghes or ghec %} For more information about {% data variables.product.prodname_dependabot_alerts %}, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies#dependabot-alerts-for-vulnerable-dependencies)."{% endif %} -公司的应用程序安全团队可以使用安全概述对组织的安全状态进行广泛和具体的分析。 例如,他们可以使用概述页来监视组织或特定团队在将 {% data variables.product.prodname_GH_advanced_security %} 部署到企业时采用的功能,或者查看组织中所有存储库中特定类型和严重性级别的所有警报。 +For more information about securing your code at the repository and organization levels, see "[Securing your repository](/code-security/getting-started/securing-your-repository)" and "[Securing your organization](/code-security/getting-started/securing-your-organization)." -### 关于筛选和排序警报 +The application security team at your company can use the security overview for both broad and specific analyses of your organization's security status. For example, they can use the overview page to monitor adoption of features by your organization or by a specific team as you rollout {% data variables.product.prodname_GH_advanced_security %} to your enterprise, or to review all alerts of a specific type and severity level across all repositories in your organization. -在安全概述中,您可以查看、排序和筛选警报,以了解组织和特定仓库中的安全风险。 安全摘要具有高度交互性,允许您根据警报风险级别、警报类型和功能启用等限定符调查特定类别的信息。 您还可以应用多个筛选器来关注更小的兴趣领域。 例如,您可以识别具有大量 {% data variables.product.prodname_dependabot_alerts %} 的私有仓库或者没有 {% data variables.product.prodname_code_scanning %} 警报的仓库。 有关详细信息,请参阅“[在安全概述中筛选警报](/code-security/security-overview/filtering-alerts-in-the-security-overview)”。 +### About filtering and sorting alerts + +In the security overview, you can view, sort, and filter alerts to understand the security risks in your organization and in specific repositories. The security summary is highly interactive, allowing you to investigate specific categories of information, based on qualifiers like alert risk level, alert type, and feature enablement. You can also apply multiple filters to focus on narrower areas of interest. For example, you can identify private repositories that have a high number of {% data variables.product.prodname_dependabot_alerts %} or repositories that have no {% data variables.product.prodname_code_scanning %} alerts. For more information, see "[Filtering alerts in the security overview](/code-security/security-overview/filtering-alerts-in-the-security-overview)." {% ifversion security-overview-views %} -在安全概览中,每种安全警报类型都有专用视图,例如 Dependabot、代码扫描和机密扫描警报。 您可以使用这些视图将分析限制为一组特定的警报,并使用特定于每个视图的一系列筛选器进一步缩小结果范围。 例如,在机密扫描警报视图中,可以使用 `Secret type` 筛选器仅查看特定机密(如 GitHub 个人访问令牌)的机密扫描警报。 在存储库级别,您可以使用安全概述来评估特定存储库的当前安全状态,并配置存储库中尚未使用的任何其他安全功能。 +In the security overview, there are dedicated views for each type of security alert, such as Dependabot, code scanning, and secret scanning alerts. You can use these views to limit your analysis to a specific set of alerts, and narrow the results further with a range of filters specific to each view. For example, in the secret scanning alert view, you can use the `Secret type` filter to view only secret scanning alerts for a specific secret, like a GitHub Personal Access Token. At the repository level, you can use the security overview to assess the specific repository's current security status, and configure any additional security features not yet in use on the repository. {% endif %} -![组织的安全概述](/assets/images/help/organizations/security-overview.png) +![The security overview for an organization](/assets/images/help/organizations/security-overview.png) -对于安全概述中的每个存储库,您将看到每种类型的安全功能的图标以及每种类型的警报数。 如果没有为存储库启用安全功能,则该功能的图标将显示为灰色。此外,还会根据代码扫描、Dependabot 和机密扫描警报为每个存储库计算风险评分。 此分数处于测试阶段,应谨慎使用。 它的算法和方法可能会发生变化。 +For each repository in the security overview, you will see icons for each type of security feature and how many alerts there are of each type. If a security feature is not enabled for a repository, the icon for that feature will be grayed out. In addition, a risk score is calculated for each repository based on its code scanning, Dependabot and secret scanning alerts. This score is in beta and should be used with caution. Its algorithm and approach is subject to change. -![安全概述中的图标](/assets/images/help/organizations/security-overview-icons.png) +![Icons in the security overview](/assets/images/help/organizations/security-overview-icons.png) -| 图标 | 含义 | +| Icon | Meaning | | -------- | -------- | -| {% octicon "code-square" aria-label="Code scanning alerts" %} | {% data variables.product.prodname_code_scanning_capc %} 警报。 有关详细信息,请参阅“[关于 {% data variables.product.prodname_code_scanning %}](/code-security/secure-coding/about-code-scanning)”。 | -| {% octicon "key" aria-label="Secret scanning alerts" %} | {% data variables.product.prodname_secret_scanning_caps %} 警报。 有关详细信息,请参阅“[关于 {% data variables.product.prodname_secret_scanning %}](/code-security/secret-security/about-secret-scanning)”。 | -| {% octicon "hubot" aria-label="Dependabot alerts" %} | {% data variables.product.prodname_dependabot_alerts %} 的通知。 有关详细信息,请参阅“[关于 {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)”。 | -| {% octicon "check" aria-label="Check" %} | 安全功能已启用,但不会在此存储库中引发警报。 | -| {% octicon "x" aria-label="x" %} | 此存储库不支持该安全功能。 | +| {% octicon "code-square" aria-label="Code scanning alerts" %} | {% data variables.product.prodname_code_scanning_capc %} alerts. For more information, see "[About {% data variables.product.prodname_code_scanning %}](/code-security/secure-coding/about-code-scanning)." | +| {% octicon "key" aria-label="Secret scanning alerts" %} | {% data variables.product.prodname_secret_scanning_caps %} alerts. For more information, see "[About {% data variables.product.prodname_secret_scanning %}](/code-security/secret-security/about-secret-scanning)." | +| {% octicon "hubot" aria-label="Dependabot alerts" %} | {% data variables.product.prodname_dependabot_alerts %}. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)." | +| {% octicon "check" aria-label="Check" %} | The security feature is enabled, but does not raise alerts in this repository. | +| {% octicon "x" aria-label="x" %} | The security feature is not supported in this repository. | -安全概述显示由安全功能引发的活动警报。 如果仓库的安全概述中没有警报,则可能仍然存在未检测到的安全漏洞或代码错误。 +The security overview displays active alerts raised by security features. If there are no alerts in the security overview for a repository, undetected security vulnerabilities or code errors may still exist. -### 关于组织级安全性概述 +### About the organization-level security overview -在组织级别,安全概述显示组织拥有的仓库的聚合和仓库特定安全信息。 您可以在组织级别按安全功能筛选信息。 +At the organization-level, the security overview displays aggregate and repository-specific security information for repositories owned by your organization. You can filter information by security features at the organization-level. -{% ifversion ghec or ghes > 3.4 or ghae-issue-6199 %} -### 关于企业级安全性概述 -在企业级别,安全性概述显示企业的综合和存储库特定的安全信息。 可以查看企业拥有的具有安全警报的存储库、查看整个企业的所有安全警报或特定于安全功能的警报。 +{% ifversion ghec or ghes > 3.4 or ghae > 3.4 %} +### About the enterprise-level security overview +At the enterprise-level, the security overview displays aggregate and repository-specific security information for your enterprise. You can view repositories owned by your enterprise that have security alerts, view all security alerts, or security feature-specific alerts from across your enterprise. -企业中组织的组织所有者和安全管理员对企业级安全概述的访问权限也有限。 他们只能查看他们具有完全访问权限的组织的存储库和警报。 +Organization owners and security managers for organizations in your enterprise also have limited access to the enterprise-level security overview. They can only view repositories and alerts for the organizations that they have full access to. {% elsif fpt %} -### 关于企业级安全性概述 -在企业级别,安全性概述显示企业的综合和存储库特定信息。 有关详细信息,请参阅 {% data variables.product.prodname_ghe_cloud %} 文档中的“[关于企业级安全概述](/enterprise-cloud@latest/code-security/security-overview/about-the-security-overview#about-the-enterprise-level-security-overview)”。 +### About the enterprise-level security overview +At the enterprise-level, the security overview displays aggregate and repository-specific information for an enterprise. For more information, see "[About the enterprise-level security overview](/enterprise-cloud@latest/code-security/security-overview/about-the-security-overview#about-the-enterprise-level-security-overview)" in the {% data variables.product.prodname_ghe_cloud %} documentation. {% endif %} -### 关于团队级安全性概述 -在团队级别,安全概述显示团队拥有管理权限的仓库特定安全信息。 有关详细信息,请参阅“[管理团队对组织存储库的访问](/organizations/managing-access-to-your-organizations-repositories/managing-team-access-to-an-organization-repository)”。 +### About the team-level security overview +At the team-level, the security overview displays repository-specific security information for repositories that the team has admin privileges for. For more information, see "[Managing team access to an organization repository](/organizations/managing-access-to-your-organizations-repositories/managing-team-access-to-an-organization-repository)." {% endif %} diff --git a/translations/zh-CN/content/code-security/security-overview/viewing-the-security-overview.md b/translations/zh-CN/content/code-security/security-overview/viewing-the-security-overview.md index c41143f4a3..49e218d8d8 100644 --- a/translations/zh-CN/content/code-security/security-overview/viewing-the-security-overview.md +++ b/translations/zh-CN/content/code-security/security-overview/viewing-the-security-overview.md @@ -1,10 +1,10 @@ --- -title: 查看安全概述 -intro: 导航到安全概述中提供的不同视图 +title: Viewing the security overview +intro: Navigate to the different views available in the security overview permissions: '{% data reusables.security-overview.permissions %}' product: '{% data reusables.gated-features.security-overview %}' versions: - ghae: issue-5503 + ghae: '>= 3.5' ghes: '*' ghec: '*' type: how_to @@ -15,50 +15,60 @@ topics: - Organizations - Teams shortTitle: View the security overview -ms.openlocfilehash: a0b6371155e7b7780ea216373b42481aa403e6db -ms.sourcegitcommit: 47bd0e48c7dba1dde49baff60bc1eddc91ab10c5 -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/05/2022 -ms.locfileid: '147525687' --- -{% ifversion ghes < 3.5 or ghae %} {% data reusables.security-overview.beta %} {% endif %} + +{% ifversion ghes < 3.5 or ghae %} +{% data reusables.security-overview.beta %} +{% endif %} {% data reusables.security-overview.information-varies-GHAS %} -## 查看组织的安全概述 +## Viewing the security overview for an organization -{% data reusables.organizations.navigate-to-org %} {% data reusables.organizations.security-overview %} -1. 要查看有关警报类型的汇总信息,请单击“显示更多”。 - ![显示更多按钮](/assets/images/help/organizations/security-overview-show-more-button.png) {% data reusables.organizations.filter-security-overview %} {% ifversion security-overview-views %} {% data reusables.organizations.security-overview-feature-specific-page %} ![代码扫描特定页面的屏幕截图](/assets/images/help/organizations/security-overview-code-scanning-alerts.png) +{% data reusables.organizations.navigate-to-org %} +{% data reusables.organizations.security-overview %} +1. To view aggregate information about alert types, click **Show more**. + ![Show more button](/assets/images/help/organizations/security-overview-show-more-button.png) +{% data reusables.organizations.filter-security-overview %} +{% ifversion security-overview-views %} +{% data reusables.organizations.security-overview-feature-specific-page %} + ![Screenshot of the code scanning-specific page](/assets/images/help/organizations/security-overview-code-scanning-alerts.png) -## 查看整个组织的警报 +## Viewing alerts across your organization -{% data reusables.organizations.navigate-to-org %} {% data reusables.organizations.security-overview %} -1. 在安全性边栏中,选择要查看的警报子集。 -![查看警报子集](/assets/images/help/organizations/view-alert-subset.png) -2. (可选)过滤警报列表。 每个视图都有自己的可用筛选器选择。 您可以单击下拉过滤菜单中的多个过滤器以缩小搜索范围。 还可在搜索字段中键入搜索限定符。 有关可用限定符的详细信息,请参阅“[在安全概述中筛选警报](/code-security/security-overview/filtering-alerts-in-the-security-overview)”。 - ![扫描视图中的下拉筛选器菜单和“搜索存储库”字段](/assets/images/help/organizations/secret-scanning-filter-alerts.png) +{% data reusables.organizations.navigate-to-org %} +{% data reusables.organizations.security-overview %} +1. In the security sidebar, select the subset of alerts you want to view. +![View alert subset](/assets/images/help/organizations/view-alert-subset.png) +2. Optionally, filter the list of alerts. Each view has its own selection of available filters. You can click multiple filters in the drop-down filter menus to narrow your search. You can also type search qualifiers in the search field. For more information about the available qualifiers, see "[Filtering alerts in the security overview](/code-security/security-overview/filtering-alerts-in-the-security-overview)." + ![The drop-down filter menus and Search repositories field in the secret scanning view](/assets/images/help/organizations/secret-scanning-filter-alerts.png) -{% ifversion ghec or ghes > 3.4 or ghae-issue-6199 %} -## 查看企业的安全概述 +{% ifversion ghec or ghes > 3.4 or ghae > 3.4 %} +## Viewing the security overview for an enterprise {% data reusables.enterprise-accounts.access-enterprise-on-dotcom %} -1. 在左侧边栏中,单击 {% octicon "shield" aria-label="The shield icon" %}“代码安全”。 -{% ifversion security-overview-feature-specific-alert-page %} {% data reusables.organizations.security-overview-feature-specific-page %} {% endif %} {% endif %} +1. In the left sidebar, click {% octicon "shield" aria-label="The shield icon" %} **Code Security**. +{% ifversion security-overview-feature-specific-alert-page %} +{% data reusables.organizations.security-overview-feature-specific-page %} +{% endif %} +{% endif %} -## 查看存储库的警报 +## Viewing alerts for a repository {% data reusables.repositories.navigate-to-repo %} -1. 在存储库名称下,单击“安全性”。 - ![存储库安全选项卡](/assets/images/help/repository/security-tab.png) -2. 在安全性边栏中,选择要打开的视图。 - ![存储库视图警报子集](/assets/images/help/repository/repo-security-side-panel.png) -3. (可选)过滤警报列表。 每个视图都有自己的可用筛选器选择。 您可以单击下拉过滤菜单中的多个过滤器以缩小搜索范围。 还可在搜索字段中键入搜索限定符。 有关可用限定符的详细信息,请参阅“[在安全概述中筛选警报](/code-security/security-overview/filtering-alerts-in-the-security-overview)”。 - ![存储库机密扫描警报视图中的下拉筛选器菜单](/assets/images/help/repository/repo-code-scanning-filter-and-search.png) +1. Under your repository name, click **Security**. + ![Repository security tab](/assets/images/help/repository/security-tab.png) +2. In the security sidebar, select the view you want to open. + ![Repository view alert subset](/assets/images/help/repository/repo-security-side-panel.png) +3. Optionally, filter the list of alerts. Each view has its own selection of available filters. You can click multiple filters in the drop-down filter menus to narrow your search. You can also type search qualifiers in the search field. For more information about the available qualifiers, see "[Filtering alerts in the security overview](/code-security/security-overview/filtering-alerts-in-the-security-overview)." + ![Drop down filter menus in the repository secret scanning alerts view](/assets/images/help/repository/repo-code-scanning-filter-and-search.png) {% endif %} -## 查看团队的安全概述 +## Viewing the security overview for a team -{% data reusables.profile.access_org %} {% data reusables.user-settings.access_org %} {% data reusables.organizations.specific_team %} {% data reusables.organizations.team-security-overview %} {% data reusables.organizations.filter-security-overview %} +{% data reusables.profile.access_org %} +{% data reusables.user-settings.access_org %} +{% data reusables.organizations.specific_team %} +{% data reusables.organizations.team-security-overview %} +{% data reusables.organizations.filter-security-overview %} diff --git a/translations/zh-CN/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review.md b/translations/zh-CN/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review.md index d09159bb07..7a13366bbb 100644 --- a/translations/zh-CN/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review.md +++ b/translations/zh-CN/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review.md @@ -1,6 +1,6 @@ --- -title: 关于依赖项评审 -intro: 依赖项审查可让你在将有不安全的依赖项引入你的环境之前找到它们,并提供关于许可证、依赖项和依赖项存在时间的信息。 +title: About dependency review +intro: 'Dependency review lets you catch insecure dependencies before you introduce them to your environment, and provides information on license, dependents, and age of dependencies.' product: '{% data reusables.gated-features.dependency-review %}' shortTitle: Dependency review versions: @@ -17,57 +17,54 @@ topics: - Pull requests redirect_from: - /code-security/supply-chain-security/about-dependency-review -ms.openlocfilehash: aeb85342f027125328ef5537e718bc671f02eb3e -ms.sourcegitcommit: 47bd0e48c7dba1dde49baff60bc1eddc91ab10c5 -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/05/2022 -ms.locfileid: '147424702' --- + {% data reusables.dependency-review.beta %} -## 关于依赖项评审 +## About dependency review {% data reusables.dependency-review.feature-overview %} -如果拉取请求针对仓库的默认分支并且包含对包清单或锁定文件的更改,您可以显示依赖项审查以查看更改的内容。 依赖项审查包括对锁定文件中间接依赖项的更改详情,并告诉您任何已添加或更新的依赖项是否包含已知漏洞。 +If a pull request targets your repository's default branch and contains changes to package manifests or lock files, you can display a dependency review to see what has changed. The dependency review includes details of changes to indirect dependencies in lock files, and it tells you if any of the added or updated dependencies contain known vulnerabilities. -有时,您可能只想更新清单中一个依赖项的版本并生成拉取请求。 但是,如果此直接依赖项的更新版本也更新了依赖项,则拉取请求的更改可能超过您的预期。 每个清单和锁定文件的依赖项审查提供了一种简单的方法来查看更改的内容,以及任何新的依赖项版本是否包含已知的漏洞。 +Sometimes you might just want to update the version of one dependency in a manifest and generate a pull request. However, if the updated version of this direct dependency also has updated dependencies, your pull request may have more changes than you expected. The dependency review for each manifest and lock file provides an easy way to see what has changed, and whether any of the new dependency versions contain known vulnerabilities. -通过检查拉取请求中的依赖项审查并更改被标记为有漏洞的任何依赖项,可以避免将漏洞添加到项目中。 有关依赖项审查工作原理的详细信息,请参阅“[查看拉取请求中的依赖项更改](/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-dependency-changes-in-a-pull-request)”。 +By checking the dependency reviews in a pull request, and changing any dependencies that are flagged as vulnerable, you can avoid vulnerabilities being added to your project. For more information about how dependency review works, see "[Reviewing dependency changes in a pull request](/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-dependency-changes-in-a-pull-request)." -有关配置依赖项评审的详细信息,请参阅“[配置依赖项评审](/code-security/supply-chain-security/understanding-your-software-supply-chain/configuring-dependency-review)”。 +For more information about configuring dependency review, see "[Configuring dependency review](/code-security/supply-chain-security/understanding-your-software-supply-chain/configuring-dependency-review)." -{% data variables.product.prodname_dependabot_alerts %} 将会查找依赖项中存在的漏洞,但避免引入潜在问题比在以后修复它们要好得多。 有关 {% data variables.product.prodname_dependabot_alerts %} 的详细信息,请参阅“[关于 {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies#dependabot-alerts-for-vulnerable-dependencies)”。 +{% data variables.product.prodname_dependabot_alerts %} will find vulnerabilities that are already in your dependencies, but it's much better to avoid introducing potential problems than to fix problems at a later date. For more information about {% data variables.product.prodname_dependabot_alerts %}, see "[About {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies#dependabot-alerts-for-vulnerable-dependencies)." -依赖项审查支持与依赖关系图相同的语言和包管理生态系统。 有关详细信息,请参阅“[关于依赖项关系图](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph#supported-package-ecosystems)”。 +Dependency review supports the same languages and package management ecosystems as the dependency graph. For more information, see "[About the dependency graph](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph#supported-package-ecosystems)." -有关 {% data variables.product.product_name %} 上提供的供应链功能的详细信息,请参阅“[关于供应链安全性](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security)”。 +For more information on supply chain features available on {% data variables.product.product_name %}, see "[About supply chain security](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security)." {% ifversion ghec or ghes %} -## 启用依赖项审查 +## Enabling dependency review -启用依赖关系图时,依赖项审查功能可用。 有关详细信息,请参阅“{% ifversion ghec %} [启用依赖项关系图](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph#enabling-the-dependency-graph){% elsif ghes %}[为企业启用依赖项关系图](/admin/code-security/managing-supply-chain-security-for-your-enterprise/enabling-the-dependency-graph-for-your-enterprise){% endif %}”。 +The dependency review feature becomes available when you enable the dependency graph. For more information, see "{% ifversion ghec %}[Enabling the dependency graph](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph#enabling-the-dependency-graph){% elsif ghes %}[Enabling the dependency graph for your enterprise](/admin/code-security/managing-supply-chain-security-for-your-enterprise/enabling-the-dependency-graph-for-your-enterprise){% endif %}." {% endif %} -{% ifversion fpt or ghec or ghes > 3.5 or ghae-issue-6396 %} -## 强制实施依赖项审查 +{% ifversion fpt or ghec or ghes > 3.5 or ghae > 3.5 %} +## Dependency review enforcement {% data reusables.dependency-review.dependency-review-action-beta-note %} -该操作适用于所有 {% ifversion fpt or ghec %}公共存储库,以及启用了 {% data variables.product.prodname_GH_advanced_security %} 的专用 {% endif %}存储库。 +The action is available for all {% ifversion fpt or ghec %}public repositories, as well as private {% endif %}repositories that have {% data variables.product.prodname_GH_advanced_security %} enabled. {% data reusables.dependency-review.action-enterprise %} -可以使用存储库中的 {% data variables.product.prodname_dependency_review_action %} 对拉取请求强制实施依赖项审查。 该操作会扫描拉取请求中包版本更改引入的易受攻击的依赖项版本,并警告你相关的安全漏洞。 这样可以更好地了解拉取请求中发生的变化,并帮助防止漏洞添加到存储库中。 有关详细信息,请参阅 [`dependency-review-action`](https://github.com/actions/dependency-review-action)。 +You can use the {% data variables.product.prodname_dependency_review_action %} in your repository to enforce dependency reviews on your pull requests. The action scans for vulnerable versions of dependencies introduced by package version changes in pull requests, and warns you about the associated security vulnerabilities. This gives you better visibility of what's changing in a pull request, and helps prevent vulnerabilities being added to your repository. For more information, see [`dependency-review-action`](https://github.com/actions/dependency-review-action). -![依赖项审查操作示例](/assets/images/help/graphs/dependency-review-action.png) +![Dependency review action example](/assets/images/help/graphs/dependency-review-action.png) -默认情况下,如果 {% data variables.product.prodname_dependency_review_action %} 检查发现任何易受攻击的包,它将失败。 当存储库所有者需要依赖项审查检查才能通过时,失败的检查将阻止拉取请求合并。 有关详细信息,请参阅“[关于受保护的分支](/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/about-protected-branches#require-status-checks-before-merging)”。 +By default, the {% data variables.product.prodname_dependency_review_action %} check will fail if it discovers any vulnerable packages. A failed check blocks a pull request from being merged when the repository owner requires the dependency review check to pass. For more information, see "[About protected branches](/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/about-protected-branches#require-status-checks-before-merging)." -该操作使用依赖项审查 REST API 来获取基本提交和头提交之间的依赖项更改差异。 可以使用依赖项审查 API 获取存储库上任意两个提交之间的依赖项更改(包括漏洞数据)的差异。 有关详细信息,请参阅“[依赖项审查](/rest/reference/dependency-graph#dependency-review)”。 +The action uses the Dependency Review REST API to get the diff of dependency changes between the base commit and head commit. You can use the Dependency Review API to get the diff of dependency changes, including vulnerability data, between any two commits on a repository. For more information, see "[Dependency review](/rest/reference/dependency-graph#dependency-review)." -{% ifversion dependency-review-action-configuration %} 可以配置 {% data variables.product.prodname_dependency_review_action %} 来更好地满足你的需求。 例如,可以指定将导致操作失败的严重级别{% ifversion dependency-review-action-licenses %},或者为要扫描的许可证设置允许或拒绝列表{% endif %}。 有关详细信息,请参阅“[配置依赖项审查](/code-security/supply-chain-security/understanding-your-software-supply-chain/configuring-dependency-review#configuring-the-dependency-review-github-action)”。 {% endif %} +{% ifversion dependency-review-action-configuration %} +You can configure the {% data variables.product.prodname_dependency_review_action %} to better suit your needs. For example, you can specify the severity level that will make the action fail{% ifversion dependency-review-action-licenses %}, or set an allow or deny list for licenses to scan{% endif %}. For more information, see "[Configuring dependency review](/code-security/supply-chain-security/understanding-your-software-supply-chain/configuring-dependency-review#configuring-the-dependency-review-github-action)." +{% endif %} {% endif %} diff --git a/translations/zh-CN/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md b/translations/zh-CN/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md index 3b4c1dc5f2..d52acc8fe8 100644 --- a/translations/zh-CN/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md +++ b/translations/zh-CN/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md @@ -85,7 +85,7 @@ The recommended formats explicitly define which versions are used for all direct | Maven | Java, Scala | `pom.xml` | `pom.xml` | | npm | JavaScript | `package-lock.json` | `package-lock.json`, `package.json`| | pip | Python | `requirements.txt`, `pipfile.lock` | `requirements.txt`, `pipfile`, `pipfile.lock`, `setup.py`[‡] | -{%- ifversion fpt or ghec or ghes > 3.3 or ghae-issue-4752 %} +{%- ifversion fpt or ghec or ghes > 3.3 or ghae > 3.3 %} | Python Poetry | Python | `poetry.lock` | `poetry.lock`, `pyproject.toml` | {%- endif %} | RubyGems | Ruby | `Gemfile.lock` | `Gemfile.lock`, `Gemfile`, `*.gemspec` | diff --git a/translations/zh-CN/content/communities/documenting-your-project-with-wikis/editing-wiki-content.md b/translations/zh-CN/content/communities/documenting-your-project-with-wikis/editing-wiki-content.md index 4dcb4603ad..e9f9038bcc 100644 --- a/translations/zh-CN/content/communities/documenting-your-project-with-wikis/editing-wiki-content.md +++ b/translations/zh-CN/content/communities/documenting-your-project-with-wikis/editing-wiki-content.md @@ -1,6 +1,6 @@ --- -title: 编辑 wiki 内容 -intro: 您可以将图片和内容链接添加到您的 wiki,并使用某些受支持的 MediaWiki 格式。 +title: Editing wiki content +intro: 'You can add images and links to content in your wiki, and use some supported MediaWiki formats.' redirect_from: - /articles/adding-links-to-wikis - /articles/how-do-i-add-links-to-my-wiki @@ -19,51 +19,47 @@ versions: ghec: '*' topics: - Community -ms.openlocfilehash: 0afae4335dbf6ff78c0b0e1a2bef4cebed637a5e -ms.sourcegitcommit: 47bd0e48c7dba1dde49baff60bc1eddc91ab10c5 -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/05/2022 -ms.locfileid: '147578938' --- -## 添加链接 -您可以使用页面支持的标准标记或使用 MediaWiki 语法在 wiki 中创建链接。 例如: +## Adding links -- 如果页面使用 Markdown 呈现,则链接语法为 `[Link Text](full-URL-of-wiki-page)`。 -- 使用 MediaWiki 语法时,链接语法为 `[[nameofwikipage|Link Text]]`。 +You can create links in wikis using the standard markup supported by your page, or using MediaWiki syntax. For example: -## 添加图像 +- If your pages are rendered with Markdown, the link syntax is `[Link Text](full-URL-of-wiki-page)`. +- With MediaWiki syntax, the link syntax is `[[nameofwikipage|Link Text]]`. -Wikis 可显示 PNG、JPEG 和 GIF 图片。 +## Adding images -{% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-wiki %} -3. 使用 Wiki 边栏,导航到要更改的页面,然后单击“编辑”。 -4. 在 Wiki 工具栏上,单击“图像”。 - ![Wiki“添加图像”按钮](/assets/images/help/wiki/wiki_add_image.png) -5. 在“Insert Image”(插入图像)对话框,输入 URL 和 alt 文本(由搜索引擎和屏幕阅读器使用)。 -6. 单击" **确定**"。 +Wikis can display PNG, JPEG, and GIF images. -### 链接到仓库中的图片 +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.sidebar-wiki %} +3. Using the wiki sidebar, navigate to the page you want to change, and then click **Edit**. +4. On the wiki toolbar, click **Image**. + ![Wiki Add image button](/assets/images/help/wiki/wiki_add_image.png) +5. In the "Insert Image" dialog box, type the image URL and the alt text (which is used by search engines and screen readers). +6. Click **OK**. -您可以通过在浏览器中复制链接并将其用作图像路径,链接到 {% data variables.product.product_name %} 上仓库中的图像。 例如,使用 Markdown 在 wiki 中嵌入图像可能如下所示: +### Linking to images in a repository + +You can link to an image in a repository on {% data variables.product.product_name %} by copying the URL in your browser and using that as the path to the image. For example, embedding an image in your wiki using Markdown might look like this: [[https://github.com/USERNAME/REPOSITORY/blob/main/img/octocat.png|alt=octocat]] -{% ifversion fpt or ghec or ghes > 3.6 or ghae-issue-7647 %} -## 添加数学表达式和关系图{% endif %} +{% ifversion fpt or ghec or ghes > 3.6 or ghae > 3.6 %} +## Adding mathematical expressions and diagrams{% endif %} {% data reusables.getting-started.math-and-diagrams %} -## 受支持的 MediaWiki 格式 +## Supported MediaWiki formats -无论您的 wiki 页面以哪种标记语言编写,始终可使用某些 MediaWiki 语法。 -- 链接([AsciiDoc 除外](https://github.com/gollum/gollum/commit/d1cf698b456cd6a35a54c6a8e7b41d3068acec3b)) -- 借助于 `---` 的水平规则 -- 简明符号实体(例如 `δ` 或者 `€`) +No matter which markup language your wiki page is written in, certain MediaWiki syntax will always be available to you. +- Links ([except AsciiDoc](https://github.com/gollum/gollum/commit/d1cf698b456cd6a35a54c6a8e7b41d3068acec3b)) +- Horizontal rules via `---` +- Shorthand symbol entities (such as `δ` or `€`) -出于安全和性能原因,某些语法不受支持。 -- [嵌入包含](https://www.mediawiki.org/wiki/Transclusion) -- 定义列表 -- 缩进 -- 目录 +For security and performance reasons, some syntaxes are unsupported. +- [Transclusion](https://www.mediawiki.org/wiki/Transclusion) +- Definition lists +- Indentation +- Table of contents diff --git a/translations/zh-CN/content/developers/overview/about-githubs-apis.md b/translations/zh-CN/content/developers/overview/about-githubs-apis.md index 0577d28a85..0911a23156 100644 --- a/translations/zh-CN/content/developers/overview/about-githubs-apis.md +++ b/translations/zh-CN/content/developers/overview/about-githubs-apis.md @@ -1,6 +1,6 @@ --- -title: 关于 GitHub 的 API -intro: '了解 {% data variables.product.prodname_dotcom %} 的 API 以扩展和自定义您的 {% data variables.product.prodname_dotcom %} 体验。' +title: About GitHub's APIs +intro: 'Learn about {% data variables.product.prodname_dotcom %}''s APIs to extend and customize your {% data variables.product.prodname_dotcom %} experience.' redirect_from: - /v3/versions - /articles/getting-started-with-the-api @@ -12,11 +12,74 @@ versions: ghec: '*' topics: - API -ms.openlocfilehash: 6c4519222ce356e2b205b66f898a096ebacf8d9c -ms.sourcegitcommit: 478f2931167988096ae6478a257f492ecaa11794 -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/09/2022 -ms.locfileid: '147682642' --- -GitHub API 有两个稳定版本:[REST API](/rest) 和 [GraphQL API](/graphql)。 + +## About {% data variables.product.company_short %}'s APIs + +{% data variables.product.company_short %} provides two APIs: a REST API and a GraphQL API. You can interact with both APIs using {% data variables.product.prodname_cli %}, curl, the official Octokit libraries, and third party libraries. Occasionally, a feature may be supported on one API but not the other. + +You should choose the API that best aligns with your needs and that you are most comfortable using. This article discusses the benefits of each API. + +For more information about the GraphQL API, see [the GraphQL documentation](/graphql). For more information about the REST API, see [the REST documentation](/rest). + +## Choosing the GraphQL API + +The GraphQL API returns exactly the data that you request. GraphQL also returns the data in a pre-known structure based on your request. In contrast, the REST API returns more data than you requested and returns it in a pre-determined structure. You can also accomplish the equivalent of multiple REST API request in a single GraphQL request. The ability to make fewer requests and fetch less data makes GraphQL appealing to developers of mobile applications. + +For example, to get the {% data variables.product.product_name %} login of ten of your followers, and the login of ten followers of each of your followers, you can send a single request like: + +```graphql +{ + viewer { + followers(first: 10) { + nodes { + login + followers(first: 10) { + nodes { + login + } + } + } + } + } +} +``` + +The response will be a JSON object that follows the structure of your request. + +In contrast, to get this same information from the REST API, you would need to first make a request to `GET /user/followers`. The API would return the login of each follower, along with other data about the followers that you don't need. Then, for each follower, you would need to make a request to `GET /users/{username}/followers`. In total, you would need to make 11 requests to get the same information that you could get from a single GraphQL request, and you would receive excess data. + +## Choosing the REST API + +Because REST APIs have been around for longer than GraphQL APIs, some developers are more comfortable with the REST API. Since REST APIs use standard HTTP verbs and concepts, many developers are already familiar with the basic concepts to use the REST API. + +For example, to create an issue in the `octocat/Spoon-Knife` repository, you would need to send a request to `POST /repos/octocat/Spoon-Knife/issues` with a JSON request body: + +```json +{ + "title": "Bug with feature X", + "body": "If you do A, then B happens" +} +``` + +In contrast, to make an issue using the GraphQL API, you would need to get the node ID of the `octocat/Spoon-Knife` repository and then send a request like: + +```graphql +mutation { + createIssue( + input: { + repositoryId: "MDEwOlJlcG9zaXRvcnkxMzAwMTky" + title: "Bug with feature X" + body: "If you do A, then B happens"} + ) { + issue { + number + url + } + } +} +``` + +## Choosing both + +You don't need to exclusively use one API over the other. Node IDs let you move between the REST API and GraphQL API. For more information, see "[Using global node IDs](/graphql/guides/using-global-node-ids)." diff --git a/translations/zh-CN/content/developers/webhooks-and-events/webhooks/webhook-events-and-payloads.md b/translations/zh-CN/content/developers/webhooks-and-events/webhooks/webhook-events-and-payloads.md index fa2218b430..8c8a2844c4 100644 --- a/translations/zh-CN/content/developers/webhooks-and-events/webhooks/webhook-events-and-payloads.md +++ b/translations/zh-CN/content/developers/webhooks-and-events/webhooks/webhook-events-and-payloads.md @@ -1,6 +1,6 @@ --- -title: Webhook 事件和有效负载 -intro: 对于每个 web 挂钩事件,您可以查看事件发生的时间、示例有效负载以及有关有效负载对象参数的说明。 +title: Webhook events and payloads +intro: 'For each webhook event, you can review when the event occurs, an example payload, and descriptions about the payload object parameters.' product: '{% data reusables.gated-features.enterprise_account_webhooks %}' redirect_from: - /early-access/integrations/webhooks @@ -15,52 +15,48 @@ versions: topics: - Webhooks shortTitle: Webhook events & payloads -ms.openlocfilehash: 38dfa09525a7c3cc914bc2cf130126ed9969e190 -ms.sourcegitcommit: 76b840f45ba85fb79a7f0c1eb43bc663b3eadf2b -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/12/2022 -ms.locfileid: '147541980' --- + {% data reusables.webhooks.webhooks_intro %} -您可以创建订阅此页所列事件的 web 挂钩。 每个 web 挂钩事件都包括 web 挂钩属性的说明和示例有效负载。 有关详细信息,请参阅“[创建 Webhook](/webhooks/creating/)”。 +You can create webhooks that subscribe to the events listed on this page. Each webhook event includes a description of the webhook properties and an example payload. For more information, see "[Creating webhooks](/webhooks/creating/)." -## Web 挂钩有效负载对象共有属性 +## Webhook payload object common properties -每个 web 挂钩事件有效负载还包含特定于事件的属性。 您可以在各个事件类型部分中找到这些独特属性。 +Each webhook event payload also contains properties unique to the event. You can find the unique properties in the individual event type sections. -密钥 | 类型 | 说明 +Key | Type | Description ----|------|------------- -`action` | `string` | 大多数 Webhook 有效负载都包括 `action` 属性,其中包含触发事件的特定活动。 -{% data reusables.webhooks.sender_desc %} 此属性包含在每个 web 挂钩有效负载中。 -{% data reusables.webhooks.repo_desc %} 如果事件源自存储库中的活动,则 Webhook 有效负载包含 `repository` 属性。 -{% data reusables.webhooks.org_desc %} {% data reusables.webhooks.app_desc %} 有关详细信息,请参阅“[构建 {% data variables.product.prodname_github_app %}](/apps/building-github-apps/)” +`action` | `string` | Most webhook payloads contain an `action` property that contains the specific activity that triggered the event. +{% data reusables.webhooks.sender_desc %} This property is included in every webhook payload. +{% data reusables.webhooks.repo_desc %} Webhook payloads contain the `repository` property when the event occurs from activity in a repository. +{% data reusables.webhooks.org_desc %} +{% data reusables.webhooks.app_desc %} For more information, see "[Building {% data variables.product.prodname_github_app %}](/apps/building-github-apps/)." -Webhook 事件的独特属性与你在使用[ API](/rest/reference/activity#events) 时在 `payload` 属性中发现的属性相同。 [`push` 事件](#push) 是一个例外。 `push` 事件 Webhook 有效负载的独特属性和事件 API 中的 `payload` 属性不同。 Web 挂钩有效负载包含更详细的信息。 +The unique properties for a webhook event are the same properties you'll find in the `payload` property when using the [Events API](/rest/reference/activity#events). One exception is the [`push` event](#push). The unique properties of the `push` event webhook payload and the `payload` property in the Events API differ. The webhook payload contains more detailed information. {% tip %} -注意:有效负载上限为 25 MB。 如果事件生成了更大的有效负载,web 挂钩将不会触发。 例如,如果同时推送多个分支或标记,这种情况可能会发生在 `create` 事件中。 我们建议监控有效负载的大小以确保成功递送。 +**Note:** Payloads are capped at 25 MB. If your event generates a larger payload, a webhook will not be fired. This may happen, for example, on a `create` event if many branches or tags are pushed at once. We suggest monitoring your payload size to ensure delivery. {% endtip %} -### 递送标头 +### Delivery headers -递送到 web 挂钩已配置 URL 端点的 HTTP POST 有效负载将包含几个特殊标头: +HTTP POST payloads that are delivered to your webhook's configured URL endpoint will contain several special headers: -标头 | 说明 +Header | Description -------|-------------| -`X-GitHub-Event`| 触发递送的事件名称。 -`X-GitHub-Delivery`| 用于标识交付的 [GUID](http://en.wikipedia.org/wiki/Globally_unique_identifier)。{% ifversion ghes or ghae %} -`X-GitHub-Enterprise-Version` | 发送 HTTP POST 有效负载的 {% data variables.product.prodname_ghe_server %} 实例的版本。 -`X-GitHub-Enterprise-Host` | 发送 HTTP POST 有效负载的 {% data variables.product.prodname_ghe_server %} 实例的主机名。{% endif %}{% ifversion not ghae %} -`X-Hub-Signature`| 如果 Webhook 配置了 [`secret`](/rest/reference/repos#create-hook-config-params),则会发送此标头。 这是请求正文的 HMAC 十六进制摘要,是使用 SHA-1 哈希函数和作为 HMAC `key` 的 `secret` 生成的。{% ifversion fpt or ghes or ghec %} 提供了 `X-Hub-Signature`,以便与现有集成兼容,建议你改用更安全的 `X-Hub-Signature-256`。{% endif %}{% endif %} -`X-Hub-Signature-256`| 如果 Webhook 配置了 [`secret`](/rest/reference/repos#create-hook-config-params),则会发送此标头。 这是请求正文的 HMAC 十六进制摘要,是使用 SHA-256 哈希函数和作为 HMAC `key` 的 `secret` 生成的。 +`X-GitHub-Event`| Name of the event that triggered the delivery. +`X-GitHub-Delivery`| A [GUID](http://en.wikipedia.org/wiki/Globally_unique_identifier) to identify the delivery.{% ifversion ghes or ghae %} +`X-GitHub-Enterprise-Version` | The version of the {% data variables.product.prodname_ghe_server %} instance that sent the HTTP POST payload. +`X-GitHub-Enterprise-Host` | The hostname of the {% data variables.product.prodname_ghe_server %} instance that sent the HTTP POST payload.{% endif %}{% ifversion not ghae %} +`X-Hub-Signature`| This header is sent if the webhook is configured with a [`secret`](/rest/reference/repos#create-hook-config-params). This is the HMAC hex digest of the request body, and is generated using the SHA-1 hash function and the `secret` as the HMAC `key`.{% ifversion fpt or ghes or ghec %} `X-Hub-Signature` is provided for compatibility with existing integrations, and we recommend that you use the more secure `X-Hub-Signature-256` instead.{% endif %}{% endif %} +`X-Hub-Signature-256`| This header is sent if the webhook is configured with a [`secret`](/rest/reference/repos#create-hook-config-params). This is the HMAC hex digest of the request body, and is generated using the SHA-256 hash function and the `secret` as the HMAC `key`. -此外,请求的 `User-Agent` 将含有前缀 `GitHub-Hookshot/`。 +Also, the `User-Agent` for the requests will have the prefix `GitHub-Hookshot/`. -### 递送示例 +### Example delivery ```shell > POST /payload HTTP/2 @@ -104,50 +100,56 @@ Webhook 事件的独特属性与你在使用[ API](/rest/reference/activity#even {% ifversion fpt or ghes > 3.3 or ghae or ghec %} ## branch_protection_rule -与分支保护规则相关的活动。 有关详细信息,请参阅“[关于分支保护规则](/github/administering-a-repository/defining-the-mergeability-of-pull-requests/about-protected-branches#about-branch-protection-rules)”。 +Activity related to a branch protection rule. For more information, see "[About branch protection rules](/github/administering-a-repository/defining-the-mergeability-of-pull-requests/about-protected-branches#about-branch-protection-rules)." -### 可用性 +### Availability -- 仓库 web 挂钩 -- 组织 web 挂钩 -- 对存储库管理至少拥有 `read-only` 权限的 {% data variables.product.prodname_github_apps %} +- Repository webhooks +- Organization webhooks +- {% data variables.product.prodname_github_apps %} with at least `read-only` access on repositories administration -### Web 挂钩有效负载对象 +### Webhook payload object -密钥 | 类型 | 说明 +Key | Type | Description ----|------|------------- -`action` |`string` | 已执行的操作。 可以是 `created`、`edited` 或 `deleted`。 -`rule` | `object` | 分支保护规则。 包括 `name` 和应用于与名称匹配的分支的所有[分支保护设置](/github/administering-a-repository/defining-the-mergeability-of-pull-requests/about-protected-branches#about-branch-protection-settings)。 二进制设置是布尔值。 多级配置是 `off`、`non_admins` 或 `everyone` 之一。 执行者和构建列表是字符串数组。 -`changes` | `object` | 对规则的更改(如果操作为 `edited`)。 -{% data reusables.webhooks.repo_desc %} {% data reusables.webhooks.org_desc %} {% data reusables.webhooks.sender_desc %} +`action` |`string` | The action performed. Can be `created`, `edited`, or `deleted`. +`rule` | `object` | The branch protection rule. Includes a `name` and all the [branch protection settings](/github/administering-a-repository/defining-the-mergeability-of-pull-requests/about-protected-branches#about-branch-protection-settings) applied to branches that match the name. Binary settings are boolean. Multi-level configurations are one of `off`, `non_admins`, or `everyone`. Actor and build lists are arrays of strings. +`changes` | `object` | If the action was `edited`, the changes to the rule. +{% data reusables.webhooks.repo_desc %} +{% data reusables.webhooks.org_desc %} +{% data reusables.webhooks.sender_desc %} -### Web 挂钩有效负载示例 +### Webhook payload example -{{ webhookPayloadsForCurrentVersion.branch_protection_rule.edited }} {% endif %} +{{ webhookPayloadsForCurrentVersion.branch_protection_rule.edited }} +{% endif %} {% ifversion ghes > 3.3 %} ## cache_sync -Git 引用已成功同步到缓存副本。 有关详细信息,请参阅“[关于存储库缓存](/admin/enterprise-management/caching-repositories/about-repository-caching)”。 +A Git ref has been successfully synced to a cache replica. For more information, see "[About repository caching](/admin/enterprise-management/caching-repositories/about-repository-caching)." -### 可用性 +### Availability -- 仓库 web 挂钩 -- 组织 web 挂钩 +- Repository webhooks +- Organization webhooks -### Web 挂钩有效负载对象 +### Webhook payload object -密钥 | 类型 | 说明 +Key | Type | Description ----|------|------------- -`cache_location` |`string` | 已更新的缓存服务器的位置。 -`ref` | `string` | 已更新的引用。 -`before` | `string` | 缓存副本在更新之前引用的 OID。 -`after` | `string` | 更新后缓存副本上引用的 OID。 -{% data reusables.webhooks.repo_desc %} {% data reusables.webhooks.org_desc %} {% data reusables.webhooks.sender_desc %} +`cache_location` |`string` | The location of the cache server that has been updated. +`ref` | `string` | The ref that has been updated. +`before` | `string` | The OID of the ref on the cache replica before it was updated. +`after` | `string` | The OID of the ref on the cache replica after the update. +{% data reusables.webhooks.repo_desc %} +{% data reusables.webhooks.org_desc %} +{% data reusables.webhooks.sender_desc %} -### Web 挂钩有效负载示例 +### Webhook payload example -{{ webhookPayloadsForCurrentVersion.cache_sync.synced }} {% endif %} +{{ webhookPayloadsForCurrentVersion.cache_sync.synced }} +{% endif %} ## check_run @@ -155,17 +157,21 @@ Git 引用已成功同步到缓存副本。 有关详细信息,请参阅“[ {% data reusables.apps.undetected-pushes-to-a-forked-repository-for-check-suites %} -### 可用性 +### Availability -- 存储库 Webhook 仅接收存储库中 `created` 和 `completed` 事件类型的有效负载 -- 组织 Webhook 仅接收存储库中 `created` 和 `completed` 事件类型的有效负载 -- 具有 `checks:read` 权限的 {% data variables.product.prodname_github_apps %} 接收安装应用的存储库中发生的 `created` 和 `completed` 事件的有效负载。 应用必须具有 `checks:write` 权限才能接收 `rerequested` 和 `requested_action` 事件类型。 `rerequested` 和 `requested_action` 事件类型有效负载仅发送到正在请求的 {% data variables.product.prodname_github_app %}。 具有 `checks:write` 的 {% data variables.product.prodname_github_apps %} 会自动订阅此 Webhook 事件。 +- Repository webhooks only receive payloads for the `created` and `completed` event types in a repository +- Organization webhooks only receive payloads for the `created` and `completed` event types in repositories +- {% data variables.product.prodname_github_apps %} with the `checks:read` permission receive payloads for the `created` and `completed` events that occur in the repository where the app is installed. The app must have the `checks:write` permission to receive the `rerequested` and `requested_action` event types. The `rerequested` and `requested_action` event type payloads are only sent to the {% data variables.product.prodname_github_app %} being requested. {% data variables.product.prodname_github_apps %} with the `checks:write` are automatically subscribed to this webhook event. -### Web 挂钩有效负载对象 +### Webhook payload object -{% data reusables.webhooks.check_run_properties %} {% data reusables.webhooks.repo_desc %} {% data reusables.webhooks.org_desc %} {% data reusables.webhooks.app_desc %} {% data reusables.webhooks.sender_desc %} +{% data reusables.webhooks.check_run_properties %} +{% data reusables.webhooks.repo_desc %} +{% data reusables.webhooks.org_desc %} +{% data reusables.webhooks.app_desc %} +{% data reusables.webhooks.sender_desc %} -### Web 挂钩有效负载示例 +### Webhook payload example {{ webhookPayloadsForCurrentVersion.check_run.created }} @@ -175,17 +181,21 @@ Git 引用已成功同步到缓存副本。 有关详细信息,请参阅“[ {% data reusables.apps.undetected-pushes-to-a-forked-repository-for-check-suites %} -### 可用性 +### Availability -- 存储库 Webhook 仅接收存储库中 `completed` 事件类型的有效负载 -- 组织 Webhook 仅接收存储库中 `completed` 事件类型的有效负载 -- 具有 `checks:read` 权限的 {% data variables.product.prodname_github_apps %} 接收安装应用的存储库中发生的 `created` 和 `completed` 事件的有效负载。 应用必须具有 `checks:write` 权限才能接收 `requested` 和 `rerequested` 事件类型。 `requested` 和 `rerequested` 事件类型有效负载仅发送到正在请求的 {% data variables.product.prodname_github_app %}。 具有 `checks:write` 的 {% data variables.product.prodname_github_apps %} 会自动订阅此 Webhook 事件。 +- Repository webhooks only receive payloads for the `completed` event types in a repository +- Organization webhooks only receive payloads for the `completed` event types in repositories +- {% data variables.product.prodname_github_apps %} with the `checks:read` permission receive payloads for the `created` and `completed` events that occur in the repository where the app is installed. The app must have the `checks:write` permission to receive the `requested` and `rerequested` event types. The `requested` and `rerequested` event type payloads are only sent to the {% data variables.product.prodname_github_app %} being requested. {% data variables.product.prodname_github_apps %} with the `checks:write` are automatically subscribed to this webhook event. -### Web 挂钩有效负载对象 +### Webhook payload object -{% data reusables.webhooks.check_suite_properties %} {% data reusables.webhooks.repo_desc %} {% data reusables.webhooks.org_desc %} {% data reusables.webhooks.app_desc %} {% data reusables.webhooks.sender_desc %} +{% data reusables.webhooks.check_suite_properties %} +{% data reusables.webhooks.repo_desc %} +{% data reusables.webhooks.org_desc %} +{% data reusables.webhooks.app_desc %} +{% data reusables.webhooks.sender_desc %} -### Web 挂钩有效负载示例 +### Webhook payload example {{ webhookPayloadsForCurrentVersion.check_suite.completed }} @@ -193,17 +203,21 @@ Git 引用已成功同步到缓存副本。 有关详细信息,请参阅“[ {% data reusables.webhooks.code_scanning_alert_event_short_desc %} -### 可用性 +### Availability -- 仓库 web 挂钩 -- 组织 web 挂钩 -- 具有 `security_events :read` 权限的 {% data variables.product.prodname_github_apps %} +- Repository webhooks +- Organization webhooks +- {% data variables.product.prodname_github_apps %} with the `security_events :read` permission -### Web 挂钩有效负载对象 +### Webhook payload object -{% data reusables.webhooks.code_scanning_alert_event_properties %} {% data reusables.webhooks.repo_desc %} {% data reusables.webhooks.org_desc %} {% data reusables.webhooks.app_desc %} `sender` | `object` | 如果 `action` 为 `reopened_by_user` 或 `closed_by_user`,则 `sender` 对象将是触发事件的用户。 对于所有其他操作,`sender` 对象为 {% ifversion fpt or ghec %}`github`{% elsif ghes or ghae %}`github-enterprise`{% else %}空{% endif %}。 +{% data reusables.webhooks.code_scanning_alert_event_properties %} +{% data reusables.webhooks.repo_desc %} +{% data reusables.webhooks.org_desc %} +{% data reusables.webhooks.app_desc %} +`sender` | `object` | If the `action` is `reopened_by_user` or `closed_by_user`, the `sender` object will be the user that triggered the event. The `sender` object is {% ifversion fpt or ghec %}`github`{% elsif ghes or ghae %}`github-enterprise`{% else %}empty{% endif %} for all other actions. -### Web 挂钩有效负载示例 +### Webhook payload example {{ webhookPayloadsForCurrentVersion.code_scanning_alert.reopened }} @@ -211,17 +225,21 @@ Git 引用已成功同步到缓存副本。 有关详细信息,请参阅“[ {% data reusables.webhooks.commit_comment_short_desc %} -### 可用性 +### Availability -- 仓库 web 挂钩 -- 组织 web 挂钩 -- 具有 `contents` 权限的 {% data variables.product.prodname_github_apps %} +- Repository webhooks +- Organization webhooks +- {% data variables.product.prodname_github_apps %} with the `contents` permission -### Web 挂钩有效负载对象 +### Webhook payload object -{% data reusables.webhooks.commit_comment_properties %} {% data reusables.webhooks.repo_desc %} {% data reusables.webhooks.org_desc %} {% data reusables.webhooks.app_desc %} {% data reusables.webhooks.sender_desc %} +{% data reusables.webhooks.commit_comment_properties %} +{% data reusables.webhooks.repo_desc %} +{% data reusables.webhooks.org_desc %} +{% data reusables.webhooks.app_desc %} +{% data reusables.webhooks.sender_desc %} -### Web 挂钩有效负载示例 +### Webhook payload example {{ webhookPayloadsForCurrentVersion.commit_comment.created }} @@ -230,13 +248,13 @@ Git 引用已成功同步到缓存副本。 有关详细信息,请参阅“[ {% data reusables.webhooks.content_reference_short_desc %} -Web 挂钩事件是基于您注册的域的特异性而触发的。 例如,如果你注册了一个子域 (`https://subdomain.example.com`),则只有该子域的 URL 才会触发此事件。 如果你注册了一个域 (`https://example.com`),则该域及所有子域的 URL 都会触发此事件。 请参阅“[创建内容附件](/rest/reference/apps#create-a-content-attachment)”以创建新的内容附件。 +Webhook events are triggered based on the specificity of the domain you register. For example, if you register a subdomain (`https://subdomain.example.com`) then only URLs for the subdomain trigger this event. If you register a domain (`https://example.com`) then URLs for domain and all subdomains trigger this event. See "[Create a content attachment](/rest/reference/apps#create-a-content-attachment)" to create a new content attachment. -### 可用性 +### Availability -- 具有 `content_references:write` 权限的 {% data variables.product.prodname_github_apps %} +- {% data variables.product.prodname_github_apps %} with the `content_references:write` permission -### Web 挂钩有效负载示例 +### Webhook payload example {{ webhookPayloadsForCurrentVersion.content_reference.created }} @@ -247,21 +265,26 @@ Web 挂钩事件是基于您注册的域的特异性而触发的。 例如,如 {% note %} -注意:如果一次创建三个以上的标记,将不会收到此事件的 Webhook。 +**Note:** You will not receive a webhook for this event when you create more than three tags at once. {% endnote %} -### 可用性 +### Availability -- 仓库 web 挂钩 -- 组织 web 挂钩 -- 具有 `contents` 权限的 {% data variables.product.prodname_github_apps %} +- Repository webhooks +- Organization webhooks +- {% data variables.product.prodname_github_apps %} with the `contents` permission -### Web 挂钩有效负载对象 +### Webhook payload object -{% data reusables.webhooks.create_properties %} {% data reusables.webhooks.pusher_type_desc %} {% data reusables.webhooks.repo_desc %} {% data reusables.webhooks.org_desc %} {% data reusables.webhooks.app_desc %} {% data reusables.webhooks.sender_desc %} +{% data reusables.webhooks.create_properties %} +{% data reusables.webhooks.pusher_type_desc %} +{% data reusables.webhooks.repo_desc %} +{% data reusables.webhooks.org_desc %} +{% data reusables.webhooks.app_desc %} +{% data reusables.webhooks.sender_desc %} -### Web 挂钩有效负载示例 +### Webhook payload example {{ webhookPayloadsForCurrentVersion.create }} @@ -271,21 +294,26 @@ Web 挂钩事件是基于您注册的域的特异性而触发的。 例如,如 {% note %} -注意:如果一次删除三个以上的标记,将不会收到此事件的 Webhook。 +**Note:** You will not receive a webhook for this event when you delete more than three tags at once. {% endnote %} -### 可用性 +### Availability -- 仓库 web 挂钩 -- 组织 web 挂钩 -- 具有 `contents` 权限的 {% data variables.product.prodname_github_apps %} +- Repository webhooks +- Organization webhooks +- {% data variables.product.prodname_github_apps %} with the `contents` permission -### Web 挂钩有效负载对象 +### Webhook payload object -{% data reusables.webhooks.delete_properties %} {% data reusables.webhooks.pusher_type_desc %} {% data reusables.webhooks.repo_desc %} {% data reusables.webhooks.org_desc %} {% data reusables.webhooks.app_desc %} {% data reusables.webhooks.sender_desc %} +{% data reusables.webhooks.delete_properties %} +{% data reusables.webhooks.pusher_type_desc %} +{% data reusables.webhooks.repo_desc %} +{% data reusables.webhooks.org_desc %} +{% data reusables.webhooks.app_desc %} +{% data reusables.webhooks.sender_desc %} -### Web 挂钩有效负载示例 +### Webhook payload example {{ webhookPayloadsForCurrentVersion.delete }} @@ -293,38 +321,44 @@ Web 挂钩事件是基于您注册的域的特异性而触发的。 例如,如 {% data reusables.webhooks.deploy_key_short_desc %} -### 可用性 +### Availability -- 仓库 web 挂钩 -- 组织 web 挂钩 +- Repository webhooks +- Organization webhooks -### Web 挂钩有效负载对象 +### Webhook payload object -{% data reusables.webhooks.deploy_key_properties %} {% data reusables.webhooks.repo_desc %} {% data reusables.webhooks.org_desc %} {% data reusables.webhooks.sender_desc %} +{% data reusables.webhooks.deploy_key_properties %} +{% data reusables.webhooks.repo_desc %} +{% data reusables.webhooks.org_desc %} +{% data reusables.webhooks.sender_desc %} -### Web 挂钩有效负载示例 +### Webhook payload example {{ webhookPayloadsForCurrentVersion.deploy_key.created }} -## 部署 +## deployment {% data reusables.webhooks.deployment_short_desc %} -### 可用性 +### Availability -- 仓库 web 挂钩 -- 组织 web 挂钩 -- 具有 `deployments` 权限的 {% data variables.product.prodname_github_apps %} +- Repository webhooks +- Organization webhooks +- {% data variables.product.prodname_github_apps %} with the `deployments` permission -### Web 挂钩有效负载对象 +### Webhook payload object -密钥 | 类型 | 说明 +Key | Type | Description ----|------|------------- -`action` |`string` | 已执行的操作。 可以为 `created`。 -`deployment` |`object` | [部署](/rest/reference/deployments#list-deployments)。 -{% data reusables.webhooks.repo_desc %} {% data reusables.webhooks.org_desc %} {% data reusables.webhooks.app_desc %} {% data reusables.webhooks.sender_desc %} +`action` |`string` | The action performed. Can be `created`. +`deployment` |`object` | The [deployment](/rest/reference/deployments#list-deployments). +{% data reusables.webhooks.repo_desc %} +{% data reusables.webhooks.org_desc %} +{% data reusables.webhooks.app_desc %} +{% data reusables.webhooks.sender_desc %} -### Web 挂钩有效负载示例 +### Webhook payload example {{ webhookPayloadsForCurrentVersion.deployment }} @@ -332,48 +366,54 @@ Web 挂钩事件是基于您注册的域的特异性而触发的。 例如,如 {% data reusables.webhooks.deployment_status_short_desc %} -### 可用性 +### Availability -- 仓库 web 挂钩 -- 组织 web 挂钩 -- 具有 `deployments` 权限的 {% data variables.product.prodname_github_apps %} +- Repository webhooks +- Organization webhooks +- {% data variables.product.prodname_github_apps %} with the `deployments` permission -### Web 挂钩有效负载对象 +### Webhook payload object -密钥 | 类型 | 说明 +Key | Type | Description ----|------|------------- -`action` |`string` | 已执行的操作。 可以为 `created`。 -`deployment_status` |`object` | [部署状态](/rest/reference/deployments#list-deployment-statuses)。 -`deployment_status["state"]` |`string` | 新状态。 可以是 `pending`、`success`、`failure` 或 `error`。 -`deployment_status["target_url"]` |`string` | 添加到状态的可选链接。 -`deployment_status["description"]`|`string` | 添加到状态的可选人类可读说明。 -`deployment` |`object` | 与此状态关联的[部署](/rest/reference/deployments#list-deployments)。 -{% data reusables.webhooks.repo_desc %} {% data reusables.webhooks.org_desc %} {% data reusables.webhooks.app_desc %} {% data reusables.webhooks.sender_desc %} +`action` |`string` | The action performed. Can be `created`. +`deployment_status` |`object` | The [deployment status](/rest/reference/deployments#list-deployment-statuses). +`deployment_status["state"]` |`string` | The new state. Can be `pending`, `success`, `failure`, or `error`. +`deployment_status["target_url"]` |`string` | The optional link added to the status. +`deployment_status["description"]`|`string` | The optional human-readable description added to the status. +`deployment` |`object` | The [deployment](/rest/reference/deployments#list-deployments) that this status is associated with. +{% data reusables.webhooks.repo_desc %} +{% data reusables.webhooks.org_desc %} +{% data reusables.webhooks.app_desc %} +{% data reusables.webhooks.sender_desc %} -### Web 挂钩有效负载示例 +### Webhook payload example {{ webhookPayloadsForCurrentVersion.deployment_status }} {% ifversion fpt or ghec %} -## 讨论 +## discussion {% data reusables.webhooks.discussions-webhooks-beta %} -与讨论有关的活动。 有关详细信息,请参阅“[使用 GraphQL API 进行讨论](/graphql/guides/using-the-graphql-api-for-discussions)”。 -### 可用性 +Activity related to a discussion. For more information, see the "[Using the GraphQL API for discussions](/graphql/guides/using-the-graphql-api-for-discussions)." +### Availability -- 仓库 web 挂钩 -- 组织 web 挂钩 -- 具有 `discussions` 权限的 {% data variables.product.prodname_github_apps %} +- Repository webhooks +- Organization webhooks +- {% data variables.product.prodname_github_apps %} with the `discussions` permission -### Web 挂钩有效负载对象 +### Webhook payload object -密钥 | 类型 | 说明 +Key | Type | Description ----|------|------------- -`action` |`string` | 已执行的操作。 可以是 `created`、`edited`、`deleted`、`pinned`、`unpinned`、`locked`、`unlocked`、`transferred`、`category_changed`、`answered`、`unanswered`、`labeled` 或 `unlabeled`。 -{% data reusables.webhooks.discussion_desc %} {% data reusables.webhooks.repo_desc_graphql %} {% data reusables.webhooks.org_desc_graphql %} {% data reusables.webhooks.sender_desc %} +`action` |`string` | The action performed. Can be `created`, `edited`, `deleted`, `pinned`, `unpinned`, `locked`, `unlocked`, `transferred`, `category_changed`, `answered`, `unanswered`, `labeled`, or `unlabeled`. +{% data reusables.webhooks.discussion_desc %} +{% data reusables.webhooks.repo_desc_graphql %} +{% data reusables.webhooks.org_desc_graphql %} +{% data reusables.webhooks.sender_desc %} -### Web 挂钩有效负载示例 +### Webhook payload example {{ webhookPayloadsForCurrentVersion.discussion.created }} @@ -381,84 +421,92 @@ Web 挂钩事件是基于您注册的域的特异性而触发的。 例如,如 {% data reusables.webhooks.discussions-webhooks-beta %} -与讨论中的评论相关的活动。 有关详细信息,请参阅“[使用 GraphQL API 进行讨论](/graphql/guides/using-the-graphql-api-for-discussions)”。 +Activity related to a comment in a discussion. For more information, see "[Using the GraphQL API for discussions](/graphql/guides/using-the-graphql-api-for-discussions)." -### 可用性 +### Availability -- 仓库 web 挂钩 -- 组织 web 挂钩 -- 具有 `discussions` 权限的 {% data variables.product.prodname_github_apps %} +- Repository webhooks +- Organization webhooks +- {% data variables.product.prodname_github_apps %} with the `discussions` permission -### Web 挂钩有效负载对象 +### Webhook payload object -密钥 | 类型 | 说明 +Key | Type | Description ----|------|------------- -`action` |`string` | 已执行的操作。 可以是 `created`、`edited` 或 `deleted`。 -`comment` | `object` | [`discussion comment`](/graphql/guides/using-the-graphql-api-for-discussions#discussioncomment) 资源。 -{% data reusables.webhooks.discussion_desc %} {% data reusables.webhooks.repo_desc_graphql %} {% data reusables.webhooks.org_desc_graphql %} {% data reusables.webhooks.sender_desc %} +`action` |`string` | The action performed. Can be `created`, `edited`, or `deleted`. +`comment` | `object` | The [`discussion comment`](/graphql/guides/using-the-graphql-api-for-discussions#discussioncomment) resource. +{% data reusables.webhooks.discussion_desc %} +{% data reusables.webhooks.repo_desc_graphql %} +{% data reusables.webhooks.org_desc_graphql %} +{% data reusables.webhooks.sender_desc %} -### Web 挂钩有效负载示例 +### Webhook payload example -{{ webhookPayloadsForCurrentVersion.discussion_comment.created }} {% endif %} +{{ webhookPayloadsForCurrentVersion.discussion_comment.created }} +{% endif %} {% ifversion ghes or ghae %} -## 企业 +## enterprise {% data reusables.webhooks.enterprise_short_desc %} -### 可用性 +### Availability -- GitHub Enterprise web 挂钩。 有关详细信息,请参阅“[全局 Webhook](/rest/reference/enterprise-admin#global-webhooks/)”。 +- GitHub Enterprise webhooks. For more information, "[Global webhooks](/rest/reference/enterprise-admin#global-webhooks/)." -### Web 挂钩有效负载对象 +### Webhook payload object -密钥 | 类型 | 说明 +Key | Type | Description ----|------|------------- -`action` |`string` | 已执行的操作。 可以是 `anonymous_access_enabled` 或 `anonymous_access_disabled`。 +`action` |`string` | The action performed. Can be `anonymous_access_enabled` or `anonymous_access_disabled`. -### Web 挂钩有效负载示例 +### Webhook payload example {{ webhookPayloadsForCurrentVersion.enterprise.anonymous_access_enabled }} {% endif %} -## 分支 +## fork {% data reusables.webhooks.fork_short_desc %} -### 可用性 +### Availability -- 仓库 web 挂钩 -- 组织 web 挂钩 -- 具有 `contents` 权限的 {% data variables.product.prodname_github_apps %} +- Repository webhooks +- Organization webhooks +- {% data variables.product.prodname_github_apps %} with the `contents` permission -### Web 挂钩有效负载对象 +### Webhook payload object -{% data reusables.webhooks.fork_properties %} {% data reusables.webhooks.repo_desc %} {% data reusables.webhooks.org_desc %} {% data reusables.webhooks.app_desc %} {% data reusables.webhooks.sender_desc %} +{% data reusables.webhooks.fork_properties %} +{% data reusables.webhooks.repo_desc %} +{% data reusables.webhooks.org_desc %} +{% data reusables.webhooks.app_desc %} +{% data reusables.webhooks.sender_desc %} -### Web 挂钩有效负载示例 +### Webhook payload example {{ webhookPayloadsForCurrentVersion.fork }} ## github_app_authorization -当有人撤销对 {% data variables.product.prodname_github_app %} 的授权时,将发生此事件。 {% data variables.product.prodname_github_app %} 默认情况下会接收此 web 挂钩,并且无法取消订阅此事件。 +When someone revokes their authorization of a {% data variables.product.prodname_github_app %}, this event occurs. A {% data variables.product.prodname_github_app %} receives this webhook by default and cannot unsubscribe from this event. -{% data reusables.webhooks.authorization_event %} 有关用户到服务器请求(需要 {% data variables.product.prodname_github_app %} 授权)的详细信息,请参阅“[识别和授权 {% data variables.product.prodname_github_apps %} 用户](/apps/building-github-apps/identifying-and-authorizing-users-for-github-apps/)”。 +{% data reusables.webhooks.authorization_event %} For details about user-to-server requests, which require {% data variables.product.prodname_github_app %} authorization, see "[Identifying and authorizing users for {% data variables.product.prodname_github_apps %}](/apps/building-github-apps/identifying-and-authorizing-users-for-github-apps/)." -### 可用性 +### Availability - {% data variables.product.prodname_github_apps %} -### Web 挂钩有效负载对象 +### Webhook payload object -密钥 | 类型 | 说明 +Key | Type | Description ----|------|------------- -`action` |`string` | 已执行的操作。 可以为 `revoked`。 +`action` |`string` | The action performed. Can be `revoked`. {% data reusables.webhooks.sender_desc %} -### Web 挂钩有效负载示例 +### Webhook payload example {{ webhookPayloadsForCurrentVersion.github_app_authorization.revoked }} @@ -466,33 +514,39 @@ Web 挂钩事件是基于您注册的域的特异性而触发的。 例如,如 {% data reusables.webhooks.gollum_short_desc %} -### 可用性 +### Availability -- 仓库 web 挂钩 -- 组织 web 挂钩 -- 具有 `contents` 权限的 {% data variables.product.prodname_github_apps %} +- Repository webhooks +- Organization webhooks +- {% data variables.product.prodname_github_apps %} with the `contents` permission -### Web 挂钩有效负载对象 +### Webhook payload object -{% data reusables.webhooks.gollum_properties %} {% data reusables.webhooks.repo_desc %} {% data reusables.webhooks.org_desc %} {% data reusables.webhooks.app_desc %} {% data reusables.webhooks.sender_desc %} +{% data reusables.webhooks.gollum_properties %} +{% data reusables.webhooks.repo_desc %} +{% data reusables.webhooks.org_desc %} +{% data reusables.webhooks.app_desc %} +{% data reusables.webhooks.sender_desc %} -### Web 挂钩有效负载示例 +### Webhook payload example {{ webhookPayloadsForCurrentVersion.gollum }} -## 安装 +## installation {% data reusables.webhooks.installation_short_desc %} -### 可用性 +### Availability - {% data variables.product.prodname_github_apps %} -### Web 挂钩有效负载对象 +### Webhook payload object -{% data reusables.webhooks.installation_properties %} {% data reusables.webhooks.app_always_desc %} {% data reusables.webhooks.sender_desc %} +{% data reusables.webhooks.installation_properties %} +{% data reusables.webhooks.app_always_desc %} +{% data reusables.webhooks.sender_desc %} -### Web 挂钩有效负载示例 +### Webhook payload example {{ webhookPayloadsForCurrentVersion.installation.deleted }} @@ -500,15 +554,17 @@ Web 挂钩事件是基于您注册的域的特异性而触发的。 例如,如 {% data reusables.webhooks.installation_repositories_short_desc %} -### 可用性 +### Availability - {% data variables.product.prodname_github_apps %} -### Web 挂钩有效负载对象 +### Webhook payload object -{% data reusables.webhooks.installation_repositories_properties %} {% data reusables.webhooks.app_always_desc %} {% data reusables.webhooks.sender_desc %} +{% data reusables.webhooks.installation_repositories_properties %} +{% data reusables.webhooks.app_always_desc %} +{% data reusables.webhooks.sender_desc %} -### Web 挂钩有效负载示例 +### Webhook payload example {{ webhookPayloadsForCurrentVersion.installation_repositories.added }} @@ -516,17 +572,22 @@ Web 挂钩事件是基于您注册的域的特异性而触发的。 例如,如 {% data reusables.webhooks.issue_comment_short_desc %} -### 可用性 +### Availability -- 仓库 web 挂钩 -- 组织 web 挂钩 -- 具有 `issues` 权限的 {% data variables.product.prodname_github_apps %} +- Repository webhooks +- Organization webhooks +- {% data variables.product.prodname_github_apps %} with the `issues` permission -### Web 挂钩有效负载对象 +### Webhook payload object -{% data reusables.webhooks.issue_comment_webhook_properties %} {% data reusables.webhooks.issue_comment_properties %} {% data reusables.webhooks.repo_desc %} {% data reusables.webhooks.org_desc %} {% data reusables.webhooks.app_desc %} {% data reusables.webhooks.sender_desc %} +{% data reusables.webhooks.issue_comment_webhook_properties %} +{% data reusables.webhooks.issue_comment_properties %} +{% data reusables.webhooks.repo_desc %} +{% data reusables.webhooks.org_desc %} +{% data reusables.webhooks.app_desc %} +{% data reusables.webhooks.sender_desc %} -### Web 挂钩有效负载示例 +### Webhook payload example {{ webhookPayloadsForCurrentVersion.issue_comment.created }} @@ -534,17 +595,22 @@ Web 挂钩事件是基于您注册的域的特异性而触发的。 例如,如 {% data reusables.webhooks.issues_short_desc %} -### 可用性 +### Availability -- 仓库 web 挂钩 -- 组织 web 挂钩 -- 具有 `issues` 权限的 {% data variables.product.prodname_github_apps %} +- Repository webhooks +- Organization webhooks +- {% data variables.product.prodname_github_apps %} with the `issues` permission -### Web 挂钩有效负载对象 +### Webhook payload object -{% data reusables.webhooks.issue_webhook_properties %} {% data reusables.webhooks.issue_properties %} {% data reusables.webhooks.repo_desc %} {% data reusables.webhooks.org_desc %} {% data reusables.webhooks.app_desc %} {% data reusables.webhooks.sender_desc %} +{% data reusables.webhooks.issue_webhook_properties %} +{% data reusables.webhooks.issue_properties %} +{% data reusables.webhooks.repo_desc %} +{% data reusables.webhooks.org_desc %} +{% data reusables.webhooks.app_desc %} +{% data reusables.webhooks.sender_desc %} -### 有人编辑议题时的 web 挂钩示例 +### Webhook payload example when someone edits an issue {{ webhookPayloadsForCurrentVersion.issues.edited }} @@ -552,45 +618,48 @@ Web 挂钩事件是基于您注册的域的特异性而触发的。 例如,如 {% data reusables.webhooks.label_short_desc %} -### 可用性 +### Availability -- 仓库 web 挂钩 -- 组织 web 挂钩 -- 具有 `metadata` 权限的 {% data variables.product.prodname_github_apps %} +- Repository webhooks +- Organization webhooks +- {% data variables.product.prodname_github_apps %} with the `metadata` permission -### Web 挂钩有效负载对象 +### Webhook payload object -密钥 | 类型 | 说明 +Key | Type | Description ----|------|------------- -`action`|`string` | 执行的操作内容. 可以是 `created`、`edited` 或 `deleted`。 -`label`|`object` | 添加的标签。 -`changes`|`object`| 对标签的更改(如果操作为 `edited`)。 -`changes[name][from]`|`string` | 先前版本的名称(如果操作为 `edited`)。 -`changes[color][from]`|`string` | 先前版本的颜色(如果操作为 `edited`)。 -{% data reusables.webhooks.repo_desc %} {% data reusables.webhooks.org_desc %} {% data reusables.webhooks.app_desc %} {% data reusables.webhooks.sender_desc %} +`action`|`string` | The action that was performed. Can be `created`, `edited`, or `deleted`. +`label`|`object` | The label that was added. +`changes`|`object`| The changes to the label if the action was `edited`. +`changes[name][from]`|`string` | The previous version of the name if the action was `edited`. +`changes[color][from]`|`string` | The previous version of the color if the action was `edited`. +{% data reusables.webhooks.repo_desc %} +{% data reusables.webhooks.org_desc %} +{% data reusables.webhooks.app_desc %} +{% data reusables.webhooks.sender_desc %} -### Web 挂钩有效负载示例 +### Webhook payload example {{ webhookPayloadsForCurrentVersion.label.deleted }} {% ifversion fpt or ghec %} ## marketplace_purchase -与 GitHub Marketplace 购买相关的活动。 {% data reusables.webhooks.action_type_desc %} 有关详细信息,请参阅“[GitHub 市场](/marketplace/)”。 +Activity related to a GitHub Marketplace purchase. {% data reusables.webhooks.action_type_desc %} For more information, see the "[GitHub Marketplace](/marketplace/)." -### 可用性 +### Availability - {% data variables.product.prodname_github_apps %} -### Web 挂钩有效负载对象 +### Webhook payload object -密钥 | 类型 | 说明 +Key | Type | Description ----|------|------------- -`action` | `string` | 为 [GitHub 市场](https://github.com/marketplace)计划执行的操作。 可以是以下选项之一:
  • `purchased` - 有人购买了 GitHub 市场计划。 更改应立即对帐户生效。
  • `pending_change` - 当有人降级或取消了 GitHub 市场计划以指示帐户上将发生更改时,你将收到 `pending_change` 事件。 新的计划或取消将在结算周期结束时生效。 当计费周期结束并且取消或新计划应生效时,将发送 `cancelled` 或 `changed` 事件类型。
  • `pending_change_cancelled` - 有人取消了挂起的更改。 待处理更改包括将在结算周期结束时生效的计划取消和降级。
  • `changed` - 有人升级或降级了 GitHub 市场计划,并且该更改应立即对帐户生效。
  • `cancelled` - 有人取消了 GitHub 市场计划并且最后一个计费周期已结束。 更改应立即对帐户生效。
+`action` | `string` | The action performed for a [GitHub Marketplace](https://github.com/marketplace) plan. Can be one of:
  • `purchased` - Someone purchased a GitHub Marketplace plan. The change should take effect on the account immediately.
  • `pending_change` - You will receive the `pending_change` event when someone has downgraded or cancelled a GitHub Marketplace plan to indicate a change will occur on the account. The new plan or cancellation takes effect at the end of the billing cycle. The `cancelled` or `changed` event type will be sent when the billing cycle has ended and the cancellation or new plan should take effect.
  • `pending_change_cancelled` - Someone has cancelled a pending change. Pending changes include plan cancellations and downgrades that will take effect at the end of a billing cycle.
  • `changed` - Someone has upgraded or downgraded a GitHub Marketplace plan and the change should take effect on the account immediately.
  • `cancelled` - Someone cancelled a GitHub Marketplace plan and the last billing cycle has ended. The change should take effect on the account immediately.
-有关此有效负载和每种类型 `action` 的有效负载的详细说明,请参阅 [{% data variables.product.prodname_marketplace %} Webhook 事件](/marketplace/integrating-with-the-github-marketplace-api/github-marketplace-webhook-events/)。 +For a detailed description of this payload and the payload for each type of `action`, see [{% data variables.product.prodname_marketplace %} webhook events](/marketplace/integrating-with-the-github-marketplace-api/github-marketplace-webhook-events/). -### 有人购买计划时的 web 挂钩示例 +### Webhook payload example when someone purchases the plan {{ webhookPayloadsForCurrentVersion.marketplace_purchase.purchased }} @@ -600,34 +669,42 @@ Web 挂钩事件是基于您注册的域的特异性而触发的。 例如,如 {% data reusables.webhooks.member_short_desc %} -### 可用性 +### Availability -- 仓库 web 挂钩 -- 组织 web 挂钩 -- 具有 `members` 权限的 {% data variables.product.prodname_github_apps %} +- Repository webhooks +- Organization webhooks +- {% data variables.product.prodname_github_apps %} with the `members` permission -### Web 挂钩有效负载对象 +### Webhook payload object -{% data reusables.webhooks.member_webhook_properties %} {% data reusables.webhooks.member_properties %} {% data reusables.webhooks.repo_desc %} {% data reusables.webhooks.org_desc %} {% data reusables.webhooks.app_desc %} {% data reusables.webhooks.sender_desc %} +{% data reusables.webhooks.member_webhook_properties %} +{% data reusables.webhooks.member_properties %} +{% data reusables.webhooks.repo_desc %} +{% data reusables.webhooks.org_desc %} +{% data reusables.webhooks.app_desc %} +{% data reusables.webhooks.sender_desc %} -### Web 挂钩有效负载示例 +### Webhook payload example {{ webhookPayloadsForCurrentVersion.member.added }} -## Membership — 成员资格 +## membership {% data reusables.webhooks.membership_short_desc %} -### 可用性 +### Availability -- 组织 web 挂钩 -- 具有 `members` 权限的 {% data variables.product.prodname_github_apps %} +- Organization webhooks +- {% data variables.product.prodname_github_apps %} with the `members` permission -### Web 挂钩有效负载对象 +### Webhook payload object -{% data reusables.webhooks.membership_properties %} {% data reusables.webhooks.org_desc %} {% data reusables.webhooks.app_desc %} {% data reusables.webhooks.sender_desc %} +{% data reusables.webhooks.membership_properties %} +{% data reusables.webhooks.org_desc %} +{% data reusables.webhooks.app_desc %} +{% data reusables.webhooks.sender_desc %} -### Web 挂钩有效负载示例 +### Webhook payload example {{ webhookPayloadsForCurrentVersion.membership.removed }} @@ -637,27 +714,30 @@ Web 挂钩事件是基于您注册的域的特异性而触发的。 例如,如 {% data reusables.pull_requests.merge-queue-beta %} -与合并队列中的合并组相关的活动。 活动类型在有效负载对象的操作属性中指定。 +Activity related to merge groups in a merge queue. The type of activity is specified in the action property of the payload object. -### 可用性 +### Availability -- 仓库 web 挂钩 -- 组织 web 挂钩 -- 具有 `merge_queues` 权限的 {% data variables.product.prodname_github_apps %} +- Repository webhooks +- Organization webhooks +- {% data variables.product.prodname_github_apps %} with the `merge_queues` permission -### Web 挂钩有效负载对象 +### Webhook payload object -密钥 | 类型 | 说明 +Key | Type | Description ----|------|------------- -`action`|`string` | 执行的操作内容. 目前只能是 `checks_requested`。 -`merge_group`|`object` | 合并组。 -`merge_group[head_sha]`|`string` | 合并组的 SHA。 -`merge_group[head_ref]`|`string` | 合并组的完整引用。 -`merge_group[base_ref]`|`string` | 合并组将合并到的分支的完整引用。 -{% data reusables.webhooks.repo_desc %} {% data reusables.webhooks.org_desc %} {% data reusables.webhooks.app_desc %} {% data reusables.webhooks.sender_desc %} +`action`|`string` | The action that was performed. Currently, can only be `checks_requested`. +`merge_group`|`object` | The merge group. +`merge_group[head_sha]`|`string` | The SHA of the merge group. +`merge_group[head_ref]`|`string` | The full ref of the merge group. +`merge_group[base_ref]`|`string` | The full ref of the branch the merge group will be merged into. +{% data reusables.webhooks.repo_desc %} +{% data reusables.webhooks.org_desc %} +{% data reusables.webhooks.app_desc %} +{% data reusables.webhooks.sender_desc %} -### Web 挂钩有效负载示例 +### Webhook payload example {{ webhookPayloadsForCurrentVersion.merge_group.checks_requested }} @@ -665,41 +745,47 @@ Web 挂钩事件是基于您注册的域的特异性而触发的。 例如,如 ## meta -配置此事件的 web 挂钩已被删除。 此事件将仅监听对安装此事件的特定挂钩的更改。 因此,必须为要接收元事件的每个挂钩选择它。 +The webhook this event is configured on was deleted. This event will only listen for changes to the particular hook the event is installed on. Therefore, it must be selected for each hook that you'd like to receive meta events for. -### 可用性 +### Availability -- 仓库 web 挂钩 -- 组织 web 挂钩 +- Repository webhooks +- Organization webhooks -### Web 挂钩有效负载对象 +### Webhook payload object -密钥 | 类型 | 说明 +Key | Type | Description ----|------|------------- -`action` |`string` | 已执行的操作。 可以为 `deleted`。 -`hook_id` |`integer` | 修改后的 web 挂钩的 ID。 -`hook` |`object` | 修改后的 web 挂钩。 它将包含基于 web 挂钩类型的不同键:repository、organization、business、app 或 GitHub Marketplace。 -{% data reusables.webhooks.repo_desc %} {% data reusables.webhooks.org_desc %} {% data reusables.webhooks.sender_desc %} +`action` |`string` | The action performed. Can be `deleted`. +`hook_id` |`integer` | The id of the modified webhook. +`hook` |`object` | The modified webhook. This will contain different keys based on the type of webhook it is: repository, organization, business, app, or GitHub Marketplace. +{% data reusables.webhooks.repo_desc %} +{% data reusables.webhooks.org_desc %} +{% data reusables.webhooks.sender_desc %} -### Web 挂钩有效负载示例 +### Webhook payload example {{ webhookPayloadsForCurrentVersion.meta.deleted }} -## 里程碑 +## milestone {% data reusables.webhooks.milestone_short_desc %} -### 可用性 +### Availability -- 仓库 web 挂钩 -- 组织 web 挂钩 -- 具有 `pull_requests` 权限的 {% data variables.product.prodname_github_apps %} +- Repository webhooks +- Organization webhooks +- {% data variables.product.prodname_github_apps %} with the `pull_requests` permission -### Web 挂钩有效负载对象 +### Webhook payload object -{% data reusables.webhooks.milestone_properties %} {% data reusables.webhooks.repo_desc %} {% data reusables.webhooks.org_desc %} {% data reusables.webhooks.app_desc %} {% data reusables.webhooks.sender_desc %} +{% data reusables.webhooks.milestone_properties %} +{% data reusables.webhooks.repo_desc %} +{% data reusables.webhooks.org_desc %} +{% data reusables.webhooks.app_desc %} +{% data reusables.webhooks.sender_desc %} -### Web 挂钩有效负载示例 +### Webhook payload example {{ webhookPayloadsForCurrentVersion.milestone.created }} @@ -707,23 +793,25 @@ Web 挂钩事件是基于您注册的域的特异性而触发的。 例如,如 {% data reusables.webhooks.organization_short_desc %} -### 可用性 +### Availability {% ifversion ghes or ghae %} -- GitHub Enterprise Webhook 仅接收 `created` 和 `deleted` 事件。 有关详细信息,请参阅“[全局 Webhook](/rest/reference/enterprise-admin#global-webhooks/)”。{% endif %} -- 组织 Webhook 仅接收 `deleted`、`added`、`removed`、`renamed` 和 `invited` 事件。 -- 具有 `members` 权限的 {% data variables.product.prodname_github_apps %} +- GitHub Enterprise webhooks only receive `created` and `deleted` events. For more information, "[Global webhooks](/rest/reference/enterprise-admin#global-webhooks/).{% endif %} +- Organization webhooks only receive the `deleted`, `added`, `removed`, `renamed`, and `invited` events +- {% data variables.product.prodname_github_apps %} with the `members` permission -### Web 挂钩有效负载对象 +### Webhook payload object -密钥 | 类型 | 说明 +Key | Type | Description ----|------|------------- -`action` |`string` | 执行的操作内容. 可以是以下选项之一:{% ifversion ghes or ghae %} `created`、{% endif %} `deleted`、`renamed`、`member_added`、`member_removed` 或 `member_invited`。 -`invitation` |`object` | 用户或电子邮件的邀请(如果操作为 `member_invited`)。 -`membership` |`object` | 用户和组织之间的成员资格。 不存在(如果操作为 `member_invited`)。 -{% data reusables.webhooks.org_desc %} {% data reusables.webhooks.app_desc %} {% data reusables.webhooks.sender_desc %} +`action` |`string` | The action that was performed. Can be one of:{% ifversion ghes or ghae %} `created`,{% endif %} `deleted`, `renamed`, `member_added`, `member_removed`, or `member_invited`. +`invitation` |`object` | The invitation for the user or email if the action is `member_invited`. +`membership` |`object` | The membership between the user and the organization. Not present when the action is `member_invited`. +{% data reusables.webhooks.org_desc %} +{% data reusables.webhooks.app_desc %} +{% data reusables.webhooks.sender_desc %} -### Web 挂钩有效负载示例 +### Webhook payload example {{ webhookPayloadsForCurrentVersion.organization.member_added }} @@ -733,39 +821,44 @@ Web 挂钩事件是基于您注册的域的特异性而触发的。 例如,如 {% data reusables.webhooks.org_block_short_desc %} -### 可用性 +### Availability -- 组织 web 挂钩 -- 具有 `organization_administration` 权限的 {% data variables.product.prodname_github_apps %} +- Organization webhooks +- {% data variables.product.prodname_github_apps %} with the `organization_administration` permission -### Web 挂钩有效负载对象 +### Webhook payload object -密钥 | 类型 | 说明 +Key | Type | Description ----|------|------------ -`action` | `string` | 已执行的操作。 可以是 `blocked` 或 `unblocked`。 -`blocked_user` | `object` | 有关被阻止或取消阻止的用户的信息。 -{% data reusables.webhooks.org_desc %} {% data reusables.webhooks.app_desc %} {% data reusables.webhooks.sender_desc %} +`action` | `string` | The action performed. Can be `blocked` or `unblocked`. +`blocked_user` | `object` | Information about the user that was blocked or unblocked. +{% data reusables.webhooks.org_desc %} +{% data reusables.webhooks.app_desc %} +{% data reusables.webhooks.sender_desc %} -### Web 挂钩有效负载示例 +### Webhook payload example {{ webhookPayloadsForCurrentVersion.org_block.blocked }} {% endif %} -## 包 +## package -与 {% data variables.product.prodname_registry %} 有关的活动。 {% data reusables.webhooks.action_type_desc %} 有关详细信息,请参阅“[使用 {% data variables.product.prodname_registry %} 管理包](/github/managing-packages-with-github-packages)”以详细了解 {% data variables.product.prodname_registry %}。 +Activity related to {% data variables.product.prodname_registry %}. {% data reusables.webhooks.action_type_desc %} For more information, see "[Managing packages with {% data variables.product.prodname_registry %}](/github/managing-packages-with-github-packages)" to learn more about {% data variables.product.prodname_registry %}. -### 可用性 +### Availability -- 仓库 web 挂钩 -- 组织 web 挂钩 +- Repository webhooks +- Organization webhooks -### Web 挂钩有效负载对象 +### Webhook payload object -{% data reusables.webhooks.package_properties %} {% data reusables.webhooks.repo_desc %} {% data reusables.webhooks.org_desc %} {% data reusables.webhooks.sender_desc %} +{% data reusables.webhooks.package_properties %} +{% data reusables.webhooks.repo_desc %} +{% data reusables.webhooks.org_desc %} +{% data reusables.webhooks.sender_desc %} -### Web 挂钩有效负载示例 +### Webhook payload example {{ webhookPayloadsForCurrentVersion.package.published }} @@ -773,21 +866,24 @@ Web 挂钩事件是基于您注册的域的特异性而触发的。 例如,如 {% data reusables.webhooks.page_build_short_desc %} -### 可用性 +### Availability -- 仓库 web 挂钩 -- 组织 web 挂钩 -- 具有 `pages` 权限的 {% data variables.product.prodname_github_apps %} +- Repository webhooks +- Organization webhooks +- {% data variables.product.prodname_github_apps %} with the `pages` permission -### Web 挂钩有效负载对象 +### Webhook payload object -密钥 | 类型 | 说明 +Key | Type | Description ----|------|------------ -`id` | `integer` | 页面构建的唯一标识符。 -`build` | `object` | [List GitHub Pages 构建](/rest/reference/pages#list-github-pages-builds)自身。 -{% data reusables.webhooks.repo_desc %} {% data reusables.webhooks.org_desc %} {% data reusables.webhooks.app_desc %} {% data reusables.webhooks.sender_desc %} +`id` | `integer` | The unique identifier of the page build. +`build` | `object` | The [List GitHub Pages builds](/rest/reference/pages#list-github-pages-builds) itself. +{% data reusables.webhooks.repo_desc %} +{% data reusables.webhooks.org_desc %} +{% data reusables.webhooks.app_desc %} +{% data reusables.webhooks.sender_desc %} -### Web 挂钩有效负载示例 +### Webhook payload example {{ webhookPayloadsForCurrentVersion.page_build }} @@ -795,23 +891,25 @@ Web 挂钩事件是基于您注册的域的特异性而触发的。 例如,如 {% data reusables.webhooks.ping_short_desc %} -### 可用性 +### Availability -- 仓库 web 挂钩 -- 组织 web 挂钩 -- {% data variables.product.prodname_github_apps %} 接收带有用于注册应用的 `app_id` 的 ping 事件。 +- Repository webhooks +- Organization webhooks +- {% data variables.product.prodname_github_apps %} receive a ping event with an `app_id` used to register the app -### Web 挂钩有效负载对象 +### Webhook payload object -密钥 | 类型 | 说明 +Key | Type | Description ----|------|------------ -`zen` | `string` | GitHub zen 的随机字符串。 -`hook_id` | `integer` | 触发 ping 的 web 挂钩的 ID。 -`hook` | `object` | [Webhook 配置](/rest/reference/webhooks#get-a-repository-webhook)。 -`hook[app_id]` | `integer` | 注册新的 {% data variables.product.prodname_github_app %} 后,{% data variables.product.product_name %} 会将 ping 事件发送到你在注册过程中指定的 Webhook URL。 该事件包含对应用进行[身份验证](/apps/building-integrations/setting-up-and-registering-github-apps/about-authentication-options-for-github-apps/)所需的 `app_id`。 -{% data reusables.webhooks.repo_desc %} {% data reusables.webhooks.org_desc %} {% data reusables.webhooks.sender_desc %} +`zen` | `string` | Random string of GitHub zen. +`hook_id` | `integer` | The ID of the webhook that triggered the ping. +`hook` | `object` | The [webhook configuration](/rest/reference/webhooks#get-a-repository-webhook). +`hook[app_id]` | `integer` | When you register a new {% data variables.product.prodname_github_app %}, {% data variables.product.product_name %} sends a ping event to the **webhook URL** you specified during registration. The event contains the `app_id`, which is required for [authenticating](/apps/building-integrations/setting-up-and-registering-github-apps/about-authentication-options-for-github-apps/) an app. +{% data reusables.webhooks.repo_desc %} +{% data reusables.webhooks.org_desc %} +{% data reusables.webhooks.sender_desc %} -### Web 挂钩有效负载示例 +### Webhook payload example {{ webhookPayloadsForCurrentVersion.ping }} @@ -819,23 +917,29 @@ Web 挂钩事件是基于您注册的域的特异性而触发的。 例如,如 {% data reusables.webhooks.project_short_desc %} -### 可用性 +### Availability -- 仓库 web 挂钩 -- 组织 web 挂钩 -- 具有 `repository_projects` 或 `organization_projects` 权限的 {% data variables.product.prodname_github_apps %} +- Repository webhooks +- Organization webhooks +- {% data variables.product.prodname_github_apps %} with the `repository_projects` or `organization_projects` permission -{% ifversion projects-v2 %} {% note %} +{% ifversion projects-v2 %} +{% note %} -注意:此事件仅适用于 {% data variables.product.prodname_projects_v1 %}。 +**Note**: This event only occurs for {% data variables.product.prodname_projects_v1 %}. -{% endnote %} {% endif %} +{% endnote %} +{% endif %} -### Web 挂钩有效负载对象 +### Webhook payload object -{% data reusables.webhooks.project_properties %} {% data reusables.webhooks.repo_desc %} {% data reusables.webhooks.org_desc %} {% data reusables.webhooks.app_desc %} {% data reusables.webhooks.sender_desc %} +{% data reusables.webhooks.project_properties %} +{% data reusables.webhooks.repo_desc %} +{% data reusables.webhooks.org_desc %} +{% data reusables.webhooks.app_desc %} +{% data reusables.webhooks.sender_desc %} -### Web 挂钩有效负载示例 +### Webhook payload example {{ webhookPayloadsForCurrentVersion.project.created }} @@ -845,23 +949,29 @@ Web 挂钩事件是基于您注册的域的特异性而触发的。 例如,如 {% data reusables.webhooks.project_card_short_desc %} -### 可用性 +### Availability -- 仓库 web 挂钩 -- 组织 web 挂钩 -- 具有 `repository_projects` 或 `organization_projects` 权限的 {% data variables.product.prodname_github_apps %} +- Repository webhooks +- Organization webhooks +- {% data variables.product.prodname_github_apps %} with the `repository_projects` or `organization_projects` permission -{% ifversion projects-v2 %} {% note %} +{% ifversion projects-v2 %} +{% note %} -注意:此事件仅适用于 {% data variables.product.prodname_projects_v1 %}。 +**Note**: This event only occurs for {% data variables.product.prodname_projects_v1 %}. -{% endnote %} {% endif %} +{% endnote %} +{% endif %} -### Web 挂钩有效负载对象 +### Webhook payload object -{% data reusables.webhooks.project_card_properties %} {% data reusables.webhooks.repo_desc %} {% data reusables.webhooks.org_desc %} {% data reusables.webhooks.app_desc %} {% data reusables.webhooks.sender_desc %} +{% data reusables.webhooks.project_card_properties %} +{% data reusables.webhooks.repo_desc %} +{% data reusables.webhooks.org_desc %} +{% data reusables.webhooks.app_desc %} +{% data reusables.webhooks.sender_desc %} -### Web 挂钩有效负载示例 +### Webhook payload example {{ webhookPayloadsForCurrentVersion.project_card.created }} @@ -869,23 +979,29 @@ Web 挂钩事件是基于您注册的域的特异性而触发的。 例如,如 {% data reusables.webhooks.project_column_short_desc %} -### 可用性 +### Availability -- 仓库 web 挂钩 -- 组织 web 挂钩 -- 具有 `repository_projects` 或 `organization_projects` 权限的 {% data variables.product.prodname_github_apps %} +- Repository webhooks +- Organization webhooks +- {% data variables.product.prodname_github_apps %} with the `repository_projects` or `organization_projects` permission -{% ifversion projects-v2 %} {% note %} +{% ifversion projects-v2 %} +{% note %} -注意:此事件仅适用于 {% data variables.product.prodname_projects_v1 %}。 +**Note**: This event only occurs for {% data variables.product.prodname_projects_v1 %}. -{% endnote %} {% endif %} +{% endnote %} +{% endif %} -### Web 挂钩有效负载对象 +### Webhook payload object -{% data reusables.webhooks.project_column_properties %} {% data reusables.webhooks.repo_desc %} {% data reusables.webhooks.org_desc %} {% data reusables.webhooks.app_desc %} {% data reusables.webhooks.sender_desc %} +{% data reusables.webhooks.project_column_properties %} +{% data reusables.webhooks.repo_desc %} +{% data reusables.webhooks.org_desc %} +{% data reusables.webhooks.app_desc %} +{% data reusables.webhooks.sender_desc %} -### Web 挂钩有效负载示例 +### Webhook payload example {{ webhookPayloadsForCurrentVersion.project_column.created }} @@ -895,67 +1011,78 @@ Web 挂钩事件是基于您注册的域的特异性而触发的。 例如,如 {% note %} -注意:{% data variables.projects.projects_v2 %} 的 Webhook 事件目前是 beta 版本,可能会有变动。 如果要与 {% data variables.product.product_name %} 分享有关 {% data variables.projects.projects_v2 %} Webhook 的反馈,请参阅[项目 Webhook 反馈讨论](https://github.com/orgs/community/discussions/17405)。 +**Note:** Webhook events for {% data variables.projects.projects_v2 %} are currently in beta and subject to change. To share feedback about {% data variables.projects.projects_v2 %} webhooks with {% data variables.product.product_name %}, see the [Projects webhook feedback discussion](https://github.com/orgs/community/discussions/17405). {% endnote %} -与 {% data variables.projects.project_v2 %} 中的项相关的活动。 {% data reusables.webhooks.action_type_desc %} 有关详细信息,请参阅“[关于 {% data variables.projects.projects_v2 %}](/issues/planning-and-tracking-with-projects/learning-about-projects/about-projects)”。 +Activity related to items in a {% data variables.projects.project_v2 %}. {% data reusables.webhooks.action_type_desc %} For more information, see "[About {% data variables.projects.projects_v2 %}](/issues/planning-and-tracking-with-projects/learning-about-projects/about-projects)." -### 可用性 +### Availability -- 组织 web 挂钩 -- 具有 `organization_projects` 权限的 {% data variables.product.prodname_github_apps %} +- Organization webhooks +- {% data variables.product.prodname_github_apps %} with the `organization_projects` permission -### Web 挂钩有效负载对象 +### Webhook payload object -密钥 | 类型 | 说明 +Key | Type | Description ----|------|------------- -`action`|`string` | 在项目项上执行的操作。 可以是 `archived`、`converted`、`created`、`edited`、`restored`、`deleted` 或 `reordered` 之一。 -`projects_v2_item`|`object` | 项目项本身。 若要了解有关项目项的详细信息,可以使用 `node_id`(项目项的节点 ID)和 `project_node_id`(项目的节点 ID)查询 GraphQL API 中的信息。 有关详细信息,请参阅“[使用 API 管理项目](/issues/planning-and-tracking-with-projects/automating-your-project/using-the-api-to-manage-projects)”。 -`changes`|`object` | 对项目项所做的更改。 -{% data reusables.webhooks.org_desc %} {% data reusables.webhooks.app_desc %} {% data reusables.webhooks.sender_desc %} +`action`|`string` | The action that was performed on the project item. Can be one of `archived`, `converted`, `created`, `edited`, `restored`, `deleted`, or `reordered`. +`projects_v2_item`|`object` | The project item itself. To find more information about the project item, you can use `node_id` (the node ID of the project item) and `project_node_id` (the node ID of the project) to query information in the GraphQL API. For more information, see "[Using the API to manage projects](/issues/planning-and-tracking-with-projects/automating-your-project/using-the-api-to-manage-projects)." +`changes`|`object` | The changes to the project item. +{% data reusables.webhooks.org_desc %} +{% data reusables.webhooks.app_desc %} +{% data reusables.webhooks.sender_desc %} -### Web 挂钩有效负载示例 +### Webhook payload example {{ webhookPayloadsForCurrentVersion.projects_v2_item.created }} {% endif %} -## 公共 +## public {% data reusables.webhooks.public_short_desc %} -### 可用性 +### Availability -- 仓库 web 挂钩 -- 组织 web 挂钩 -- 具有 `metadata` 权限的 {% data variables.product.prodname_github_apps %} +- Repository webhooks +- Organization webhooks +- {% data variables.product.prodname_github_apps %} with the `metadata` permission -### Web 挂钩有效负载对象 +### Webhook payload object -密钥 | 类型 | 说明 +Key | Type | Description ----|------|------------- -{% data reusables.webhooks.repo_desc %} {% data reusables.webhooks.org_desc %} {% data reusables.webhooks.app_desc %} {% data reusables.webhooks.sender_desc %} +{% data reusables.webhooks.repo_desc %} +{% data reusables.webhooks.org_desc %} +{% data reusables.webhooks.app_desc %} +{% data reusables.webhooks.sender_desc %} -### Web 挂钩有效负载示例 +### Webhook payload example -{{ webhookPayloadsForCurrentVersion.public }} {% endif %} +{{ webhookPayloadsForCurrentVersion.public }} +{% endif %} ## pull_request {% data reusables.webhooks.pull_request_short_desc %} -### 可用性 +### Availability -- 仓库 web 挂钩 -- 组织 web 挂钩 -- 具有 `pull_requests` 权限的 {% data variables.product.prodname_github_apps %} +- Repository webhooks +- Organization webhooks +- {% data variables.product.prodname_github_apps %} with the `pull_requests` permission -### Web 挂钩有效负载对象 +### Webhook payload object -{% data reusables.webhooks.pull_request_webhook_properties %} {% data reusables.webhooks.pull_request_properties %} {% data reusables.webhooks.repo_desc %} {% data reusables.webhooks.org_desc %} {% data reusables.webhooks.app_desc %} {% data reusables.webhooks.sender_desc %} +{% data reusables.webhooks.pull_request_webhook_properties %} +{% data reusables.webhooks.pull_request_properties %} +{% data reusables.webhooks.repo_desc %} +{% data reusables.webhooks.org_desc %} +{% data reusables.webhooks.app_desc %} +{% data reusables.webhooks.sender_desc %} -### Web 挂钩有效负载示例 +### Webhook payload example -`review_requested` 和 `review_request_removed` 事件的交付将有一个名为 `requested_reviewer` 的附加字段。 +Deliveries for `review_requested` and `review_request_removed` events will have an additional field called `requested_reviewer`. {{ webhookPayloadsForCurrentVersion.pull_request.opened }} @@ -963,17 +1090,21 @@ Web 挂钩事件是基于您注册的域的特异性而触发的。 例如,如 {% data reusables.webhooks.pull_request_review_short_desc %} -### 可用性 +### Availability -- 仓库 web 挂钩 -- 组织 web 挂钩 -- 具有 `pull_requests` 权限的 {% data variables.product.prodname_github_apps %} +- Repository webhooks +- Organization webhooks +- {% data variables.product.prodname_github_apps %} with the `pull_requests` permission -### Web 挂钩有效负载对象 +### Webhook payload object -{% data reusables.webhooks.pull_request_review_properties %} {% data reusables.webhooks.repo_desc %} {% data reusables.webhooks.org_desc %} {% data reusables.webhooks.app_desc %} {% data reusables.webhooks.sender_desc %} +{% data reusables.webhooks.pull_request_review_properties %} +{% data reusables.webhooks.repo_desc %} +{% data reusables.webhooks.org_desc %} +{% data reusables.webhooks.app_desc %} +{% data reusables.webhooks.sender_desc %} -### Web 挂钩有效负载示例 +### Webhook payload example {{ webhookPayloadsForCurrentVersion.pull_request_review.submitted }} @@ -981,17 +1112,22 @@ Web 挂钩事件是基于您注册的域的特异性而触发的。 例如,如 {% data reusables.webhooks.pull_request_review_comment_short_desc %} -### 可用性 +### Availability -- 仓库 web 挂钩 -- 组织 web 挂钩 -- 具有 `pull_requests` 权限的 {% data variables.product.prodname_github_apps %} +- Repository webhooks +- Organization webhooks +- {% data variables.product.prodname_github_apps %} with the `pull_requests` permission -### Web 挂钩有效负载对象 +### Webhook payload object -{% data reusables.webhooks.pull_request_review_comment_webhook_properties %} {% data reusables.webhooks.pull_request_review_comment_properties %} {% data reusables.webhooks.repo_desc %} {% data reusables.webhooks.org_desc %} {% data reusables.webhooks.app_desc %} {% data reusables.webhooks.sender_desc %} +{% data reusables.webhooks.pull_request_review_comment_webhook_properties %} +{% data reusables.webhooks.pull_request_review_comment_properties %} +{% data reusables.webhooks.repo_desc %} +{% data reusables.webhooks.org_desc %} +{% data reusables.webhooks.app_desc %} +{% data reusables.webhooks.sender_desc %} -### Web 挂钩有效负载示例 +### Webhook payload example {{ webhookPayloadsForCurrentVersion.pull_request_review_comment.created }} @@ -999,17 +1135,21 @@ Web 挂钩事件是基于您注册的域的特异性而触发的。 例如,如 {% data reusables.webhooks.pull_request_review_thread_short_desc %} -### 可用性 +### Availability -- 仓库 web 挂钩 -- 组织 web 挂钩 -- 具有 `pull_requests` 权限的 {% data variables.product.prodname_github_apps %} +- Repository webhooks +- Organization webhooks +- {% data variables.product.prodname_github_apps %} with the `pull_requests` permission -### Web 挂钩有效负载对象 +### Webhook payload object -{% data reusables.webhooks.pull_request_thread_properties %} {% data reusables.webhooks.repo_desc %} {% data reusables.webhooks.org_desc %} {% data reusables.webhooks.app_desc %} {% data reusables.webhooks.sender_desc %} +{% data reusables.webhooks.pull_request_thread_properties %} +{% data reusables.webhooks.repo_desc %} +{% data reusables.webhooks.org_desc %} +{% data reusables.webhooks.app_desc %} +{% data reusables.webhooks.sender_desc %} -### Web 挂钩有效负载示例 +### Webhook payload example {{ webhookPayloadsForCurrentVersion.pull_request_review_thread.resolved }} @@ -1019,74 +1159,82 @@ Web 挂钩事件是基于您注册的域的特异性而触发的。 例如,如 {% note %} -注意:如果一次推送三个以上的标记,将不会收到此事件的 Webhook。 +**Note:** You will not receive a webhook for this event when you push more than three tags at once. {% endnote %} -### 可用性 +### Availability -- 仓库 web 挂钩 -- 组织 web 挂钩 -- 具有 `contents` 权限的 {% data variables.product.prodname_github_apps %} +- Repository webhooks +- Organization webhooks +- {% data variables.product.prodname_github_apps %} with the `contents` permission -### Web 挂钩有效负载对象 +### Webhook payload object -密钥 | 类型 | 说明 +Key | Type | Description ----|------|------------- -`ref`|`string` | 推送的完整 [`git ref`](/rest/reference/git#refs)。 示例:`refs/heads/main` 或 `refs/tags/v3.14.1`。 -`before`|`string` | 推送之前在 `ref` 上最近提交的 SHA。 -`after`|`string` | 推送之后在 `ref` 上最近提交的 SHA。 -`created`|`boolean` | 此推送是否创建了 `ref`。 -`deleted`|`boolean` | 此推送是否删除了 `ref`。 -`forced`|`boolean` | 此推送是否是 `ref` 的强制推送。 -`head_commit`|`object` | 对于 `after` 是提交对象或指向提交对象的推送,为该提交的扩展表示。 对于 `after` 指示附注标签对象的推送,为附注标签指向的提交的扩展表示。 -`compare`|`string` | 显示此 `ref` 更新中从 `before` 提交到 `after` 提交的更改的 URL。 对于新创建的直接基于默认分支的 `ref`,这是默认分支的头部与 `after` 提交之间的比较。 否则,这将显示 `after` 提交之前的所有提交。 -`commits`|`array` | 描述所推送提交的提交对象数组。 (所推送提交是包含在 `before` 提交和 `after` 提交之间的 `compare` 中的所有提交。) -`commits[][id]`|`string` | 提交的 SHA。 -`commits[][timestamp]`|`string` | 提交的 ISO 8601 时间戳。 -`commits[][message]`|`string` | 提交消息。 -`commits[][author]`|`object` | 提交的 Git 作者。 -`commits[][author][name]`|`string` | Git 作者的名称。 -`commits[][author][email]`|`string` | Git 作者的电子邮件地址。 -`commits[][url]`|`url` | 指向提交 API 资源的 URL。 -`commits[][distinct]`|`boolean` | 此提交是否与之前推送的任何提交不同。 -`commits[][added]`|`array` | 在提交中添加的文件数组。 对于 {% data variables.product.product_name %} 无法及时计算此列表的极大型提交,即使添加了文件,也可能为空。 -`commits[][modified]`|`array` | 由提交修改的文件数组。 对于 {% data variables.product.product_name %} 无法及时计算此列表的极大型提交,即使修改了文件,也可能为空。 -`commits[][removed]`|`array` | 在提交中删除的文件数组。 对于 {% data variables.product.product_name %} 无法及时计算此列表的极大型提交,即使删除了文件,也可能为空。 -`pusher` | `object` | 推送提交的用户。 -{% data reusables.webhooks.repo_desc %} {% data reusables.webhooks.org_desc %} {% data reusables.webhooks.app_desc %} {% data reusables.webhooks.sender_desc %} +`ref`|`string` | The full [`git ref`](/rest/reference/git#refs) that was pushed. Example: `refs/heads/main` or `refs/tags/v3.14.1`. +`before`|`string` | The SHA of the most recent commit on `ref` before the push. +`after`|`string` | The SHA of the most recent commit on `ref` after the push. +`created`|`boolean` | Whether this push created the `ref`. +`deleted`|`boolean` | Whether this push deleted the `ref`. +`forced`|`boolean` | Whether this push was a force push of the `ref`. +`head_commit`|`object` | For pushes where `after` is or points to a commit object, an expanded representation of that commit. For pushes where `after` refers to an annotated tag object, an expanded representation of the commit pointed to by the annotated tag. +`compare`|`string` | URL that shows the changes in this `ref` update, from the `before` commit to the `after` commit. For a newly created `ref` that is directly based on the default branch, this is the comparison between the head of the default branch and the `after` commit. Otherwise, this shows all commits until the `after` commit. +`commits`|`array` | An array of commit objects describing the pushed commits. (Pushed commits are all commits that are included in the `compare` between the `before` commit and the `after` commit.) +`commits[][id]`|`string` | The SHA of the commit. +`commits[][timestamp]`|`string` | The ISO 8601 timestamp of the commit. +`commits[][message]`|`string` | The commit message. +`commits[][author]`|`object` | The git author of the commit. +`commits[][author][name]`|`string` | The git author's name. +`commits[][author][email]`|`string` | The git author's email address. +`commits[][url]`|`url` | URL that points to the commit API resource. +`commits[][distinct]`|`boolean` | Whether this commit is distinct from any that have been pushed before. +`commits[][added]`|`array` | An array of files added in the commit. For extremely large commits where {% data variables.product.product_name %} is unable to calculate this list in a timely manner, this may be empty even if files were added. +`commits[][modified]`|`array` | An array of files modified by the commit. For extremely large commits where {% data variables.product.product_name %} is unable to calculate this list in a timely manner, this may be empty even if files were modified. +`commits[][removed]`|`array` | An array of files removed in the commit. For extremely large commits where {% data variables.product.product_name %} is unable to calculate this list in a timely manner, this may be empty even if files were removed. +`pusher` | `object` | The user who pushed the commits. +{% data reusables.webhooks.repo_desc %} +{% data reusables.webhooks.org_desc %} +{% data reusables.webhooks.app_desc %} +{% data reusables.webhooks.sender_desc %} -### Web 挂钩有效负载示例 +### Webhook payload example {{ webhookPayloadsForCurrentVersion.push }} -## 发布 +## release {% data reusables.webhooks.release_short_desc %} -### 可用性 +### Availability -- 仓库 web 挂钩 -- 组织 web 挂钩 -- 具有 `contents` 权限的 {% data variables.product.prodname_github_apps %} +- Repository webhooks +- Organization webhooks +- {% data variables.product.prodname_github_apps %} with the `contents` permission -### Web 挂钩有效负载对象 +### Webhook payload object -{% data reusables.webhooks.release_webhook_properties %} {% data reusables.webhooks.release_properties %} {% data reusables.webhooks.repo_desc %} {% data reusables.webhooks.org_desc %} {% data reusables.webhooks.app_desc %} {% data reusables.webhooks.sender_desc %} +{% data reusables.webhooks.release_webhook_properties %} +{% data reusables.webhooks.release_properties %} +{% data reusables.webhooks.repo_desc %} +{% data reusables.webhooks.org_desc %} +{% data reusables.webhooks.app_desc %} +{% data reusables.webhooks.sender_desc %} -### Web 挂钩有效负载示例 +### Webhook payload example {{ webhookPayloadsForCurrentVersion.release.published }} ## repository_dispatch -当 {% data variables.product.prodname_github_app %} 将 `POST` 请求发送到“[创建存储库调度事件](/rest/reference/repos#create-a-repository-dispatch-event)”终结点时,会发生此事件。 +This event occurs when a {% data variables.product.prodname_github_app %} sends a `POST` request to the "[Create a repository dispatch event](/rest/reference/repos#create-a-repository-dispatch-event)" endpoint. -### 可用性 +### Availability -- {% data variables.product.prodname_github_apps %} 必须具有 `contents` 权限才能接收此 Webhook。 +- {% data variables.product.prodname_github_apps %} must have the `contents` permission to receive this webhook. -### Web 挂钩有效负载示例 +### Webhook payload example {{ webhookPayloadsForCurrentVersion.repository_dispatch }} @@ -1094,38 +1242,44 @@ Web 挂钩事件是基于您注册的域的特异性而触发的。 例如,如 {% data reusables.webhooks.repository_short_desc %} -### 可用性 +### Availability -- 存储库 Webhook 接收除 `deleted` 之外的所有事件类型 -- 组织 web 挂钩 -- 具有 `metadata` 权限的 {% data variables.product.prodname_github_apps %} 接收除 `deleted` 之外的所有事件类型 +- Repository webhooks receive all event types except `deleted` +- Organization webhooks +- {% data variables.product.prodname_github_apps %} with the `metadata` permission receive all event types except `deleted` -### Web 挂钩有效负载对象 +### Webhook payload object -密钥 | 类型 | 说明 +Key | Type | Description ----|------|------------- -`action` |`string` | 执行的操作内容. 这可以是下列其中一项:
  • `created` - 已创建存储库。
  • `deleted` - 已删除存储库。
  • `archived` - 存储库已存档。
  • `unarchived` - 存储库未存档。
    • {% ifversion ghes or ghae %}
  • `anonymous_access_enabled` - 存储库[已启用匿名 Git 访问](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise),`anonymous_access_disabled` - 存储库[已禁用匿名 Git 访问](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise)
    • {% endif %}
  • `edited` - 已编辑存储库信息。
  • `renamed` - 已重命名存储库。
  • `transferred` - 存储库已转让。
  • `publicized` - 存储库已设为公共。
  • `privatized` - 存储库已设为专用。
-{% data reusables.webhooks.repo_desc %} {% data reusables.webhooks.org_desc %} {% data reusables.webhooks.app_desc %} {% data reusables.webhooks.sender_desc %} +`action` |`string` | The action that was performed. This can be one of:
  • `created` - A repository is created.
  • `deleted` - A repository is deleted.
  • `archived` - A repository is archived.
  • `unarchived` - A repository is unarchived.
    • {% ifversion ghes or ghae %}
  • `anonymous_access_enabled` - A repository is [enabled for anonymous Git access](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise), `anonymous_access_disabled` - A repository is [disabled for anonymous Git access](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise)
    • {% endif %}
  • `edited` - A repository's information is edited.
  • `renamed` - A repository is renamed.
  • `transferred` - A repository is transferred.
  • `publicized` - A repository is made public.
  • `privatized` - A repository is made private.
+{% data reusables.webhooks.repo_desc %} +{% data reusables.webhooks.org_desc %} +{% data reusables.webhooks.app_desc %} +{% data reusables.webhooks.sender_desc %} -### Web 挂钩有效负载示例 +### Webhook payload example {{ webhookPayloadsForCurrentVersion.repository.publicized }} {% ifversion fpt or ghec %} ## repository_import -{% data reusables.webhooks.repository_import_short_desc %} 要在个人仓库中接收此事件,必须在导入之前创建一个空仓库。 可以使用 [GitHub 导入工具](/articles/importing-a-repository-with-github-importer/)或[源导入 API](/rest/reference/migrations#source-imports) 触发此事件。 +{% data reusables.webhooks.repository_import_short_desc %} To receive this event for a personal repository, you must create an empty repository prior to the import. This event can be triggered using either the [GitHub Importer](/articles/importing-a-repository-with-github-importer/) or the [Source imports API](/rest/reference/migrations#source-imports). -### 可用性 +### Availability -- 仓库 web 挂钩 -- 组织 web 挂钩 +- Repository webhooks +- Organization webhooks -### Web 挂钩有效负载对象 +### Webhook payload object -{% data reusables.webhooks.repository_import_properties %} {% data reusables.webhooks.repo_desc %} {% data reusables.webhooks.org_desc %} {% data reusables.webhooks.sender_desc %} +{% data reusables.webhooks.repository_import_properties %} +{% data reusables.webhooks.repo_desc %} +{% data reusables.webhooks.org_desc %} +{% data reusables.webhooks.sender_desc %} -### Web 挂钩有效负载示例 +### Webhook payload example {{ webhookPayloadsForCurrentVersion.repository_import }} @@ -1133,16 +1287,19 @@ Web 挂钩事件是基于您注册的域的特异性而触发的。 例如,如 {% data reusables.webhooks.repository_vulnerability_alert_short_desc %} -### 可用性 +### Availability -- 仓库 web 挂钩 -- 组织 web 挂钩 +- Repository webhooks +- Organization webhooks -### Web 挂钩有效负载对象 +### Webhook payload object -{% data reusables.webhooks.repository_vulnerability_alert_properties %} {% data reusables.webhooks.repo_desc %} {% data reusables.webhooks.org_desc %} {% data reusables.webhooks.sender_desc %} +{% data reusables.webhooks.repository_vulnerability_alert_properties %} +{% data reusables.webhooks.repo_desc %} +{% data reusables.webhooks.org_desc %} +{% data reusables.webhooks.sender_desc %} -### Web 挂钩有效负载示例 +### Webhook payload example {{ webhookPayloadsForCurrentVersion.repository_vulnerability_alert.create }} @@ -1154,58 +1311,67 @@ Web 挂钩事件是基于您注册的域的特异性而触发的。 例如,如 {% data reusables.webhooks.secret_scanning_alert_event_short_desc %} -### 可用性 +### Availability -- 仓库 web 挂钩 -- 组织 web 挂钩 -- 具有 `secret_scanning_alerts:read` 权限的 {% data variables.product.prodname_github_apps %} +- Repository webhooks +- Organization webhooks +- {% data variables.product.prodname_github_apps %} with the `secret_scanning_alerts:read` permission -### Web 挂钩有效负载对象 +### Webhook payload object -{% data reusables.webhooks.secret_scanning_alert_event_properties %} {% data reusables.webhooks.repo_desc %} {% data reusables.webhooks.org_desc %} {% data reusables.webhooks.app_desc %} `sender` | `object` | 如果 `action` 为 `resolved` 或 `reopened`,则 `sender` 对象将是触发事件的用户。 对于所有其他操作,`sender` 对象为空。 +{% data reusables.webhooks.secret_scanning_alert_event_properties %} +{% data reusables.webhooks.repo_desc %} +{% data reusables.webhooks.org_desc %} +{% data reusables.webhooks.app_desc %} +`sender` | `object` | If the `action` is `resolved` or `reopened`, the `sender` object will be the user that triggered the event. The `sender` object is empty for all other actions. -### Web 挂钩有效负载示例 +### Webhook payload example -{{ webhookPayloadsForCurrentVersion.secret_scanning_alert.reopened }} {% endif %} +{{ webhookPayloadsForCurrentVersion.secret_scanning_alert.reopened }} +{% endif %} -{% ifversion ghes > 3.4 or ghec or ghae-issue-6581 %} +{% ifversion ghes > 3.4 or ghec or ghae > 3.4 %} ## secret_scanning_alert_location {% data reusables.webhooks.secret_scanning_alert_location_event_short_desc %} -### 可用性 +### Availability -- 仓库 web 挂钩 -- 组织 web 挂钩 -- 具有 `secret_scanning_alerts:read` 权限的 {% data variables.product.prodname_github_apps %} +- Repository webhooks +- Organization webhooks +- {% data variables.product.prodname_github_apps %} with the `secret_scanning_alerts:read` permission -### Web 挂钩有效负载对象 +### Webhook payload object -{% data reusables.webhooks.secret_scanning_alert_location_event_properties %} {% data reusables.webhooks.repo_desc %} {% data reusables.webhooks.org_desc %} {% data reusables.webhooks.app_desc %} +{% data reusables.webhooks.secret_scanning_alert_location_event_properties %} +{% data reusables.webhooks.repo_desc %} +{% data reusables.webhooks.org_desc %} +{% data reusables.webhooks.app_desc %} -### Web 挂钩有效负载示例 +### Webhook payload example -{{ webhookPayloadsForCurrentVersion.secret_scanning_alert_location.created }} {% endif %} +{{ webhookPayloadsForCurrentVersion.secret_scanning_alert_location.created }} +{% endif %} {% ifversion fpt or ghes or ghec %} ## security_advisory -与已由 {% data variables.product.company_short %} 审查的安全通告相关的活动。 经过 {% data variables.product.company_short %} 审查的安全通告提供了有关 {% data variables.product.prodname_dotcom %}上软件中安全相关漏洞的信息。 +Activity related to a security advisory that has been reviewed by {% data variables.product.company_short %}. A {% data variables.product.company_short %}-reviewed security advisory provides information about security-related vulnerabilities in software on {% data variables.product.prodname_dotcom %}. -安全通告数据集还为 GitHub {% data variables.product.prodname_dependabot_alerts %} 提供支持。 有关详细信息,请参阅“[关于 {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies/)”。 +The security advisory dataset also powers the GitHub {% data variables.product.prodname_dependabot_alerts %}. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies/)." -### 可用性 +### Availability -- 具有 `security_events` 权限的 {% data variables.product.prodname_github_apps %} +- {% data variables.product.prodname_github_apps %} with the `security_events` permission -### Web 挂钩有效负载对象 +### Webhook payload object -密钥 | 类型 | 说明 +Key | Type | Description ----|------|------------- -`action` |`string` | 执行的操作内容. 对于所有新事件,操作可以是 `published`、`updated`、`performed` 或 `withdrawn` 之一。 -`security_advisory` |`object` | 安全通告的详细信息,包括摘要、说明和严重程度。 +`action` |`string` | The action that was performed. The action can be one of `published`, `updated`, `performed`, or `withdrawn` for all new events. +`security_advisory` |`object` | The details of the security advisory, including summary, description, and severity. -### Web 挂钩有效负载示例 +### Webhook payload example {{ webhookPayloadsForCurrentVersion.security_advisory.published }} @@ -1215,22 +1381,25 @@ Web 挂钩事件是基于您注册的域的特异性而触发的。 例如,如 ## security_and_analysis -与为存储库或组织启用或禁用代码安全性和分析功能相关的活动。 +Activity related to enabling or disabling code security and analysis features for a repository or organization. -### 可用性 +### Availability -- 仓库 web 挂钩 -- 组织 web 挂钩 -- 对存储库管理至少拥有 `read-only` 权限的 {% data variables.product.prodname_github_apps %} +- Repository webhooks +- Organization webhooks +- {% data variables.product.prodname_github_apps %} with at least `read-only` access on repositories administration -### Web 挂钩有效负载对象 +### Webhook payload object -密钥 | 类型 | 说明 +Key | Type | Description ----|------|------------- -`changes`|`object` | 对代码安全性和分析功能所做的更改。 -{% data reusables.webhooks.repo_desc %} {% data reusables.webhooks.org_desc %} {% data reusables.webhooks.app_desc %} {% data reusables.webhooks.sender_desc %} +`changes`|`object` | The changes that were made to the code security and analysis features. +{% data reusables.webhooks.repo_desc %} +{% data reusables.webhooks.org_desc %} +{% data reusables.webhooks.app_desc %} +{% data reusables.webhooks.sender_desc %} -### Web 挂钩有效负载示例 +### Webhook payload example {{ webhookPayloadsForCurrentVersion.security_and_analysis }} @@ -1241,40 +1410,45 @@ Web 挂钩事件是基于您注册的域的特异性而触发的。 例如,如 {% data reusables.webhooks.sponsorship_short_desc %} -您只能在 {% data variables.product.prodname_dotcom %} 上创建赞助 web 挂钩。 有关详细信息,请参阅“[为赞助帐户中的事件配置 Webhook](/sponsors/integrating-with-github-sponsors/configuring-webhooks-for-events-in-your-sponsored-account)”。 +You can only create a sponsorship webhook on {% data variables.product.prodname_dotcom %}. For more information, see "[Configuring webhooks for events in your sponsored account](/sponsors/integrating-with-github-sponsors/configuring-webhooks-for-events-in-your-sponsored-account)". -### 可用性 +### Availability -- 赞助帐户 +- Sponsored accounts -### Web 挂钩有效负载对象 +### Webhook payload object -{% data reusables.webhooks.sponsorship_webhook_properties %} {% data reusables.webhooks.sponsorship_properties %} {% data reusables.webhooks.sender_desc %} +{% data reusables.webhooks.sponsorship_webhook_properties %} +{% data reusables.webhooks.sponsorship_properties %} +{% data reusables.webhooks.sender_desc %} -### 有人创建赞助时的 web 挂钩示例 +### Webhook payload example when someone creates a sponsorship {{ webhookPayloadsForCurrentVersion.sponsorship.created }} -### 有人降级赞助时的 web 挂钩示例 +### Webhook payload example when someone downgrades a sponsorship {{ webhookPayloadsForCurrentVersion.sponsorship.downgraded }} {% endif %} -## 星号键 +## star {% data reusables.webhooks.star_short_desc %} -### 可用性 +### Availability -- 仓库 web 挂钩 -- 组织 web 挂钩 +- Repository webhooks +- Organization webhooks -### Web 挂钩有效负载对象 +### Webhook payload object -{% data reusables.webhooks.star_properties %} {% data reusables.webhooks.repo_desc %} {% data reusables.webhooks.org_desc %} {% data reusables.webhooks.sender_desc %} +{% data reusables.webhooks.star_properties %} +{% data reusables.webhooks.repo_desc %} +{% data reusables.webhooks.org_desc %} +{% data reusables.webhooks.sender_desc %} -### Web 挂钩有效负载示例 +### Webhook payload example {{ webhookPayloadsForCurrentVersion.star.created }} @@ -1282,54 +1456,58 @@ Web 挂钩事件是基于您注册的域的特异性而触发的。 例如,如 {% data reusables.webhooks.status_short_desc %} -### 可用性 +### Availability -- 仓库 web 挂钩 -- 组织 web 挂钩 -- 具有 `statuses` 权限的 {% data variables.product.prodname_github_apps %} +- Repository webhooks +- Organization webhooks +- {% data variables.product.prodname_github_apps %} with the `statuses` permission -### Web 挂钩有效负载对象 +### Webhook payload object -密钥 | 类型 | 说明 +Key | Type | Description ----|------|------------- -`id` | `integer` | 状态的唯一标识符。 -`sha`|`string` | 提交 SHA。 -`state`|`string` | 新状态。 可以是 `pending`、`success`、`failure` 或 `error`。 -`description`|`string` | 添加到状态的可选人类可读说明。 -`target_url`|`string` | 添加到状态的可选链接。 -`branches`|`array` | 包含状态的 SHA 的分支对象数组。 每个分支都包含给定的 SHA,但 SHA 不一定是该分支的头部。 该数组最多包含 10 个分支。 -{% data reusables.webhooks.repo_desc %} {% data reusables.webhooks.org_desc %} {% data reusables.webhooks.app_desc %} {% data reusables.webhooks.sender_desc %} +`id` | `integer` | The unique identifier of the status. +`sha`|`string` | The Commit SHA. +`state`|`string` | The new state. Can be `pending`, `success`, `failure`, or `error`. +`description`|`string` | The optional human-readable description added to the status. +`target_url`|`string` | The optional link added to the status. +`branches`|`array` | An array of branch objects containing the status' SHA. Each branch contains the given SHA, but the SHA may or may not be the head of the branch. The array includes a maximum of 10 branches. +{% data reusables.webhooks.repo_desc %} +{% data reusables.webhooks.org_desc %} +{% data reusables.webhooks.app_desc %} +{% data reusables.webhooks.sender_desc %} -### Web 挂钩有效负载示例 +### Webhook payload example {{ webhookPayloadsForCurrentVersion.status }} -## 团队 +## team {% data reusables.webhooks.team_short_desc %} -### 可用性 +### Availability -- 组织 web 挂钩 -- 具有 `members` 权限的 {% data variables.product.prodname_github_apps %} +- Organization webhooks +- {% data variables.product.prodname_github_apps %} with the `members` permission -### Web 挂钩有效负载对象 +### Webhook payload object -密钥 | 类型 | 说明 +Key | Type | Description ----|------|------------- -`action` |`string` | 执行的操作内容. 可以是 `created`、`deleted`、`edited`、`added_to_repository` 或 `removed_from_repository` 之一。 -`team` |`object` | 团队本身。 -`changes`|`object` | 对团队的更改(如果操作为 `edited`)。 -`changes[description][from]` |`string` | 先前版本的说明(如果操作为 `edited`)。 -`changes[name][from]` |`string` | 先前版本的名称(如果操作为 `edited`)。 -`changes[privacy][from]` |`string` | 先前版本的团队隐私(如果操作为 `edited`)。 -`changes[repository][permissions][from][admin]` | `boolean` | 团队成员对存储库的 `admin` 权限的先前版本(如果操作为 `edited`)。 -`changes[repository][permissions][from][pull]` | `boolean` | 团队成员对存储库的 `pull` 权限的先前版本(如果操作为 `edited`)。 -`changes[repository][permissions][from][push]` | `boolean` | 团队成员对存储库的 `push` 权限的先前版本(如果操作为 `edited`)。 -`repository`|`object` | 从团队权限范围内添加或删除的存储库(如果操作为 `added_to_repository`、`removed_from_repository` 或 `edited`)。 对于 `edited` 操作,`repository` 还包含团队对存储库的新权限级别。 -{% data reusables.webhooks.org_desc %} {% data reusables.webhooks.sender_desc %} +`action` |`string` | The action that was performed. Can be one of `created`, `deleted`, `edited`, `added_to_repository`, or `removed_from_repository`. +`team` |`object` | The team itself. +`changes`|`object` | The changes to the team if the action was `edited`. +`changes[description][from]` |`string` | The previous version of the description if the action was `edited`. +`changes[name][from]` |`string` | The previous version of the name if the action was `edited`. +`changes[privacy][from]` |`string` | The previous version of the team's privacy if the action was `edited`. +`changes[repository][permissions][from][admin]` | `boolean` | The previous version of the team member's `admin` permission on a repository, if the action was `edited`. +`changes[repository][permissions][from][pull]` | `boolean` | The previous version of the team member's `pull` permission on a repository, if the action was `edited`. +`changes[repository][permissions][from][push]` | `boolean` | The previous version of the team member's `push` permission on a repository, if the action was `edited`. +`repository`|`object` | The repository that was added or removed from to the team's purview if the action was `added_to_repository`, `removed_from_repository`, or `edited`. For `edited` actions, `repository` also contains the team's new permission levels for the repository. +{% data reusables.webhooks.org_desc %} +{% data reusables.webhooks.sender_desc %} -### Web 挂钩有效负载示例 +### Webhook payload example {{ webhookPayloadsForCurrentVersion.team.added_to_repository }} @@ -1337,20 +1515,23 @@ Web 挂钩事件是基于您注册的域的特异性而触发的。 例如,如 {% data reusables.webhooks.team_add_short_desc %} -### 可用性 +### Availability -- 仓库 web 挂钩 -- 组织 web 挂钩 -- 具有 `members` 权限的 {% data variables.product.prodname_github_apps %} +- Repository webhooks +- Organization webhooks +- {% data variables.product.prodname_github_apps %} with the `members` permission -### Web 挂钩有效负载对象 +### Webhook payload object -密钥 | 类型 | 说明 +Key | Type | Description ----|------|------------- -`team`|`object` | 已修改的[团队](/rest/reference/teams)。 注意:较旧的事件可能不会在有效负载中包括此值。 -{% data reusables.webhooks.repo_desc %} {% data reusables.webhooks.org_desc %} {% data reusables.webhooks.app_desc %} {% data reusables.webhooks.sender_desc %} +`team`|`object` | The [team](/rest/reference/teams) that was modified. **Note:** Older events may not include this in the payload. +{% data reusables.webhooks.repo_desc %} +{% data reusables.webhooks.org_desc %} +{% data reusables.webhooks.app_desc %} +{% data reusables.webhooks.sender_desc %} -### Web 挂钩有效负载示例 +### Webhook payload example {{ webhookPayloadsForCurrentVersion.team_add }} @@ -1358,56 +1539,65 @@ Web 挂钩事件是基于您注册的域的特异性而触发的。 例如,如 ## user -当用户为 `created` 或 `deleted`。 +When a user is `created` or `deleted`. -### 可用性 -- GitHub Enterprise web 挂钩。 有关详细信息,请参阅“[全局 Webhook](/rest/reference/enterprise-admin#global-webhooks/)”。 +### Availability +- GitHub Enterprise webhooks. For more information, "[Global webhooks](/rest/reference/enterprise-admin#global-webhooks/)." -### Web 挂钩有效负载示例 +### Webhook payload example {{ webhookPayloadsForCurrentVersion.user.created }} {% endif %} -## 查看 +## watch {% data reusables.webhooks.watch_short_desc %} -事件的行动者是为存储库加星标的[用户](/rest/reference/users),而事件的存储库是已加星标的[存储库](/rest/reference/repos)。 +The event’s actor is the [user](/rest/reference/users) who starred a repository, and the event’s repository is the [repository](/rest/reference/repos) that was starred. -### 可用性 +### Availability -- 仓库 web 挂钩 -- 组织 web 挂钩 -- 具有 `metadata` 权限的 {% data variables.product.prodname_github_apps %} +- Repository webhooks +- Organization webhooks +- {% data variables.product.prodname_github_apps %} with the `metadata` permission -### Web 挂钩有效负载对象 +### Webhook payload object -{% data reusables.webhooks.watch_properties %} {% data reusables.webhooks.repo_desc %} {% data reusables.webhooks.org_desc %} {% data reusables.webhooks.app_desc %} {% data reusables.webhooks.sender_desc %} +{% data reusables.webhooks.watch_properties %} +{% data reusables.webhooks.repo_desc %} +{% data reusables.webhooks.org_desc %} +{% data reusables.webhooks.app_desc %} +{% data reusables.webhooks.sender_desc %} -### Web 挂钩有效负载示例 +### Webhook payload example {{ webhookPayloadsForCurrentVersion.watch.started }} {% ifversion fpt or ghes or ghec %} ## workflow_dispatch -当有人触发在 GitHub 上运行的工作流或将 `POST` 请求发送到“[创建工作流调度事件](/rest/reference/actions/#create-a-workflow-dispatch-event)”终结点时,会发生此事件。 有关详细信息,请参阅“[触发工作流的事件](/actions/reference/events-that-trigger-workflows#workflow_dispatch)”。 +This event occurs when someone triggers a workflow run on GitHub or sends a `POST` request to the "[Create a workflow dispatch event](/rest/reference/actions/#create-a-workflow-dispatch-event)" endpoint. For more information, see "[Events that trigger workflows](/actions/reference/events-that-trigger-workflows#workflow_dispatch)." -### 可用性 +### Availability -- {% data variables.product.prodname_github_apps %} 必须具有 `contents` 权限才能接收此 Webhook。 +- {% data variables.product.prodname_github_apps %} must have the `contents` permission to receive this webhook. -### Web 挂钩有效负载对象 +### Webhook payload object -| 密钥 | 类型 | 说明 | +| Key | Type | Description | |-----|-----|-----| -| `inputs` | `object` | 工作流的输入。 每个键表示输入的名称,而该值表示该输入的值。 | -{% data reusables.webhooks.org_desc %} | `ref` | `string` | 运行工作流的分支引用。 | {% data reusables.webhooks.repo_desc %} {% data reusables.webhooks.sender_desc %} | `workflow` | `string` | 包含工作流的工作流文件的相对路径。 | +| `inputs` | `object` | Inputs to the workflow. Each key represents the name of the input while it's value represents the value of that input. | +{% data reusables.webhooks.org_desc %} +| `ref` | `string` | The branch ref from which the workflow was run. | +{% data reusables.webhooks.repo_desc %} +{% data reusables.webhooks.sender_desc %} +| `workflow` | `string` | Relative path to the workflow file which contains the workflow. | -### Web 挂钩有效负载示例 +### Webhook payload example -{{ webhookPayloadsForCurrentVersion.workflow_dispatch }} {% endif %} +{{ webhookPayloadsForCurrentVersion.workflow_dispatch }} +{% endif %} {% ifversion fpt or ghes > 3.2 or ghec or ghae %} @@ -1415,33 +1605,42 @@ Web 挂钩事件是基于您注册的域的特异性而触发的。 例如,如 {% data reusables.webhooks.workflow_job_short_desc %} -### 可用性 +### Availability -- 仓库 web 挂钩 -- 组织 web 挂钩 -- 企业 web 挂钩 +- Repository webhooks +- Organization webhooks +- Enterprise webhooks -### Web 挂钩有效负载对象 +### Webhook payload object -{% data reusables.webhooks.workflow_job_properties %} {% data reusables.webhooks.repo_desc %} {% data reusables.webhooks.org_desc %} {% data reusables.webhooks.sender_desc %} +{% data reusables.webhooks.workflow_job_properties %} +{% data reusables.webhooks.repo_desc %} +{% data reusables.webhooks.org_desc %} +{% data reusables.webhooks.sender_desc %} -### Web 挂钩有效负载示例 +### Webhook payload example {{ webhookPayloadsForCurrentVersion.workflow_job }} -{% endif %} {% ifversion fpt or ghes or ghec %} +{% endif %} +{% ifversion fpt or ghes or ghec %} ## workflow_run -当 {% data variables.product.prodname_actions %} 工作流程运行被请求或完成时。 有关详细信息,请参阅“[触发工作流的事件](/actions/reference/events-that-trigger-workflows#workflow_run)”。 +When a {% data variables.product.prodname_actions %} workflow run is requested or completed. For more information, see "[Events that trigger workflows](/actions/reference/events-that-trigger-workflows#workflow_run)." -### 可用性 +### Availability -- 具有 `actions` 或 `contents` 权限的 {% data variables.product.prodname_github_apps %}。 +- {% data variables.product.prodname_github_apps %} with the `actions` or `contents` permissions. -### Web 挂钩有效负载对象 +### Webhook payload object -{% data reusables.webhooks.workflow_run_properties %} {% data reusables.webhooks.workflow_desc %} {% data reusables.webhooks.org_desc %} {% data reusables.webhooks.repo_desc %} {% data reusables.webhooks.sender_desc %} +{% data reusables.webhooks.workflow_run_properties %} +{% data reusables.webhooks.workflow_desc %} +{% data reusables.webhooks.org_desc %} +{% data reusables.webhooks.repo_desc %} +{% data reusables.webhooks.sender_desc %} -### Web 挂钩有效负载示例 +### Webhook payload example -{{ webhookPayloadsForCurrentVersion.workflow_run }} {% endif %} +{{ webhookPayloadsForCurrentVersion.workflow_run }} +{% endif %} diff --git a/translations/zh-CN/content/get-started/learning-about-github/about-github-advanced-security.md b/translations/zh-CN/content/get-started/learning-about-github/about-github-advanced-security.md index 655c8b55d4..d0d20d47d6 100644 --- a/translations/zh-CN/content/get-started/learning-about-github/about-github-advanced-security.md +++ b/translations/zh-CN/content/get-started/learning-about-github/about-github-advanced-security.md @@ -31,7 +31,7 @@ A {% data variables.product.prodname_GH_advanced_security %} license provides th - **Dependency review** - Show the full impact of changes to dependencies and see details of any vulnerable versions before you merge a pull request. For more information, see "[About dependency review](/code-security/supply-chain-security/about-dependency-review)." {% ifversion ghes < 3.7 or ghae %} - + - **Security overview** - Review the security configuration and alerts for an organization and identify the repositories at greatest risk. For more information, see "[About the security overview](/code-security/security-overview/about-the-security-overview)." {% endif %} diff --git a/translations/zh-CN/content/get-started/using-github/keyboard-shortcuts.md b/translations/zh-CN/content/get-started/using-github/keyboard-shortcuts.md index 0a070b85b9..4516f39f99 100644 --- a/translations/zh-CN/content/get-started/using-github/keyboard-shortcuts.md +++ b/translations/zh-CN/content/get-started/using-github/keyboard-shortcuts.md @@ -1,6 +1,6 @@ --- -title: 键盘快捷方式 -intro: '几乎 {% data variables.product.prodname_dotcom %} 上的每一页都有键盘快捷方式,可以更快地执行操作。' +title: Keyboard shortcuts +intro: 'Nearly every page on {% data variables.product.prodname_dotcom %} has a keyboard shortcut to perform actions faster.' redirect_from: - /articles/using-keyboard-shortcuts - /categories/75/articles @@ -13,217 +13,232 @@ versions: ghes: '*' ghae: '*' ghec: '*' -ms.openlocfilehash: 857c4129e2e156025c8ee8f37a0c834242c0b216 -ms.sourcegitcommit: 47bd0e48c7dba1dde49baff60bc1eddc91ab10c5 -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/05/2022 -ms.locfileid: '147423538' --- -## 关于键盘快捷键 +## About keyboard shortcuts -键入 ? ({% data variables.product.prodname_dotcom %} 上)会显示一个对话框,其中列出了可用于该页面的键盘快捷方式。 您可以使用这些键盘快捷键对站点执行操作,而无需使用鼠标导航。 +Typing ? on {% data variables.product.prodname_dotcom %} brings up a dialog box that lists the keyboard shortcuts available for that page. You can use these keyboard shortcuts to perform actions across the site without using your mouse to navigate. -{% ifversion keyboard-shortcut-accessibility-setting %} 可以在辅助功能设置中禁用字符键快捷方式,同时仍允许使用用于修改键的快捷方式。 有关详细信息,请参阅“[管理辅助功能设置](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-personal-account-settings/managing-accessibility-settings)”。{% endif %} +{% ifversion keyboard-shortcut-accessibility-setting %} +You can disable character key shortcuts, while still allowing shortcuts that use modifier keys, in your accessibility settings. For more information, see "[Managing accessibility settings](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-personal-account-settings/managing-accessibility-settings)."{% endif %} -下面是一些可用键盘快捷键的列表。 -{% ifversion command-palette %} {% data variables.product.prodname_command_palette %} 还可用于快速访问各种操作,而无需记住键盘快捷方式。 有关详细信息,请参阅“[{% data variables.product.prodname_command_palette %}](/get-started/using-github/github-command-palette)”。{% endif %} +Below is a list of some of the available keyboard shortcuts. +{% ifversion command-palette %} +The {% data variables.product.prodname_command_palette %} also gives you quick access to a wide range of actions, without the need to remember keyboard shortcuts. For more information, see "[{% data variables.product.prodname_command_palette %}](/get-started/using-github/github-command-palette)."{% endif %} -## 站点快捷键 +## Site wide shortcuts -| 键盘快捷方式 | 说明 +| Keyboard shortcut | Description |-----------|------------ -|S/ | 聚焦于搜索栏。 有关详细信息,请参阅“[关于搜索 {% data variables.product.company_short %}](/search-github/getting-started-with-searching-on-github/about-searching-on-github)”。 -|G N | 转到您的通知。 有关详细信息,请参阅“[关于通知](/github/managing-subscriptions-and-notifications-on-github/about-notifications)”。 -|Esc | 当聚焦于用户、议题或拉取请求悬停卡时,关闭悬停卡并重新聚焦于悬停卡所在的元素 -{% ifversion command-palette %}|Command+K (Mac) 或
Ctrl+K (Windows/Linux) | 打开 {% data variables.product.prodname_command_palette %}。 如果要编辑 Markdown 文本,请使用 Command+Option+KCtrl+Alt+K 打开命令面板。 有关详细信息,请参阅“[{% data variables.product.prodname_command_palette %}](/get-started/using-github/github-command-palette)”。{% endif %} +|S or / | Focus the search bar. For more information, see "[About searching on {% data variables.product.company_short %}](/search-github/getting-started-with-searching-on-github/about-searching-on-github)." +|G N | Go to your notifications. For more information, see "[About notifications](/github/managing-subscriptions-and-notifications-on-github/about-notifications)." +|Esc | When focused on a user, issue, or pull request hovercard, closes the hovercard and refocuses on the element the hovercard is in +{% ifversion command-palette %}|Command+K (Mac) or
Ctrl+K (Windows/Linux) | Opens the {% data variables.product.prodname_command_palette %}. If you are editing Markdown text, open the command palette with Command+Option+K or Ctrl+Alt+K. For more information, see "[{% data variables.product.prodname_command_palette %}](/get-started/using-github/github-command-palette)."{% endif %} -## 存储库 +## Repositories -| 键盘快捷方式 | 说明 +| Keyboard shortcut | Description |-----------|------------ -|G C | 转到“代码”选项卡 -|G I | 转到“问题”选项卡。有关详细信息,请参阅“[关于问题](/articles/about-issues)”。 -|G P | 转到“拉取请求”选项卡。有关详细信息,请参阅“[关于拉取请求](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/about-pull-requests)”。{% ifversion fpt or ghes or ghec %} -|G A | 转到“操作”选项卡。有关详细信息,请参阅“[关于操作](/actions/getting-started-with-github-actions/about-github-actions)”。{% endif %} -|G B | 转到“项目”选项卡。有关详细信息,请参阅“[关于项目板](/articles/about-project-boards)”。 -|G W | 转到“Wiki”选项卡。有关详细信息,请参阅“[关于 Wiki](/communities/documenting-your-project-with-wikis/about-wikis)”。{% ifversion discussions %} -|G G | 转到“讨论”选项卡。有关详细信息,请参阅“[关于讨论](/discussions/collaborating-with-your-community-using-discussions/about-discussions)”。{% endif %} +|G C | Go to the **Code** tab +|G I | Go to the **Issues** tab. For more information, see "[About issues](/articles/about-issues)." +|G P | Go to the **Pull requests** tab. For more information, see "[About pull requests](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/about-pull-requests)."{% ifversion fpt or ghes or ghec %} +|G A | Go to the **Actions** tab. For more information, see "[About Actions](/actions/getting-started-with-github-actions/about-github-actions)."{% endif %} +|G B | Go to the **Projects** tab. For more information, see "[About project boards](/articles/about-project-boards)." +|G W | Go to the **Wiki** tab. For more information, see "[About wikis](/communities/documenting-your-project-with-wikis/about-wikis)."{% ifversion discussions %} +|G G | Go to the **Discussions** tab. For more information, see "[About discussions](/discussions/collaborating-with-your-community-using-discussions/about-discussions)."{% endif %} -## 源代码编辑 +## Source code editing -| 键盘快捷方式 | 说明 |-----------|------------{% ifversion fpt or ghec %} |. | 在基于 Web 的编辑器中打开存储库或拉取请求。 有关详细信息,请参阅“[基于 Web 的编辑器](/codespaces/developing-in-codespaces/web-based-editor)”。{% endif %} |Command+B (Mac) 或
Ctrl+B (Windows/Linux) | 插入 Markdown 格式将文本设为粗体 | Command+I (Mac) 或
Ctrl+I (Windows/Linux) | 插入 Markdown 格式将文本设为斜体 | Command+K (Mac) 或
Ctrl+K (Windows/Linux) | 插入 Markdown 格式创建链接{% ifversion fpt or ghec or ghae or ghes > 3.3 %} |Command+Shift+7 (Mac) 或
Ctrl+Shift+7 (Windows/Linux) | 插入 Markdown 格式创建有序列表 |Command+Shift+8 (Mac) 或
Ctrl+Shift+8 (Windows/Linux) | 插入 Markdown 格式创建无序列表 |Command+Shift+. (Mac) 或
Ctrl+Shift+. (Windows/Linux) | 插入 Markdown 格式创建引用{% endif %} |E | 在“编辑文件”选项卡中打开源代码文件 |Command+F (Mac) 或
Ctrl+F (Windows/Linux) | 开始在文件编辑器中搜索 |Command+G (Mac) 或
Ctrl+G (Windows/Linux) | 查找下一个 |Command+Shift+G (Mac) 或
Ctrl+Shift+G (Windows/Linux) | 查找上一个 |Command+Option+F (Mac) 或
Ctrl+Shift+F (Windows/Linux) | 替换 |Command+Shift+Option+F (Mac) 或
Ctrl+Shift+R (Windows/Linux) | 全部替换 |Alt+G | 跳转到行 |Command+Z (Mac) 或
Ctrl+Z (Windows/Linux) | 撤消 |Command+Y (Mac) 或
Ctrl+Y (Windows/Linux) | 恢复 |Command+Shift+P | 在“编辑文件”和“预览更改”选项卡之间切换 |Command+S (Mac) 或
Ctrl+S (Windows/Linux) | 编写提交消息 +| Keyboard shortcut | Description +|-----------|------------{% ifversion fpt or ghec %} +|. | Opens a repository or pull request in the web-based editor. For more information, see "[Web-based editor](/codespaces/developing-in-codespaces/web-based-editor)."{% endif %} +|Command+B (Mac) or
Ctrl+B (Windows/Linux) | Inserts Markdown formatting for bolding text +|Command+I (Mac) or
Ctrl+I (Windows/Linux) | Inserts Markdown formatting for italicizing text +|Command+K (Mac) or
Ctrl+K (Windows/Linux) | Inserts Markdown formatting for creating a link{% ifversion fpt or ghec or ghae or ghes > 3.3 %} +|Command+Shift+7 (Mac) or
Ctrl+Shift+7 (Windows/Linux) | Inserts Markdown formatting for an ordered list +|Command+Shift+8 (Mac) or
Ctrl+Shift+8 (Windows/Linux) | Inserts Markdown formatting for an unordered list +|Command+Shift+. (Mac) or
Ctrl+Shift+. (Windows/Linux) | Inserts Markdown formatting for a quote{% endif %} +|E | Open source code file in the **Edit file** tab +|Command+F (Mac) or
Ctrl+F (Windows/Linux) | Start searching in file editor +|Command+G (Mac) or
Ctrl+G (Windows/Linux) | Find next +|Command+Shift+G (Mac) or
Ctrl+Shift+G (Windows/Linux) | Find previous +|Command+Option+F (Mac) or
Ctrl+Shift+F (Windows/Linux) | Replace +|Command+Shift+Option+F (Mac) or
Ctrl+Shift+R (Windows/Linux) | Replace all +|Alt+G | Jump to line +|Command+Z (Mac) or
Ctrl+Z (Windows/Linux) | Undo +|Command+Y (Mac) or
Ctrl+Y (Windows/Linux) | Redo +|Command+Shift+P | Toggles between the **Edit file** and **Preview changes** tabs +|Command+S (Mac) or
Ctrl+S (Windows/Linux) | Write a commit message -有关更多键盘快捷方式的详细信息,请参阅 [CodeMirror 文档](https://codemirror.net/doc/manual.html#commands)。 +For more keyboard shortcuts, see the [CodeMirror documentation](https://codemirror.net/doc/manual.html#commands). -## 源代码浏览 +## Source code browsing -| 键盘快捷方式 | 说明 +| Keyboard shortcut | Description |-----------|------------ -|T | 激活文件查找器 -|L | 跳至代码中的某一行 -|W | 切换到新分支或标记 -| | 将 URL 展开为其规范形式。 有关详细信息,请参阅“[获取文件的永久链接](/articles/getting-permanent-links-to-files)”。 -|I | 显示或隐藏有关差异的评论。 有关详细信息,请参阅“[评论拉取请求的差异](/articles/commenting-on-the-diff-of-a-pull-request)”。 -|A | 在差异上显示或隐藏注释 -|B | 打开追溯视图。 有关详细信息,请参阅“[跟踪文件中的更改](/articles/tracing-changes-in-a-file)”。 +|T | Activates the file finder +|L | Jump to a line in your code +|W | Switch to a new branch or tag +|Y | Expand a URL to its canonical form. For more information, see "[Getting permanent links to files](/articles/getting-permanent-links-to-files)." +|I | Show or hide comments on diffs. For more information, see "[Commenting on the diff of a pull request](/articles/commenting-on-the-diff-of-a-pull-request)." +|A | Show or hide annotations on diffs +|B | Open blame view. For more information, see "[Tracing changes in a file](/articles/tracing-changes-in-a-file)." -## 注释 +## Comments -| 键盘快捷方式 | 说明 +| Keyboard shortcut | Description |-----------|------------ -|Command+B (Mac) 或
Ctrl+B (Windows/Linux) | 插入 Markdown 格式用于粗体文本 -|Command+I (Mac) 或
Ctrl+I (Windows/Linux) | 插入 Markdown 格式用于斜体文本 -|Command+E (Mac) 或
Ctrl+E (Windows/Linux) | 在行 {% ifversion fpt or ghae-issue-5434 or ghes or ghec %} 中插入代码或命令的 Markdown 格式 -|Command+K (Mac) 或
Ctrl+K (Windows/Linux) | 插入 Markdown 格式以创建链接{% endif %}{% ifversion fpt or ghae-issue-7103 or ghes > 3.5 or ghec %} -|Command+V (Mac) 或
Ctrl+V (Windows/Linux) | 应用于突出显示的文本时创建 Markdown 链接{% endif %} -|Command+Shift+P (Mac) 或
Ctrl+Shift+P (Windows/Linux) | 在“撰写”和“预览”评论选项卡之间切换{% ifversion fpt or ghae or ghes > 3.4 or ghec %} -|Command+Shift+V (Mac) 或
Ctrl+Shift+V (Windows/Linux) | 将 HTML 链接粘贴为纯文本{% endif %}{% ifversion fpt or ghae or ghes > 3.2 or ghec %} -|Command+Shift+Option+V (Mac) 或
Ctrl+Shift+Alt+V (Windows/Linux) | 将 HTML 链接粘贴为纯文本{% endif %}{% ifversion fpt or ghae or ghes > 3.2 or ghec %} -|Command+Shift+7 (Mac) 或
Ctrl+Shift+7 (Windows/Linux) | 为有序列表插入 Markdown 格式 -|Command+Shift+8 (Mac) 或
Ctrl+Shift+8 (Windows/Linux) | 为无序列表插入 Markdown 格式{% endif %} -|Command+Enter (Mac) 或
Ctrl+Enter (Windows/Linux) | 提交评论 -|Ctrl+. 然后按 Ctrl+[保存的回复编号] | 打开已保存回复菜单,然后使用已保存回复自动填写评论字段。 有关详细信息,请参阅“[关于已保存的回复](/articles/about-saved-replies)”。{% ifversion fpt or ghae or ghes > 3.2 or ghec %} -|Command+Shift+. (Mac) 或
Ctrl+Shift+. (Windows/Linux) | 为报价插入 Markdown 格式{% endif %}{% ifversion fpt or ghec %} -|Command+G (Mac) 或
Ctrl+G (Windows/Linux) | 插入建议。 有关详细信息,请参阅“[审查拉取请求中的建议更改](/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-proposed-changes-in-a-pull-request)”。 |{% endif %} -|R | 在您的回复中引用所选的文本。 有关详细信息,请参阅“[基本撰写和格式设置语法](/articles/basic-writing-and-formatting-syntax#quoting-text)”。 | +|Command+B (Mac) or
Ctrl+B (Windows/Linux) | Inserts Markdown formatting for bolding text +|Command+I (Mac) or
Ctrl+I (Windows/Linux) | Inserts Markdown formatting for italicizing text +|Command+E (Mac) or
Ctrl+E (Windows/Linux) | Inserts Markdown formatting for code or a command within a line{% ifversion fpt or ghae > 3.3 or ghes or ghec %} +|Command+K (Mac) or
Ctrl+K (Windows/Linux) | Inserts Markdown formatting for creating a link{% endif %}{% ifversion fpt or ghae > 3.5 or ghes > 3.5 or ghec %} +|Command+V (Mac) or
Ctrl+V (Windows/Linux) | Creates a Markdown link when applied over highlighted text{% endif %} +|Command+Shift+P (Mac) or
Ctrl+Shift+P (Windows/Linux) | Toggles between the **Write** and **Preview** comment tabs{% ifversion fpt or ghae or ghes > 3.4 or ghec %} +|Command+Shift+V (Mac) or
Ctrl+Shift+V (Windows/Linux) | Pastes HTML link as plain text{% endif %}{% ifversion fpt or ghae or ghes > 3.2 or ghec %} +|Command+Shift+Opt+V (Mac) or
Ctrl+Shift+Alt+V (Windows/Linux) | Pastes HTML link as plain text{% endif %}{% ifversion fpt or ghae or ghes > 3.2 or ghec %} +|Command+Shift+7 (Mac) or
Ctrl+Shift+7 (Windows/Linux) | Inserts Markdown formatting for an ordered list +|Command+Shift+8 (Mac) or
Ctrl+Shift+8 (Windows/Linux) | Inserts Markdown formatting for an unordered list{% endif %} +|Command+Enter (Mac) or
Ctrl+Enter (Windows/Linux) | Submits a comment +|Ctrl+. and then Ctrl+[saved reply number] | Opens saved replies menu and then autofills comment field with a saved reply. For more information, see "[About saved replies](/articles/about-saved-replies)."{% ifversion fpt or ghae or ghes > 3.2 or ghec %} +|Command+Shift+. (Mac) or
Ctrl+Shift+. (Windows/Linux) | Inserts Markdown formatting for a quote{% endif %}{% ifversion fpt or ghec %} +|Command+G (Mac) or
Ctrl+G (Windows/Linux) | Insert a suggestion. For more information, see "[Reviewing proposed changes in a pull request](/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-proposed-changes-in-a-pull-request)." |{% endif %} +|R | Quote the selected text in your reply. For more information, see "[Basic writing and formatting syntax](/articles/basic-writing-and-formatting-syntax#quoting-text)." | -## 议题和拉取请求列表 +## Issue and pull request lists -| 键盘快捷方式 | 说明 +| Keyboard shortcut | Description |-----------|------------ -|C | 创建问题 -|Command+/ (Mac) 或
Ctrl+/ (Windows/Linux) | 将光标聚焦于议题或拉取请求搜索栏。 有关详细信息,请参阅“[筛选和搜索问题与拉取请求](/issues/tracking-your-work-with-issues/filtering-and-searching-issues-and-pull-requests)”。|| -|U | 按作者过滤 -|L | 按标签过滤或编辑标签。 有关详细信息,请参阅[按标签筛选问题和拉取请求](/articles/filtering-issues-and-pull-requests-by-labels)。 -|Alt 并单击 | 按标签过滤时,排除标签。 有关详细信息,请参阅[按标签筛选问题和拉取请求](/articles/filtering-issues-and-pull-requests-by-labels)。 -|M | 按里程碑过滤或编辑里程碑。 有关详细信息,请参阅“[按里程碑筛选问题和拉取请求](/articles/filtering-issues-and-pull-requests-by-milestone)”。 -|A | 按受理人过滤或编辑受理人。 有关详细信息,请参阅“[按被分派人筛选问题和拉取请求](/articles/filtering-issues-and-pull-requests-by-assignees)”。 -|OEnter | 激活议题 +|C | Create an issue +|Command+/ (Mac) or
Ctrl+/ (Windows/Linux) | Focus your cursor on the issues or pull requests search bar. For more information, see "[Filtering and searching issues and pull requests](/issues/tracking-your-work-with-issues/filtering-and-searching-issues-and-pull-requests)."|| +|U | Filter by author +|L | Filter by or edit labels. For more information, see "[Filtering issues and pull requests by labels](/articles/filtering-issues-and-pull-requests-by-labels)." +|Alt and click | While filtering by labels, exclude labels. For more information, see "[Filtering issues and pull requests by labels](/articles/filtering-issues-and-pull-requests-by-labels)." +|M | Filter by or edit milestones. For more information, see "[Filtering issues and pull requests by milestone](/articles/filtering-issues-and-pull-requests-by-milestone)." +|A | Filter by or edit assignee. For more information, see "[Filtering issues and pull requests by assignees](/articles/filtering-issues-and-pull-requests-by-assignees)." +|O or Enter | Open issue -## 议题和拉取请求 -| 键盘快捷方式 | 说明 +## Issues and pull requests +| Keyboard shortcut | Description |-----------|------------ -|Q | 请求审查者。 有关详细信息,请参阅“[请求拉取请求审查](/articles/requesting-a-pull-request-review/)”。 -|M | 设置里程碑。 有关详细信息,请参阅“[将里程碑与问题和拉取请求相关联](/articles/associating-milestones-with-issues-and-pull-requests/)”。 -|L | 应用标签。 有关详细信息,请参阅“[将标签应用于问题和拉取请求](/articles/applying-labels-to-issues-and-pull-requests/)”。 -|A | 设置受理人。 有关详细信息,请参阅“[向其他 {% data variables.product.company_short %} 用户分配问题和拉取请求](/articles/assigning-issues-and-pull-requests-to-other-github-users/)”。 -|X | 链接来自同一存储库的议题或拉取请求。 有关详细信息,请参阅“[将拉取请求链接到问题](/issues/tracking-your-work-with-issues/linking-a-pull-request-to-an-issue/)”。 -|Command+Shift+P (Mac) 或
Ctrl+Shift+P (Windows/Linux) | 在“写入”和“预览”选项卡之间切换{% ifversion fpt or ghec %} -|Alt 并单击 | 从任务列表创建问题时,按住 Alt 并单击任务右上角的 {% octicon "issue-opened" aria-label="The issue opened icon" %},以在当前选项卡中打开新问题表单。 有关详细信息,请参阅“[关于任务列表](/issues/tracking-your-work-with-issues/creating-issues/about-task-lists)”。 -|Shift 并单击 | 从任务列表创建问题时,按住 Alt 并单击任务右上角的 {% octicon "issue-opened" aria-label="The issue opened icon" %},以在新的选项卡中打开新问题表单。 有关详细信息,请参阅“[关于任务列表](/issues/tracking-your-work-with-issues/creating-issues/about-task-lists)”。 -|Command 并单击 (Mac) 或
Ctrl+Shift 并单击 (Windows/Linux) | 从任务列表创建问题时,按住 CommandCtrl+Shift 并单击任务右上角的 {% octicon "issue-opened" aria-label="The issue opened icon" %},以在新窗口中打开新问题表单。 有关详细信息,请参阅“[关于任务列表](/issues/tracking-your-work-with-issues/creating-issues/about-task-lists)”。{% endif %} +|Q | Request a reviewer. For more information, see "[Requesting a pull request review](/articles/requesting-a-pull-request-review/)." +|M | Set a milestone. For more information, see "[Associating milestones with issues and pull requests](/articles/associating-milestones-with-issues-and-pull-requests/)." +|L | Apply a label. For more information, see "[Applying labels to issues and pull requests](/articles/applying-labels-to-issues-and-pull-requests/)." +|A | Set an assignee. For more information, see "[Assigning issues and pull requests to other {% data variables.product.company_short %} users](/articles/assigning-issues-and-pull-requests-to-other-github-users/)." +|X | Link an issue or pull request from the same repository. For more information, see "[Linking a pull request to an issue](/issues/tracking-your-work-with-issues/linking-a-pull-request-to-an-issue/)." +|Command+Shift+P (Mac) or
Ctrl+Shift+P (Windows/Linux) | Toggles between the **Write** and **Preview** tabs{% ifversion fpt or ghec %} +|Alt and click | When creating an issue from a task list, open the new issue form in the current tab by holding Alt and clicking the {% octicon "issue-opened" aria-label="The issue opened icon" %} in the upper-right corner of the task. For more information, see "[About task lists](/issues/tracking-your-work-with-issues/creating-issues/about-task-lists)." +|Shift and click | When creating an issue from a task list, open the new issue form in a new tab by holding Shift and clicking the {% octicon "issue-opened" aria-label="The issue opened icon" %} in the upper-right corner of the task. For more information, see "[About task lists](/issues/tracking-your-work-with-issues/creating-issues/about-task-lists)." +|Command and click (Mac) or
Ctrl+Shift and click (Windows/Linux) | When creating an issue from a task list, open the new issue form in the new window by holding Command or Ctrl+Shift and clicking the {% octicon "issue-opened" aria-label="The issue opened icon" %} in the upper-right corner of the task. For more information, see "[About task lists](/issues/tracking-your-work-with-issues/creating-issues/about-task-lists)."{% endif %} -## 拉取请求中的更改 +## Changes in pull requests -| 键盘快捷方式 | 说明 +| Keyboard shortcut | Description |-----------|------------ -|C | 在拉取请求中打开提交列表 -|T | 在拉取请求中打开已更改文件列表 -|J | 将所选内容在列表中向下移动 -|K | 将所选内容在列表中向上移动 -|Command+Shift+Enter | 添加一条有关拉取请求差异的评论 | -|Alt 并单击 | 按住 Alt 并单击“显示已过期内容”或“隐藏已过期内容”,在折叠和展开拉取请求中所有过期的审查评论之间切换 。| -|单击,然后按住 Shift 并单击 | 单击一个行号,按住 Shift,然后单击另一行号,对拉取请求的多行进行评论。 有关详细信息,请参阅“[评论拉取请求](/github/collaborating-with-issues-and-pull-requests/commenting-on-a-pull-request#adding-line-comments-to-a-pull-request)”。| +|C | Open the list of commits in the pull request +|T | Open the list of changed files in the pull request +|J | Move selection down in the list +|K | Move selection up in the list +|Command+Shift+Enter | Add a single comment on a pull request diff | +|Alt and click | Toggle between collapsing and expanding all outdated review comments in a pull request by holding down Alt and clicking **Show outdated** or **Hide outdated**.| +|Click, then Shift and click | Comment on multiple lines of a pull request by clicking a line number, holding Shift, then clicking another line number. For more information, see "[Commenting on a pull request](/github/collaborating-with-issues-and-pull-requests/commenting-on-a-pull-request#adding-line-comments-to-a-pull-request)."| {% ifversion projects-v2 %} ## {% data variables.projects.projects_v2_caps %} -### 导航项目 +### Navigating a project -| 键盘快捷方式 | 说明 +| Keyboard shortcut | Description |-----------|------------ -|+f (Mac) 或 Ctrl+f (Windows/Linux) | 焦点筛选器字段 -| | 将单元格焦点移到左侧 -| | 将单元格焦点移到右侧 -| | 向上移动单元格焦点 -| | 向下移动单元格焦点 +|+f (Mac) or Ctrl+f (Windows/Linux) | Focus filter field +| | Move cell focus to the left +| | Move cell focus to the right +| | Move cell focus up +| | Move cell focus down -### 操作项目 +### Manipulating a project -| 键盘快捷方式 | 说明 +| Keyboard shortcut | Description |-----------|------------ -|Enter | 切换聚焦单元格的编辑模式 -|Esc 键 | 取消对聚焦单元格的编辑 -|+Shift+\ (Mac) 或 Ctrl+Shift+\ (Windows/Linux) | 打开行操作菜单 -|Shift+Space | 选择项 -|Space | 打开选定项 -|e | 存档选定项 +|Enter | Toggle edit mode for the focused cell +|Escape | Cancel editing for the focused cell +|+Shift+\ (Mac) or Ctrl+Shift+\ (Windows/Linux) | Open row actions menu +|Shift+Space | Select item +|Space | Open selected item +|e | Archive selected items {% endif %} ## {% data variables.product.prodname_projects_v1_caps %} -### 移动列 +### Moving a column -| 键盘快捷方式 | 说明 +| Keyboard shortcut | Description |-----------|------------ -|Enter空格 | 开始移动聚焦的列 -|Esc | 取消正在进行的移动 -|Enter | 完成正在进行的移动 -|H | 向左移动列 -|Command+Command+H (Mac) 或
Ctrl+Ctrl+H (Windows/Linux) | 将列移动到最左侧的位置 -|L | 向右移动列 -|Command+Command+L (Mac) 或
Ctrl+Ctrl+L (Windows/Linux) | 将列移动到最右侧的位置 +|Enter or Space | Start moving the focused column +|Esc | Cancel the move in progress +|Enter | Complete the move in progress +| or H | Move column to the left +|Command+ or Command+H (Mac) or
Ctrl+ or Ctrl+H (Windows/Linux) | Move column to the leftmost position +| or L | Move column to the right +|Command+ or Command+L (Mac) or
Ctrl+ or Ctrl+L (Windows/Linux) | Move column to the rightmost position -### 移动卡片 +### Moving a card -| 键盘快捷方式 | 说明 +| Keyboard shortcut | Description |-----------|------------ -|Enter空格 | 开始移动聚焦的卡片 -|Esc | 取消正在进行的移动 -|Enter | 完成正在进行的移动 -|J | 向下移动卡片 -|Command+Command+J (Mac) 或
Ctrl+Ctrl+J (Windows/Linux) | 将卡片移动到该列的底部 -|K | 向上移动卡片 -|Command+Command+K (Mac) 或
Ctrl+Ctrl+K (Windows/Linux) | 将卡片移动到该列的顶部 -|H | 将卡片移动到左侧列的底部 -|Shift+Shift+H | 将卡片移动到左侧列的顶部 -|Command+Command+H (Mac) 或
Ctrl+Ctrl+H (Windows/Linux) | 将卡片移动到最左侧列的底部 -|Command+Shift+Command+Shift+H (Mac) 或
Ctrl+Shift+Ctrl+Shift+H (Windows/Linux) | 将卡片移动到最左侧列的顶部 -| | 将卡片移动到右侧列的底部 -|Shift+Shift+L | 将卡片移动到右侧列的顶部 -|Command+Command+L (Mac) 或
Ctrl+Ctrl+L (Windows/Linux) | 将卡片移动到最右侧列的底部 -|Command+Shift+Command+Shift+L (Mac) 或
Ctrl+Shift+Ctrl+Shift+L (Windows/Linux) | 将卡片移动到最右侧列的底部 +|Enter or Space | Start moving the focused card +|Esc | Cancel the move in progress +|Enter | Complete the move in progress +| or J | Move card down +|Command+ or Command+J (Mac) or
Ctrl+ or Ctrl+J (Windows/Linux) | Move card to the bottom of the column +| or K | Move card up +|Command+ or Command+K (Mac) or
Ctrl+ or Ctrl+K (Windows/Linux) | Move card to the top of the column +| or H | Move card to the bottom of the column on the left +|Shift+ or Shift+H | Move card to the top of the column on the left +|Command+ or Command+H (Mac) or
Ctrl+ or Ctrl+H (Windows/Linux) | Move card to the bottom of the leftmost column +|Command+Shift+ or Command+Shift+H (Mac) or
Ctrl+Shift+ or Ctrl+Shift+H (Windows/Linux) | Move card to the top of the leftmost column +| | Move card to the bottom of the column on the right +|Shift+ or Shift+L | Move card to the top of the column on the right +|Command+ or Command+L (Mac) or
Ctrl+ or Ctrl+L (Windows/Linux) | Move card to the bottom of the rightmost column +|Command+Shift+ or Command+Shift+L (Mac) or
Ctrl+Shift+ or Ctrl+Shift+L (Windows/Linux) | Move card to the bottom of the rightmost column -### 预览卡片 +### Previewing a card -| 键盘快捷方式 | 说明 +| Keyboard shortcut | Description |-----------|------------ -|Esc | 关闭卡片预览窗格 +|Esc | Close the card preview pane {% ifversion fpt or ghec %} ## {% data variables.product.prodname_actions %} -| 键盘快捷方式 | 说明 +| Keyboard shortcut | Description |-----------|------------ -|Command+空格 (Mac) 或
Ctrl+空格 (Windows/Linux) | 在工作流程编辑器中,获取对工作流程文件的建议。 -|G F | 转到工作流程文件 -|Shift+TT | 切换日志中的时间戳 -|Shift+FF | 切换全屏日志 -|Esc | 退出全屏日志 +|Command+Space (Mac) or
Ctrl+Space (Windows/Linux) | In the workflow editor, get suggestions for your workflow file. +|G F | Go to the workflow file +|Shift+T or T | Toggle timestamps in logs +|Shift+F or F | Toggle full-screen logs +|Esc | Exit full-screen logs {% endif %} -## 通知 +## Notifications -| 键盘快捷方式 | 说明 +| Keyboard shortcut | Description |-----------|------------ -|E | 标记为完成 -|Shift+U| 标记为“未读” -|Shift+I| 标记为已读 -|Shift+M | 取消订阅 +|E | Mark as done +|Shift+U| Mark as unread +|Shift+I| Mark as read +|Shift+M | Unsubscribe -## 网络图 +## Network graph -| 键盘快捷方式 | 说明 +| Keyboard shortcut | Description |-----------|------------ -|H | 向左滚动 -|L | 向右滚动 -|K | 向上滚动 -|J | 向下滚动 -|Shift+
Shift+H (Windows/Linux) | 一直向左滚动 -|Shift+ (Mac) 或
Shift+L (Windows/Linux) | 一直向右滚动 -|Shift+ (Mac) 或
Shift+K (Windows/Linux) | 一直向上滚动 -|Shift+ (Mac) 或
Shift+J (Windows/Linux) | 一直向下滚动 +| or H | Scroll left +| or L | Scroll right +| or K | Scroll up +| or J | Scroll down +|Shift+ (Mac) or
Shift+H (Windows/Linux) | Scroll all the way left +|Shift+ (Mac) or
Shift+L (Windows/Linux) | Scroll all the way right +|Shift+ (Mac) or
Shift+K (Windows/Linux) | Scroll all the way up +|Shift+ (Mac) or
Shift+J (Windows/Linux) | Scroll all the way down diff --git a/translations/zh-CN/content/get-started/writing-on-github/getting-started-with-writing-and-formatting-on-github/basic-writing-and-formatting-syntax.md b/translations/zh-CN/content/get-started/writing-on-github/getting-started-with-writing-and-formatting-on-github/basic-writing-and-formatting-syntax.md index bb7723de36..a7321a27c9 100644 --- a/translations/zh-CN/content/get-started/writing-on-github/getting-started-with-writing-and-formatting-on-github/basic-writing-and-formatting-syntax.md +++ b/translations/zh-CN/content/get-started/writing-on-github/getting-started-with-writing-and-formatting-on-github/basic-writing-and-formatting-syntax.md @@ -116,9 +116,9 @@ Here are the currently supported color models. ## Links -You can create an inline link by wrapping link text in brackets `[ ]`, and then wrapping the URL in parentheses `( )`. You can also use the keyboard shortcut Command+K to create a link.{% ifversion fpt or ghae-issue-5434 or ghes > 3.3 or ghec %} When you have text selected, you can paste a URL from your clipboard to automatically create a link from the selection.{% endif %} +You can create an inline link by wrapping link text in brackets `[ ]`, and then wrapping the URL in parentheses `( )`. You can also use the keyboard shortcut Command+K to create a link.{% ifversion fpt or ghae > 3.3 or ghes > 3.3 or ghec %} When you have text selected, you can paste a URL from your clipboard to automatically create a link from the selection.{% endif %} -{% ifversion fpt or ghae-issue-7103 or ghes > 3.5 or ghec %} You can also create a Markdown hyperlink by highlighting the text and using the keyboard shortcut Command+V. If you'd like to replace the text with the link, use the keyboard shortcut Command+Shift+V.{% endif %} +{% ifversion fpt or ghae > 3.5 or ghes > 3.5 or ghec %} You can also create a Markdown hyperlink by highlighting the text and using the keyboard shortcut Command+V. If you'd like to replace the text with the link, use the keyboard shortcut Command+Shift+V.{% endif %} `This site was built using [GitHub Pages](https://pages.github.com/).` @@ -172,7 +172,7 @@ Here are some examples for using relative links to display an image. For more information, see "[Relative Links](#relative-links)." -{% ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5559 %} +{% ifversion fpt or ghec or ghes > 3.3 or ghae > 3.3 %} ### Specifying the theme an image is shown to You can specify the theme an image is displayed for in Markdown by using the HTML `` element in combination with the `prefers-color-scheme` media feature. We distinguish between light and dark color modes, so there are two options available. You can use these options to display images optimized for dark or light backgrounds. This is particularly helpful for transparent PNG images. diff --git a/translations/zh-CN/content/get-started/writing-on-github/working-with-advanced-formatting/writing-mathematical-expressions.md b/translations/zh-CN/content/get-started/writing-on-github/working-with-advanced-formatting/writing-mathematical-expressions.md index 07b5505489..2a01789396 100644 --- a/translations/zh-CN/content/get-started/writing-on-github/working-with-advanced-formatting/writing-mathematical-expressions.md +++ b/translations/zh-CN/content/get-started/writing-on-github/working-with-advanced-formatting/writing-mathematical-expressions.md @@ -1,37 +1,32 @@ --- -title: 编写数学表达式 -intro: '使用 Markdown 在 {% data variables.product.company_short %} 上显示数学表达式。' +title: Writing mathematical expressions +intro: 'Use Markdown to display mathematical expressions on {% data variables.product.company_short %}.' versions: feature: math shortTitle: Mathematical expressions -ms.openlocfilehash: b50cdde16f5496e65faf89f0692dc6201cccf15a -ms.sourcegitcommit: 47bd0e48c7dba1dde49baff60bc1eddc91ab10c5 -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/05/2022 -ms.locfileid: '147529749' --- -## 关于编写数学表达式 -为了实现数学表达式的清晰传达,{% data variables.product.product_name %} 支持 Markdown 中 LaTeX 格式的数学表达式。 有关详细信息,请参阅 Wikibook 中的 [LaTeX/数学](http://en.wikibooks.org/wiki/LaTeX/Mathematics)。 +## About writing mathematical expressions -{% data variables.product.company_short %} 的数学呈现功能使用 MathJax;真是一种基于 JavaScript 的开源显示引擎。 MathJax 支持广泛的 LaTeX 宏,以及几个有用的辅助功能扩展。 有关详细信息,请参阅 [MathJax 文档](http://docs.mathjax.org/en/latest/input/tex/index.html#tex-and-latex-support)和 [MathJax 辅助功能扩展文档](https://mathjax.github.io/MathJax-a11y/docs/#reader-guide)。 +To enable clear communication of mathematical expressions, {% data variables.product.product_name %} supports LaTeX formatted math within Markdown. For more information, see [LaTeX/Mathematics](http://en.wikibooks.org/wiki/LaTeX/Mathematics) in Wikibooks. -数学表达式可在以下项中呈现:{% data variables.product.prodname_github_issues %}、{% data variables.product.prodname_discussions %}、拉取请求、{% ifversion fpt or ghec or ghes > 3.6 or ghae-issue-7647 %}Wiki {% endif %}和 Markdown 文件。 +{% data variables.product.company_short %}'s math rendering capability uses MathJax; an open source, JavaScript-based display engine. MathJax supports a wide range of LaTeX macros, and several useful accessibility extensions. For more information, see [the MathJax documentation](http://docs.mathjax.org/en/latest/input/tex/index.html#tex-and-latex-support) and [the MathJax Accessibility Extensions Documentation](https://mathjax.github.io/MathJax-a11y/docs/#reader-guide). -## 编写内联表达式 +Mathematical expressions rendering is available in {% data variables.product.prodname_github_issues %}, {% data variables.product.prodname_discussions %}, pull requests, {% ifversion fpt or ghec or ghes > 3.6 or ghae > 3.6 %}wikis, {% endif %}and Markdown files. -要在文本中包含内联数学表达式,请使用美元符号 `$` 分隔表达式。 +## Writing inline expressions + +To include a math expression inline with your text, delimit the expression with a dollar symbol `$`. ``` This sentence uses `$` delimiters to show math inline: $\sqrt{3x-1}+(1+x)^2$ ``` -![内联数学 markdown 呈现](/assets/images/help/writing/inline-math-markdown-rendering.png) +![Inline math markdown rendering](/assets/images/help/writing/inline-math-markdown-rendering.png) -## 将表达式编写为块 +## Writing expressions as blocks -要以块的形式添加数学表达式,请启动一个新行,并使用两个美元符号 `$$` 分隔表达式。 +To add a math expression as a block, start a new line and delimit the expression with two dollar symbols `$$`. ``` **The Cauchy-Schwarz Inequality** @@ -39,11 +34,11 @@ This sentence uses `$` delimiters to show math inline: $\sqrt{3x-1}+(1+x)^2$ $$\left( \sum_{k=1}^n a_k b_k \right)^2 \leq \left( \sum_{k=1}^n a_k^2 \right) \left( \sum_{k=1}^n b_k^2 \right)$$ ``` -![数学表达式作为块呈现](/assets/images/help/writing/math-expression-as-a-block-rendering.png) +![Math expression as a block rendering](/assets/images/help/writing/math-expression-as-a-block-rendering.png) {% ifversion math-fenced-blocks %} -或者,可以使用 \`\`\`math 代码块语法将数学表达式显示为块。 使用此语法时,无需使用 `$$` 分隔符。 +Alternatively, you can use the \`\`\`math code block syntax to display a math expression as a block. With this syntax, you don't need to use `$$` delimiters. ```` **Here is some math!** @@ -53,32 +48,32 @@ $$\left( \sum_{k=1}^n a_k b_k \right)^2 \leq \left( \sum_{k=1}^n a_k^2 \right) \ ``` ```` -![围栏代码块中的数学表达式](/assets/images/help/writing/math-expression-as-a-fenced-code-block.png) +![Math expression in a fenced code block](/assets/images/help/writing/math-expression-as-a-fenced-code-block.png) {% endif %} -## 在数学表达式所在的行中和数学表达式内编写美元符号 +## Writing dollar signs in line with and within mathematical expressions -要在数学表达式所在的同一行中将美元符号显示为字符,需要对非分隔符 `$` 进行转义以确保行正确呈现。 +To display a dollar sign as a character in the same line as a mathematical expression, you need to escape the non-delimiter `$` to ensure the line renders correctly. - - 在数学表达式内,在显式 `$` 之前添加一个 `\` 符号。 + - Within a math expression, add a `\` symbol before the explicit `$`. ``` This expression uses `\$` to display a dollar sign: $\sqrt{\$4}$ ``` - ![数学表达式内的美元符号](/assets/images/help/writing/dollar-sign-within-math-expression.png) + ![Dollar sign within math expression](/assets/images/help/writing/dollar-sign-within-math-expression.png) - - 在数学表达式之外,但在同一行上,在显式 `$` 两边使用 span 标记。 + - Outside a math expression, but on the same line, use span tags around the explicit `$`. ``` To split $100 in half, we calculate $100/2$ ``` - ![美元符号内联数学表达式](/assets/images/help/writing/dollar-sign-inline-math-expression.png) + ![Dollar sign inline math expression](/assets/images/help/writing/dollar-sign-inline-math-expression.png) -## 延伸阅读 +## Further reading -* [MathJax 网站](http://mathjax.org) -* [Getting started with writing and formatting on GitHub(GitHub 写作和格式设置入门)](/get-started/writing-on-github/getting-started-with-writing-and-formatting-on-github) -* [GitHub 支持的 Markdown 规范](https://github.github.com/gfm/) +* [The MathJax website](http://mathjax.org) +* [Getting started with writing and formatting on GitHub](/get-started/writing-on-github/getting-started-with-writing-and-formatting-on-github) +* [GitHub Flavored Markdown Spec](https://github.github.com/gfm/) diff --git a/translations/zh-CN/content/graphql/guides/migrating-from-rest-to-graphql.md b/translations/zh-CN/content/graphql/guides/migrating-from-rest-to-graphql.md index 7d155ec4cc..c79e645a48 100644 --- a/translations/zh-CN/content/graphql/guides/migrating-from-rest-to-graphql.md +++ b/translations/zh-CN/content/graphql/guides/migrating-from-rest-to-graphql.md @@ -1,6 +1,6 @@ --- -title: 从 REST 迁移到 GraphQL -intro: '了解从 {% data variables.product.prodname_dotcom %} 的 REST API 迁移到 {% data variables.product.prodname_dotcom %} 的 GraphQL API 的最佳实践和注意事项。' +title: Migrating from REST to GraphQL +intro: 'Learn best practices and considerations for migrating from {% data variables.product.prodname_dotcom %}''s REST API to {% data variables.product.prodname_dotcom %}''s GraphQL API.' redirect_from: - /v4/guides/migrating-from-rest - /graphql/guides/migrating-from-rest @@ -12,40 +12,37 @@ versions: topics: - API shortTitle: Migrate from REST to GraphQL -ms.openlocfilehash: dbafde83c8acac664b6a0f712927af82c646d397 -ms.sourcegitcommit: 47bd0e48c7dba1dde49baff60bc1eddc91ab10c5 -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/05/2022 -ms.locfileid: '145066655' --- -## API 逻辑差异 -从 REST 迁移到 GraphQL 代表了 API 逻辑的一次重大转变。 作为样式的 REST 与作为规范的 GraphQL 之间的差异使得很难—且通常不可取—以一对一方式将 REST API 调用替换为 GraphQL API 查询。 我们在下面提供了具体的迁移示例。 +## Differences in API logic -将代码从 [REST API](/rest) 迁移到 GraphQL API: +{% data variables.product.company_short %} provides two APIs: a REST API and a GraphQL API. For more information about {% data variables.product.company_short %}'s APIs, see "[About {% data variables.product.company_short %}'s APIs](/developers/overview/about-githubs-apis)." -- 查看 [GraphQL 规范](https://graphql.github.io/graphql-spec/June2018/) -- 查看 GitHub 的 [GraphQL 架构](/graphql/reference) -- 考虑您当前的现有代码如何与 GitHub REST API 交互 -- 使用[全局节点 ID](/graphql/guides/using-global-node-ids) 引用 API 版本之间的对象 +Migrating from REST to GraphQL represents a significant shift in API logic. The differences between REST as a style and GraphQL as a specification make it difficult—and often undesirable—to replace REST API calls with GraphQL API queries on a one-to-one basis. We've included specific examples of migration below. -GraphQL 的重要优势包括: +To migrate your code from the [REST API](/rest) to the GraphQL API: -- [仅获取你所需的数据](#example-getting-the-data-you-need-and-nothing-more) -- [嵌套字段](#example-nesting) -- [强类型化](#example-strong-typing) +- Review the [GraphQL spec](https://graphql.github.io/graphql-spec/June2018/) +- Review GitHub's [GraphQL schema](/graphql/reference) +- Consider how any existing code you have currently interacts with the GitHub REST API +- Use [Global Node IDs](/graphql/guides/using-global-node-ids) to reference objects between API versions -下面是每种优势的示例。 +Significant advantages of GraphQL include: -## 示例:仅获取您所需的数据 +- [Getting the data you need and nothing more](#example-getting-the-data-you-need-and-nothing-more) +- [Nested fields](#example-nesting) +- [Strong typing](#example-strong-typing) -单个 REST API 可检索组织成员列表: +Here are examples of each. + +## Example: Getting the data you need and nothing more + +A single REST API call retrieves a list of your organization's members: ```shell curl -v {% data variables.product.api_url_pre %}/orgs/:org/members ``` -如果您的目标是仅检索成员名称和头像链接,REST 有效负载中将包含多余数据。 但是,GraphQL 查询仅返回您指定的数据: +The REST payload contains excessive data if your goal is to retrieve only member names and links to avatars. However, a GraphQL query returns only what you specify: ```graphql query { @@ -62,17 +59,17 @@ query { } ``` -考虑另一个示例:检索拉取请求列表并检查每个请求是否可合并。 对 REST API 的调用可检索拉取请求列表及其[摘要陈述](/rest#summary-representations): +Consider another example: retrieving a list of pull requests and checking if each one is mergeable. A call to the REST API retrieves a list of pull requests and their [summary representations](/rest#summary-representations): ```shell curl -v {% data variables.product.api_url_pre %}/repos/:owner/:repo/pulls ``` -确定拉取请求是否可合并需要分别检索每个拉取请求,查看其[详细陈述](/rest#detailed-representations)(大型有效负载),并检查它的 `mergeable` 属性是真还是假: +Determining if a pull request is mergeable requires retrieving each pull request individually for its [detailed representation](/rest#detailed-representations) (a large payload) and checking whether its `mergeable` attribute is true or false: ```shell curl -v {% data variables.product.api_url_pre %}/repos/:owner/:repo/pulls/:number ``` -使用 GraphQL,可以仅检索每个拉取请求的 `number` 和 `mergeable` 特性: +With GraphQL, you could retrieve only the `number` and `mergeable` attributes for each pull request: ```graphql query { @@ -89,9 +86,9 @@ query { } ``` -## 示例:嵌套 +## Example: Nesting -通过嵌套字段查询,可将多个 REST 调用替换为更少的 GraphQL 查询。 例如,利用 REST AP 检索拉取请求及其提交、非评审注释和评审需要四个单独的调用: +Querying with nested fields lets you replace multiple REST calls with fewer GraphQL queries. For example, retrieving a pull request along with its commits, non-review comments, and reviews using the **REST API** requires four separate calls: ```shell curl -v {% data variables.product.api_url_pre %}/repos/:owner/:repo/pulls/:number curl -v {% data variables.product.api_url_pre %}/repos/:owner/:repo/pulls/:number/commits @@ -99,7 +96,7 @@ curl -v {% data variables.product.api_url_pre %}/repos/:owner/:repo/issues/:numb curl -v {% data variables.product.api_url_pre %}/repos/:owner/:repo/pulls/:number/reviews ``` -使用 GraphQL API,可以利用嵌套字段通过单个查询检索数据: +Using the **GraphQL API**, you can retrieve the data with a single query using nested fields: ```graphql { @@ -137,13 +134,13 @@ curl -v {% data variables.product.api_url_pre %}/repos/:owner/:repo/pulls/:numbe } ``` -也可以通过[用变量替换](/graphql/guides/forming-calls-with-graphql#working-with-variables)拉取请求编号来扩大此查询的能力。 +You can also extend the power of this query by [substituting a variable](/graphql/guides/forming-calls-with-graphql#working-with-variables) for the pull request number. -## 示例:强类型化 +## Example: Strong typing -GraphQL 架构属于强类型化架构,可使数据处理更加安全。 +GraphQL schemas are strongly typed, making data handling safer. -考虑一个利用 GraphQL [突变](/graphql/reference/mutations)向问题或拉取请求添加注释,并错误地将 [`clientMutationId`](/graphql/reference/mutations#addcomment) 值指定为整数而非字符串的示例: +Consider an example of adding a comment to an issue or pull request using a GraphQL [mutation](/graphql/reference/mutations), and mistakenly specifying an integer rather than a string for the value of [`clientMutationId`](/graphql/reference/mutations#addcomment): ```graphql mutation { @@ -166,7 +163,7 @@ mutation { } ``` -执行此查询将返回错误,并指定此操作的预期类型: +Executing this query returns errors specifying the expected types for the operation: ```json { @@ -194,7 +191,7 @@ mutation { } ``` -用引号括住 `1234` 可将此值从整数转换为字符串,预期类型为: +Wrapping `1234` in quotes transforms the value from an integer into a string, the expected type: ```graphql mutation { diff --git a/translations/zh-CN/content/graphql/overview/about-the-graphql-api.md b/translations/zh-CN/content/graphql/overview/about-the-graphql-api.md index 6b873663a5..9e664b44ce 100644 --- a/translations/zh-CN/content/graphql/overview/about-the-graphql-api.md +++ b/translations/zh-CN/content/graphql/overview/about-the-graphql-api.md @@ -1,6 +1,6 @@ --- -title: 关于 GraphQL API -intro: '{% data variables.product.prodname_dotcom %} GraphQL API 具有灵活性,而且能够准确定义您要获取的数据。' +title: About the GraphQL API +intro: 'The {% data variables.product.prodname_dotcom %} GraphQL API offers flexibility and the ability to define precisely the data you want to fetch.' versions: fpt: '*' ghec: '*' @@ -8,55 +8,52 @@ versions: ghae: '*' topics: - API -ms.openlocfilehash: 9b447925609425157d5d965370c09fdd12d30b56 -ms.sourcegitcommit: fb047f9450b41b24afc43d9512a5db2a2b750a2a -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/11/2022 -ms.locfileid: '145066002' --- -## 概述 -下面是一些帮助您启动和运行 GraphQL API 的快速链接: +## Overview -* [身份验证](/graphql/guides/forming-calls-with-graphql#authenticating-with-graphql) -* [根终结点](/graphql/guides/forming-calls-with-graphql#the-graphql-endpoint) -* [架构内省](/graphql/guides/introduction-to-graphql#discovering-the-graphql-api) -* [速率限制](/graphql/overview/resource-limitations) -* [从 REST 迁移](/graphql/guides/migrating-from-rest-to-graphql) +Here are some quick links to get you up and running with the GraphQL API: -## 关于 GraphQL +* [Authentication](/graphql/guides/forming-calls-with-graphql#authenticating-with-graphql) +* [Root endpoint](/graphql/guides/forming-calls-with-graphql#the-graphql-endpoint) +* [Schema introspection](/graphql/guides/introduction-to-graphql#discovering-the-graphql-api) +* [Rate limits](/graphql/overview/resource-limitations) +* [Migrating from REST](/graphql/guides/migrating-from-rest-to-graphql) -[GraphQL](https://graphql.github.io/) 数据查询语言是: +For more information about {% data variables.product.company_short %}'s APIs, see "[About {% data variables.product.company_short %}'s APIs](/developers/overview/about-githubs-apis)." -* **[规范](https://graphql.github.io/graphql-spec/June2018/)。** 该规范确定 API 服务器上的[架构](/graphql/guides/introduction-to-graphql#schema) 的有效性。 架构可确定客户端调用的有效性。 +## About GraphQL -* **[强类型化](#about-the-graphql-schema-reference)。** 架构可定义 API 的类型系统和所有对象关系。 +The [GraphQL](https://graphql.github.io/) data query language is: -* **[内省](/graphql/guides/introduction-to-graphql#discovering-the-graphql-api)。** 客户端可查询架构,了解关于架构的详细信息。 +* **A [specification](https://graphql.github.io/graphql-spec/June2018/).** The spec determines the validity of the [schema](/graphql/guides/introduction-to-graphql#schema) on the API server. The schema determines the validity of client calls. -* **[分层](/graphql/guides/forming-calls-with-graphql)。** GraphQL 调用的形式可反映它返回的 JSON 数据的形式。 [嵌套字段](/graphql/guides/migrating-from-rest-to-graphql#example-nesting)可用于仅查询和接收单个往返向行程中指定的数据。 +* **[Strongly typed](#about-the-graphql-schema-reference).** The schema defines an API's type system and all object relationships. -* **应用程序层。** GraphQL 不是存储模型或数据库查询语言。 “图”是指架构中定义的图形结构,其中,[节点](/graphql/guides/introduction-to-graphql#node)定义对象,[边缘](/graphql/guides/introduction-to-graphql#edge)定义对象之间的关系。 API 可以根据架构定义遍历和返回应用数据,与数据的存储方式无关。 +* **[Introspective](/graphql/guides/introduction-to-graphql#discovering-the-graphql-api).** A client can query the schema for details about the schema. -## GitHub 为什么使用 GraphQL +* **[Hierarchical](/graphql/guides/forming-calls-with-graphql).** The shape of a GraphQL call mirrors the shape of the JSON data it returns. [Nested fields](/graphql/guides/migrating-from-rest-to-graphql#example-nesting) let you query for and receive only the data you specify in a single round trip. -GitHub 选择 GraphQL,因为它可以为我们的集成商提供明显更高的灵活性。 与传统 REST API 终结点相比,精确定义所需数据且仅定义所需数据的能力是一个强大的优势——。 GraphQL 可用于将多个 REST 请求替换为单个调用,以获取指定的数据。 +* **An application layer.** GraphQL is not a storage model or a database query language. The _graph_ refers to graph structures defined in the schema, where [nodes](/graphql/guides/introduction-to-graphql#node) define objects and [edges](/graphql/guides/introduction-to-graphql#edge) define relationships between objects. The API traverses and returns application data based on the schema definitions, independent of how the data is stored. -有关 GitHub 为什么投资 GraphQL 的详细信息,请参阅原始[公告博客文章](https://github.blog/2016-09-14-the-github-graphql-api/)。 +## Why GitHub is using GraphQL -## 关于 GraphQL 架构引用 +GitHub chose GraphQL because it offers significantly more flexibility for our integrators. The ability to define precisely the data you want—and _only_ the data you want—is a powerful advantage over traditional REST API endpoints. GraphQL lets you replace multiple REST requests with _a single call_ to fetch the data you specify. -边栏中的文档是从 {% data variables.product.prodname_dotcom %} GraphQL [架构](/graphql/guides/introduction-to-graphql#discovering-the-graphql-api)生成的。 所有调用均根据架构验证和执行。 使用这些文档查找您可以调用的数据: +For more details about why GitHub invested in GraphQL, see the original [announcement blog post](https://github.blog/2016-09-14-the-github-graphql-api/). -* 允许的操作:[查询](/graphql/reference/queries)和[突变](/graphql/reference/mutations)。 +## About the GraphQL schema reference -* 架构定义的类型:[标量](/graphql/reference/scalars)、[对象](/graphql/reference/objects)、[枚举类型](/graphql/reference/enums)、[接口](/graphql/reference/interfaces)、[联合](/graphql/reference/unions)和[输入对象](/graphql/reference/input-objects)。 +The docs in the sidebar are generated from the {% data variables.product.prodname_dotcom %} GraphQL [schema](/graphql/guides/introduction-to-graphql#discovering-the-graphql-api). All calls are validated and executed against the schema. Use these docs to find out what data you can call: -可以通过 [Explorer 文档边栏](/graphql/guides/using-the-explorer#accessing-the-sidebar-docs)访问同样的内容。 请注意,您可能需要依靠文档和架构验证才能成功调用 GraphQL API。 +* Allowed operations: [queries](/graphql/reference/queries) and [mutations](/graphql/reference/mutations). -有关其他信息,如身份验证和速率限制详细信息,请查看[指南](/graphql/guides)。 +* Schema-defined types: [scalars](/graphql/reference/scalars), [objects](/graphql/reference/objects), [enums](/graphql/reference/enums), [interfaces](/graphql/reference/interfaces), [unions](/graphql/reference/unions), and [input objects](/graphql/reference/input-objects). -## 请求支持 +You can access this same content via the [Explorer Docs sidebar](/graphql/guides/using-the-explorer#accessing-the-sidebar-docs). Note that you may need to rely on both the docs and the schema validation to successfully call the GraphQL API. + +For other information, such as authentication and rate limit details, check out the [guides](/graphql/guides). + +## Requesting support {% data reusables.support.help_resources %} diff --git a/translations/zh-CN/content/issues/planning-and-tracking-with-projects/automating-your-project/using-the-api-to-manage-projects.md b/translations/zh-CN/content/issues/planning-and-tracking-with-projects/automating-your-project/using-the-api-to-manage-projects.md index 612eb9bf30..44fc59d190 100644 --- a/translations/zh-CN/content/issues/planning-and-tracking-with-projects/automating-your-project/using-the-api-to-manage-projects.md +++ b/translations/zh-CN/content/issues/planning-and-tracking-with-projects/automating-your-project/using-the-api-to-manage-projects.md @@ -1,32 +1,27 @@ --- -title: '使用 API 管理 {% data variables.product.prodname_projects_v2 %}' -shortTitle: Automating with the API -intro: 可使用 GraphQL API 自动执行项目。 +title: 'Using the API to manage {% data variables.product.prodname_projects_v2 %}' +shortTitle: 'Automating with the API' +intro: 'You can use the GraphQL API to automate your projects.' miniTocMaxHeadingLevel: 3 versions: - feature: projects-v2 + feature: "projects-v2" redirect_from: - /issues/trying-out-the-new-projects-experience/using-the-api-to-manage-projects type: tutorial topics: - Projects allowTitleToDifferFromFilename: true -ms.openlocfilehash: e1ec0d34e302d97fcb3a6c87f37c8214f3965c90 -ms.sourcegitcommit: 478f2931167988096ae6478a257f492ecaa11794 -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/09/2022 -ms.locfileid: '147723255' --- -本文演示如何使用 GraphQL API 来管理项目。 有关如何在 {% data variables.product.prodname_actions %} 工作流中使用 API 的详细信息,请参阅“[使用 Actions 自动执行 {% data variables.product.prodname_projects_v2 %}](/issues/planning-and-tracking-with-projects/automating-your-project/automating-projects-using-actions)”。 有关可用数据类型的完整列表,请参阅“[参考](/graphql/reference)”。 + +This article demonstrates how to use the GraphQL API to manage a project. For more information about how to use the API in a {% data variables.product.prodname_actions %} workflow, see "[Automating {% data variables.product.prodname_projects_v2 %} using Actions](/issues/planning-and-tracking-with-projects/automating-your-project/automating-projects-using-actions)." For a full list of the available data types, see "[Reference](/graphql/reference)." {% data reusables.projects.graphql-deprecation %} -## 身份验证 +## Authentication {% curl %} -在所有下面的 cURL 示例中,将 `TOKEN` 替换为具有 `read:project` 范围(对于查询)或 `project` 范围(对于查询和突变)的令牌。 令牌可以是用户的个人访问令牌,也可以是 {% data variables.product.prodname_github_app %} 的安装访问令牌。 有关创建个人访问令牌的详细信息,请参阅“[创建个人访问令牌](/github/authenticating-to-github/keeping-your-account-and-data-secure/creating-a-personal-access-token)”。 有关为 {% data variables.product.prodname_github_app %} 创建安装访问令牌的详细信息,请参阅“[使用 {% data variables.product.prodname_github_apps %} 进行身份验证](/developers/apps/building-github-apps/authenticating-with-github-apps#authenticating-as-a-github-app)”。 +In all of the following cURL examples, replace `TOKEN` with a token that has the `read:project` scope (for queries) or `project` scope (for queries and mutations). The token can be a personal access token for a user or an installation access token for a {% data variables.product.prodname_github_app %}. For more information about creating a personal access token, see "[Creating a personal access token](/github/authenticating-to-github/keeping-your-account-and-data-secure/creating-a-personal-access-token)." For more information about creating an installation access token for a {% data variables.product.prodname_github_app %}, see "[Authenticating with {% data variables.product.prodname_github_apps %}](/developers/apps/building-github-apps/authenticating-with-github-apps#authenticating-as-a-github-app)." {% endcurl %} @@ -34,15 +29,15 @@ ms.locfileid: '147723255' {% data reusables.cli.cli-learn-more %} -在运行 {% data variables.product.prodname_cli %} 命令之前,必须通过运行 `gh auth login --scopes "project"` 进行身份验证。 如果只需要阅读而不是编辑项目,则可以提供 `read:project` 范围而不是 `project`。 有关命令行身份验证的详细信息,请参阅“[gh auth login](https://cli.github.com/manual/gh_auth_login)”。 +Before running {% data variables.product.prodname_cli %} commands, you must authenticate by running `gh auth login --scopes "project"`. If you only need to read, but not edit, projects, you can provide the `read:project` scope instead of `project`. For more information on command line authentication, see "[gh auth login](https://cli.github.com/manual/gh_auth_login)." {% endcli %} {% cli %} -## 使用变量 +## Using variables -在以下所有示例中,您可以使用变量来简化脚本。 使用 `-F` 传递是数字、布尔值或空值的变量。 对其他变量使用 `-f`。 例如, +In all of the following examples, you can use variables to simplify your scripts. Use `-F` to pass a variable that is a number, Boolean, or null. Use `-f` for other variables. For example, ```shell my_org="octo-org" @@ -57,19 +52,19 @@ gh api graphql -f query=' }' -f organization=$my_org -F number=$my_num ``` -有关详细信息,请参阅“[使用 GraphQL 形成调用](/graphql/guides/forming-calls-with-graphql#working-with-variables)”。 +For more information, see "[Forming calls with GraphQL](/graphql/guides/forming-calls-with-graphql#working-with-variables)." {% endcli %} -## 查找项目信息 +## Finding information about projects -使用查询获取项目数据。 有关详细信息,请参阅“[关于查询](/graphql/guides/forming-calls-with-graphql#about-queries)”。 +Use queries to get data about projects. For more information, see "[About queries](/graphql/guides/forming-calls-with-graphql#about-queries)." -### 查找组织项目的节点 ID +### Finding the node ID of an organization project -要通过 API 更新您的项目,您需要知道项目的节点 ID。 +To update your project through the API, you will need to know the node ID of the project. -如果您知道组织名称和项目编号,则可以找到组织项目的节点 ID。 将 `ORGANIZATION` 替换为组织的名称。 例如,`octo-org`。 将 `NUMBER` 替换为项目编号。 要查找项目编号,请查看项目 URL。 例如,`https://github.com/orgs/octo-org/projects/5` 的项目编号为 5。 +You can find the node ID of an organization project if you know the organization name and project number. Replace `ORGANIZATION` with the name of your organization. For example, `octo-org`. Replace `NUMBER` with the project number. To find the project number, look at the project URL. For example, `https://github.com/orgs/octo-org/projects/5` has a project number of 5. {% curl %} ```shell @@ -93,7 +88,7 @@ gh api graphql -f query=' ``` {% endcli %} -您也可以在组织中找到所有项目的节点 ID。 下面的示例将返回组织中前 20 个项目的节点 ID 和标题。 将 `ORGANIZATION` 替换为组织的名称。 例如,`octo-org`。 +You can also find the node ID of all projects in your organization. The following example will return the node ID and title of the first 20 projects in an organization. Replace `ORGANIZATION` with the name of your organization. For example, `octo-org`. {% curl %} ```shell @@ -120,11 +115,11 @@ gh api graphql -f query=' ``` {% endcli %} -### 查找用户项目的节点 ID +### Finding the node ID of a user project -要通过 API 更新您的项目,您需要知道项目的节点 ID。 +To update your project through the API, you will need to know the node ID of the project. -如果您知道项目编号,则可以找到用户项目的节点 ID。 请将 `USER` 替换为你的用户名。 例如,`octocat`。 将 `NUMBER` 替换为项目编号。 要查找项目编号,请查看项目 URL。 例如,`https://github.com/users/octocat/projects/5` 的项目编号为 5。 +You can find the node ID of a user project if you know the project number. Replace `USER` with your user name. For example, `octocat`. Replace `NUMBER` with your project number. To find the project number, look at the project URL. For example, `https://github.com/users/octocat/projects/5` has a project number of 5. {% curl %} ```shell @@ -148,7 +143,7 @@ gh api graphql -f query=' ``` {% endcli %} -您还可以找到所有项目的节点 ID。 以下示例将返回前 20 个项目的节点 ID 和标题。 将 `USER` 替换为你的用户名。 例如,`octocat`。 +You can also find the node ID for all of your projects. The following example will return the node ID and title of your first 20 projects. Replace `USER` with your username. For example, `octocat`. {% curl %} ```shell @@ -175,11 +170,11 @@ gh api graphql -f query=' ``` {% endcli %} -### 查找字段的节点 ID +### Finding the node ID of a field -要更新字段的值,您需要知道字段的节点 ID。 此外,您还需要知道单个选择字段的选项 ID 和迭代字段的迭代 ID。 +To update the value of a field, you will need to know the node ID of the field. Additionally, you will need to know the ID of the options for single select fields and the ID of the iterations for iteration fields. -以下示例将返回项目中前 20 个字段的 ID、名称、设置和配置。 将 `PROJECT_ID` 替换为项目的节点 ID。 +The following example will return the ID, name, settings, and configuration for the first 20 fields in a project. Replace `PROJECT_ID` with the node ID of your project. {% curl %} ```shell @@ -228,7 +223,7 @@ gh api graphql -f query=' ``` {% endcli %} -响应将如以下示例中所示: +The response will look similar to the following example: ```json { @@ -281,9 +276,9 @@ gh api graphql -f query=' } ``` -每个字段都有一个 ID 和名称。 单选字段作为 `ProjectV2SingleSelectField` 对象返回,并有一个 `options` 字段,可以在其中找到单选每个选项的 ID。 迭代字段作为 `ProjectV2IterationField` 对象返回,并具有一个 `configuration` 字段,其中包括一个 `iterations` 字段,该字段包含有关每次迭代的 ID 和信息。 +Each field has an ID and name. Single select fields are returned as a `ProjectV2SingleSelectField` object and have an `options` field where you can find the ID of each option for the single select. Iteration fields are returned as a `ProjectV2IterationField` object and have a `configuration` field which includes an `iterations` field containing the ID and information about each iteration. -如果只需要字段的名称和 ID,而不需要有关迭代或单个选择字段选项的信息,则可以使用 `ProjectV2FieldCommon` 对象。 +If you just need the name and ID of a field, and do not need information about iterations or a single select field's options, you can make use of the `ProjectV2FieldCommon` object. {% curl %} ```shell @@ -314,7 +309,7 @@ gh api graphql -f query=' ``` {% endcli %} -使用 `ProjectV2FieldCommon` 对象时的响应类似于以下示例: +The response when using the `ProjectV2FieldCommon` object will look similar to the following example: ```json { @@ -349,11 +344,11 @@ gh api graphql -f query=' } ``` -### 查找项目中各项的信息 +### Finding information about items in a project -您可以查询 API 来查找项目中各项的信息。 +You can query the API to find information about items in your project. -以下示例将返回项目中的前 20 个问题、拉取请求和草稿问题。 对于问题和拉取请求,它还将返回标题和前 10 个被分派人。 对于草稿问题,它将返回标题和正文。 该示例还将返回项目前 8 个字段中任何文本、日期或单个选择字段的字段名称和值。 将 `PROJECT_ID` 替换为项目的节点 ID。 +The following example will return the first 20 issues, pull requests, and draft issues in a project. For issues and pull requests, it will also return title and the first 10 assignees. For draft issue, it will return the title and body. The example will also return the field name and value for any text, date, or single select fields in the first 8 fields of the project. Replace `PROJECT_ID` with the node ID of your project. {% curl %} ```shell @@ -431,21 +426,21 @@ gh api graphql -f query=' ``` {% endcli %} -项目可能包含用户无权查看的项。 在这种情况下,项目类型将返回为 `REDACTED`。 +A project may contain items that a user does not have permission to view. In this case, the item type will be returned as `REDACTED`. -## 更新项目 +## Updating projects -使用突变来更新项目。 有关详细信息,请参阅“[关于变更](/graphql/guides/forming-calls-with-graphql#about-mutations)”。 +Use mutations to update projects. For more information, see "[About mutations](/graphql/guides/forming-calls-with-graphql#about-mutations)." {% note %} -注意:你不能在同一调用中添加和更新项。 你必须使用 `addProjectV2ItemById` 来添加项,然后使用 `updateProjectV2ItemFieldValue` 来更新项。 +**Note:** You cannot add and update an item in the same call. You must use `addProjectV2ItemById` to add the item and then use `updateProjectV2ItemFieldValue` to update the item. {% endnote %} -### 添加项到项目 +### Adding an item to a project -以下示例将向您的项目添加议题或拉取请求。 将 `PROJECT_ID` 替换为项目的节点 ID。 将 `CONTENT_ID` 替换为议题的节点 ID 或你想要添加的拉取请求。 +The following example will add an issue or pull request to your project. Replace `PROJECT_ID` with the node ID of your project. Replace `CONTENT_ID` with the node ID of the issue or pull request that you want to add. {% curl %} ```shell @@ -469,7 +464,7 @@ gh api graphql -f query=' ``` {% endcli %} -响应将包含新建项目的节点 ID。 +The response will contain the node ID of the newly created item. ```json { @@ -483,11 +478,11 @@ gh api graphql -f query=' } ``` -如果您尝试添加已经存在的项,则返回现有项 ID。 +If you try to add an item that already exists, the existing item ID is returned instead. -### 向项目添加草稿问题 +### Adding a draft issue to a project -以下示例将向项目添加草稿问题。 将 `PROJECT_ID` 替换为项目的节点 ID。 将 `TITLE` 和 `BODY` 替换为新草稿问题所需的内容。 +The following example will add a draft issue to your project. Replace `PROJECT_ID` with the node ID of your project. Replace `TITLE` and `BODY` with the content you want for the new draft issue. {% curl %} ```shell @@ -511,7 +506,7 @@ gh api graphql -f query=' ``` {% endcli %} -响应将包含新建的草稿问题的节点 ID。 +The response will contain the node ID of the newly created draft issue. ```json { @@ -525,9 +520,9 @@ gh api graphql -f query=' } ``` -### 更新项目的设置 +### Updating a project's settings -以下示例将更新项目的设置。 将 `PROJECT_ID` 替换为项目的节点 ID。 将 `public` 设置为 `true`,以便在 {% data variables.product.product_name %} 上公开你的项目。 修改 `readme` 以对项目的 README 进行更改。 +The following example will update your project's settings. Replace `PROJECT_ID` with the node ID of your project. Set `public` to `true` to make your project public on {% data variables.product.product_name %}. Modify `readme` to make changes to your project's README. {% curl %} ```shell @@ -562,9 +557,9 @@ gh api graphql -f query=' ``` {% endcli %} -### 更新自定义文本、数字或日期字段 +### Updating a custom text, number, or date field -以下示例将更新项目的文本字段的值。 将 `PROJECT_ID` 替换为项目的节点 ID。 将 `ITEM_ID` 替换为你想要更新的项的节点 ID。 将 `FIELD_ID` 替换为你想要更新的字段的 ID。 +The following example will update the value of a text field for an item. Replace `PROJECT_ID` with the node ID of your project. Replace `ITEM_ID` with the node ID of the item you want to update. Replace `FIELD_ID` with the ID of the field that you want to update. {% curl %} ```shell @@ -599,7 +594,7 @@ gh api graphql -f query=' {% note %} -注意:你不能使用 `updateProjectV2ItemFieldValue` 更改 `Assignees`、`Labels`、`Milestone` 或 `Repository`,因为这些字段是拉取请求和议题,而不是项目项的属性。 相反,可以使用以下突变: +**Note:** You cannot use `updateProjectV2ItemFieldValue` to change `Assignees`, `Labels`, `Milestone`, or `Repository` because these fields are properties of pull requests and issues, not of project items. Instead, you may use the following mutations: - [addAssigneesToAssignable](/graphql/reference/mutations#addassigneestoassignable) - [removeAssigneesFromAssignable](/graphql/reference/mutations#removeassigneesfromassignable) @@ -611,14 +606,14 @@ gh api graphql -f query=' {% endnote %} -### 更新单选字段 +### Updating a single select field -下面的示例将更新项的单选字段值。 +The following example will update the value of a single select field for an item. -- `PROJECT_ID` - 将此值替换为项目的节点 ID。 -- `ITEM_ID` - 将此值替换为你想要更新的项的节点 ID。 -- `FIELD_ID` - 将此值替换为你想要更新的单选字段的 ID。 -- `OPTION_ID` - 将此值替换为所需单选选项的 ID。 +- `PROJECT_ID` - Replace this with the node ID of your project. +- `ITEM_ID` - Replace this with the node ID of the item you want to update. +- `FIELD_ID` - Replace this with the ID of the single select field that you want to update. +- `OPTION_ID` - Replace this with the ID of the desired single select option. {% curl %} ```shell @@ -651,14 +646,14 @@ gh api graphql -f query=' ``` {% endcli %} -### 更新迭代字段 +### Updating an iteration field -下面的示例将更新项的迭代字段值。 +The following example will update the value of an iteration field for an item. -- `PROJECT_ID` - 将此值替换为项目的节点 ID。 -- `ITEM_ID` - 将此值替换为你想要更新的项的节点 ID。 -- `FIELD_ID` - 将此值替换为你想要更新的迭代字段的 ID。 -- `ITERATION_ID` - 将此值替换为所需迭代的 ID。 这可以是活动的或已完成的迭代。 +- `PROJECT_ID` - Replace this with the node ID of your project. +- `ITEM_ID` - Replace this with the node ID of the item you want to update. +- `FIELD_ID` - Replace this with the ID of the iteration field that you want to update. +- `ITERATION_ID` - Replace this with the ID of the desired iteration. This can be either an active or completed iteration. {% curl %} ```shell @@ -691,9 +686,9 @@ gh api graphql -f query=' ``` {% endcli %} -### 从项目中删除项 +### Deleting an item from a project -下面的示例将从项目中删除一个项。 将 `PROJECT_ID` 替换为项目的节点 ID。 将 `ITEM_ID` 替换为你想要删除的项的节点 ID。 +The following example will delete an item from a project. Replace `PROJECT_ID` with the node ID of your project. Replace `ITEM_ID` with the node ID of the item you want to delete. {% curl %} ```shell @@ -720,6 +715,61 @@ gh api graphql -f query=' ``` {% endcli %} -## 使用 Webhook +## Managing projects -可使用 Webhook 来订阅项目中发生的事件。 例如,编辑某项时,{% data variables.product.product_name %} 可以将 HTTP POST 有效负载发送到 Webhook 的配置 URL,从而在服务器上触发自动化。 有关 Webhook 的详细信息,请参阅“[关于 Webhook](/developers/webhooks-and-events/webhooks/about-webhooks)”。 要详细了解 [ Webhook 事件,请参阅“`projects_v2_item`Webhook 事件和有效负载](/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#projects_v2_item)”。 +### Creating projects + +You can use a mutation to create a new project. For more information, see "[About mutations](/graphql/guides/forming-calls-with-graphql#about-mutations)." + +To create a new project using the API, you'll need to provide a name for the project and the node ID of a {% data variables.product.product_name %} user or organization who will become the project's owner. + +You can find the node ID of a {% data variables.product.product_name %} user or organization if you know the username. Replace GITHUB_OWNER with the {% data variables.product.product_name %} username of the new project owner. + +{% curl %} +```shell +curl --request GET \ + --url https://api.github.com/users/GITHUB_OWNER \ + --header 'Authorization: token TOKEN' \ + --header 'Accept: application/vnd.github+json' +``` +{% endcurl %} + +{% cli %} +```shell +gh api -H "Accept: application/vnd.github+json" /users/GITHUB_OWNER +``` +{% endcli %} + +To create the project, replace `OWNER_ID` with the node ID of the new project owner and replace `PROJECT_NAME` with a name for the project. + +{% curl %} +```shell +curl --request POST \ + --url https://api.github.com/graphql \ + --header 'Authorization: token TOKEN' \ + --data '{"query":"mutation {createProjectV2(input: {ownerId: \"OWNER_ID\" title: \"PROJECT_NAME\"}) {projectV2 {id}}}"}' +``` +{% endcurl %} + +{% cli %} +```shell +gh api graphql -f query=' + mutation{ + createProjectV2( + input: { + ownerId: "OWNER_ID", + title: "PROJECT_NAME" + } + ){ + projectV2 { + id + } + } + }' +``` +{% endcli %} + + +## Using webhooks + +You can use webhooks to subscribe to events taking place in your project. For example, when an item is edited, {% data variables.product.product_name %} can send a HTTP POST payload to the webhook's configured URL which can trigger automation on your server. For more information about webhooks, see "[About webhooks](/developers/webhooks-and-events/webhooks/about-webhooks)." To learn more about the `projects_v2_item` webhook event, see "[Webhook events and payloads](/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#projects_v2_item)." diff --git a/translations/zh-CN/content/issues/tracking-your-work-with-issues/creating-a-branch-for-an-issue.md b/translations/zh-CN/content/issues/tracking-your-work-with-issues/creating-a-branch-for-an-issue.md index dcb30447f5..686e71502b 100644 --- a/translations/zh-CN/content/issues/tracking-your-work-with-issues/creating-a-branch-for-an-issue.md +++ b/translations/zh-CN/content/issues/tracking-your-work-with-issues/creating-a-branch-for-an-issue.md @@ -4,7 +4,7 @@ intro: 可以创建一个分支以直接从问题页面处理问题,方便快 versions: fpt: '*' ghes: '>=3.5' - ghae: issue-6234 + ghae: '>= 3.5' ghec: '*' allowTitleToDifferFromFilename: true topics: diff --git a/translations/zh-CN/content/issues/tracking-your-work-with-issues/linking-a-pull-request-to-an-issue.md b/translations/zh-CN/content/issues/tracking-your-work-with-issues/linking-a-pull-request-to-an-issue.md index ff7dea8516..5802070b3c 100644 --- a/translations/zh-CN/content/issues/tracking-your-work-with-issues/linking-a-pull-request-to-an-issue.md +++ b/translations/zh-CN/content/issues/tracking-your-work-with-issues/linking-a-pull-request-to-an-issue.md @@ -69,7 +69,7 @@ You can manually link up to ten issues to each pull request. The issue and pull {% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-pr %} 3. In the list of pull requests, click the pull request that you'd like to link to an issue. -{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6234 %} +{% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %} 4. In the right sidebar, in the "Development" section click {% octicon "gear" aria-label="The Gear icon" %}. {% else %} 4. In the right sidebar, click **Linked issues**. diff --git a/translations/zh-CN/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization.md b/translations/zh-CN/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization.md index b429076e0d..b63a8babc9 100644 --- a/translations/zh-CN/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization.md +++ b/translations/zh-CN/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization.md @@ -831,7 +831,7 @@ For more information, see "[Managing the publication of {% data variables.produc {% data reusables.actions.actions-audit-events-workflow %} ## Further reading -- "[Keeping your organization secure](/articles/keeping-your-organization-secure)"{% ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5146 %} +- "[Keeping your organization secure](/articles/keeping-your-organization-secure)"{% ifversion fpt or ghec or ghes > 3.3 or ghae > 3.3 %} {%- ifversion fpt or ghec %} - "[Exporting member information for your organization](/organizations/managing-membership-in-your-organization/exporting-member-information-for-your-organization)"{% endif %} {%- endif %} \ No newline at end of file diff --git a/translations/zh-CN/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-your-organizations-installed-integrations.md b/translations/zh-CN/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-your-organizations-installed-integrations.md index 516cd8d434..a9be5867bc 100644 --- a/translations/zh-CN/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-your-organizations-installed-integrations.md +++ b/translations/zh-CN/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-your-organizations-installed-integrations.md @@ -1,6 +1,6 @@ --- -title: 审查组织安装的集成 -intro: 您可以审查组织安装的集成的权限级别,并配置每个集成对组织仓库的访问权限。 +title: Reviewing your organization's installed integrations +intro: You can review the permission levels for your organization's installed integrations and configure each integration's access to organization repositories. redirect_from: - /articles/reviewing-your-organization-s-installed-integrations - /articles/reviewing-your-organizations-installed-integrations @@ -15,22 +15,20 @@ topics: - Organizations - Teams shortTitle: Review installed integrations -ms.openlocfilehash: 66645e6ebb4305a34cd7735269d77881ea2ed5ee -ms.sourcegitcommit: 47bd0e48c7dba1dde49baff60bc1eddc91ab10c5 -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/05/2022 -ms.locfileid: '145127517' --- -{% data reusables.profile.access_org %} {% data reusables.profile.org_settings %} {% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5658 %} -1. 在边栏的“集成”部分,单击“{% octicon "apps" aria-label="The apps icon" %} {% data variables.product.prodname_github_apps %}”。 + +{% data reusables.profile.access_org %} +{% data reusables.profile.org_settings %} +{% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %} +1. In the "Integrations" section of the sidebar, click **{% octicon "apps" aria-label="The apps icon" %} {% data variables.product.prodname_github_apps %}**. {% else %} -1. 在左侧边栏中,单击“已安装的 {% data variables.product.prodname_github_apps %}”。 - ![组织设置边栏中的“已安装的 {% data variables.product.prodname_github_apps %}”选项卡](/assets/images/help/organizations/org-settings-installed-github-apps.png) {% endif %} -2. 在要审阅的 {% data variables.product.prodname_github_app %} 旁边,单击“配置”。 - ![“配置”按钮](/assets/images/help/organizations/configure-installed-integration-button.png) -6. 审查 {% data variables.product.prodname_github_app %}的权限和仓库访问权限。 - ![授予 {% data variables.product.prodname_github_app %} 对所有存储库或特定存储库的访问权限的选项](/assets/images/help/organizations/toggle-integration-repo-access.png) - - 若要授予 {% data variables.product.prodname_github_app %} 对所有组织存储库的访问权限,请选择“所有存储库”。 - - 若要选择特定存储库以授予应用程序访问权限,请选择“仅选择存储库”,然后键入存储库名。 -7. 单击“保存” 。 +1. In the left sidebar, click **Installed {% data variables.product.prodname_github_apps %}**. + ![Installed {% data variables.product.prodname_github_apps %} tab in the organization settings sidebar](/assets/images/help/organizations/org-settings-installed-github-apps.png) +{% endif %} +2. Next to the {% data variables.product.prodname_github_app %} you'd like to review, click **Configure**. + ![Configure button](/assets/images/help/organizations/configure-installed-integration-button.png) +6. Review the {% data variables.product.prodname_github_app %}'s permissions and repository access. + ![Option to give the {% data variables.product.prodname_github_app %} access to all repositories or specific repositories](/assets/images/help/organizations/toggle-integration-repo-access.png) + - To give the {% data variables.product.prodname_github_app %} access to all of your organization's repositories, select **All repositories**. + - To choose specific repositories to give the application access to, select **Only select repositories**, then type a repository name. +7. Click **Save**. diff --git a/translations/zh-CN/content/organizations/managing-access-to-your-organizations-repositories/adding-outside-collaborators-to-repositories-in-your-organization.md b/translations/zh-CN/content/organizations/managing-access-to-your-organizations-repositories/adding-outside-collaborators-to-repositories-in-your-organization.md index 8bd2a7064a..99f3938c99 100644 --- a/translations/zh-CN/content/organizations/managing-access-to-your-organizations-repositories/adding-outside-collaborators-to-repositories-in-your-organization.md +++ b/translations/zh-CN/content/organizations/managing-access-to-your-organizations-repositories/adding-outside-collaborators-to-repositories-in-your-organization.md @@ -1,6 +1,6 @@ --- -title: 添加外部协作者到组织的仓库 -intro: 您可以允许不属于您组织成员的人员访问您的组织拥有的仓库。 +title: Adding outside collaborators to repositories in your organization +intro: You can allow people who aren't members of your organization to access repositories that your organization owns. redirect_from: - /articles/adding-outside-collaborators-to-repositories-in-your-organization - /github/setting-up-and-managing-organizations-and-teams/adding-outside-collaborators-to-repositories-in-your-organization @@ -14,35 +14,39 @@ topics: - Teams shortTitle: Add outside collaborator permissions: People with admin access to a repository can add an outside collaborator to the repository. -ms.openlocfilehash: caac79aba845f433effd3a3461e739d07cee135b -ms.sourcegitcommit: 47bd0e48c7dba1dde49baff60bc1eddc91ab10c5 -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/05/2022 -ms.locfileid: '145127483' --- -## 关于外部协作者 -外部协作者是指不是您组织的成员,但有权访问您组织的一个或多个仓库的人员。 您可以选择要为每个外部协作者授予的访问权限级别。 {% data reusables.organizations.outside_collaborator_forks %} +## About outside collaborators + +An outside collaborator is a person who is not a member of your organization, but has access to one or more of your organization's repositories. You can choose the level of access to grant for each outside collaborator. {% data reusables.organizations.outside_collaborator_forks %} {% data reusables.organizations.outside-collaborators-use-seats %} -{% ifversion fpt %} 使用 {% data variables.product.prodname_ghe_cloud %} 的组织可以限制邀请协作者的能力。 有关详细信息,请参阅 {% data variables.product.prodname_ghe_cloud %} 文档中的“[设置添加外部协作者的权限](/enterprise-cloud@latest/organizations/managing-organization-settings/setting-permissions-for-adding-outside-collaborators)”。 -{% else %} 组织所有者可以限制邀请协作者的能力。 有关详细信息,请参阅“[设置添加外部协作者的权限](/organizations/managing-organization-settings/setting-permissions-for-adding-outside-collaborators)”。 +{% ifversion fpt %} +Organizations that use {% data variables.product.prodname_ghe_cloud %} can restrict the ability to invite collaborators. For more information, see "[Setting permissions for adding outside collaborators](/enterprise-cloud@latest/organizations/managing-organization-settings/setting-permissions-for-adding-outside-collaborators)" in the {% data variables.product.prodname_ghe_cloud %} documentation. +{% else %} +An organization owner can restrict the ability to invite collaborators. For more information, see "[Setting permissions for adding outside collaborators](/organizations/managing-organization-settings/setting-permissions-for-adding-outside-collaborators)." {% endif %} -{% ifversion ghes %} 要将某人添加为存储库的外部协作者,此人必须在 {% data variables.product.product_location %} 上拥有个人帐户。 如果您的企业使用外部身份验证系统(如 SAML 或 LDAP),则要添加的人员必须通过该系统登录才能创建帐户。 如果此人无权访问身份验证系统,并且为你的企业启用了内置身份验证,则网站管理员可以为该人员创建个人帐户。 有关详细信息,请参阅“[配置内置身份验证](/admin/identity-and-access-management/using-built-in-authentication/configuring-built-in-authentication)”。 +{% ifversion ghes %} +Before you can add someone as an outside collaborator on a repository, the person must have a personal account on {% data variables.product.product_location %}. If your enterprise uses an external authentication system such as SAML or LDAP, the person you want to add must sign in through that system to create an account. If the person does not have access to the authentication system and built-in authentication is enabled for your enterprise, a site administrator can create an account for the person. For more information, see "[Configuring built-in authentication](/admin/identity-and-access-management/using-built-in-authentication/configuring-built-in-authentication)." {% endif %} -{% ifversion not ghae %} 如果你的组织需要双因素身份验证,则在接受你的邀请以在存储库上进行协作之前,所有外部协作者都必须启用双因素身份验证。 有关详细信息,请参阅“[要求在组织中进行双因素身份验证](/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/requiring-two-factor-authentication-in-your-organization)”。 +{% ifversion not ghae %} +If your organization requires two-factor authentication, all outside collaborators must enable two-factor authentication before accepting your invitation to collaborate on a repository. For more information, see "[Requiring two-factor authentication in your organization](/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/requiring-two-factor-authentication-in-your-organization)." {% endif %} -## 添加外部协作者到仓库 +## Adding outside collaborators to a repository -{% ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5974 %} 你可以在存储库设置中授予外部协作者对存储库的访问权限。 有关详细信息,请参阅“[管理有权访问存储库的团队和人员](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/managing-teams-and-people-with-access-to-your-repository#inviting-a-team-or-person)”。 {% else %} {% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-settings %} -5. 在左侧边栏中,单击“协作者和团队”。 - ![突出显示协作者和团队的“存储库设置”侧边栏](/assets/images/help/repository/org-repo-settings-collaborators-and-teams.png) -6. 在“协作者”下,键入要授权其访问存储库的人员的名称,然后单击“添加协作者”。 -![在搜索字段中输入了 Octocat 用户名的“协作者”部分](/assets/images/help/repository/org-repo-collaborators-find-name.png) -7. 在新协作者的姓名旁边,使用下拉菜单并选择适当的访问权限级别。 -![存储库权限选择器](/assets/images/help/repository/org-repo-collaborators-choose-permissions.png) {% endif %} +{% ifversion fpt or ghec or ghes > 3.3 or ghae > 3.3 %} +You can give outside collaborators access to a repository in your repository settings. For more information, see "[Managing teams and people with access to your repository](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/managing-teams-and-people-with-access-to-your-repository#inviting-a-team-or-person)." +{% else %} +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.sidebar-settings %} +5. In the left sidebar, click **Collaborators & teams**. + ![Repository settings sidebar with Collaborators & teams highlighted](/assets/images/help/repository/org-repo-settings-collaborators-and-teams.png) +6. Under "Collaborators", type the name of the person you'd like to give access to the repository, then click **Add collaborator**. +![The Collaborators section with the Octocat's username entered in the search field](/assets/images/help/repository/org-repo-collaborators-find-name.png) +7. Next to the new collaborator's name, use the drop-down menu and select the appropriate access level. +![The repository permissions picker](/assets/images/help/repository/org-repo-collaborators-choose-permissions.png) +{% endif %} diff --git a/translations/zh-CN/content/organizations/managing-access-to-your-organizations-repositories/managing-an-individuals-access-to-an-organization-repository.md b/translations/zh-CN/content/organizations/managing-access-to-your-organizations-repositories/managing-an-individuals-access-to-an-organization-repository.md index 49d682d841..24fcd16b9f 100644 --- a/translations/zh-CN/content/organizations/managing-access-to-your-organizations-repositories/managing-an-individuals-access-to-an-organization-repository.md +++ b/translations/zh-CN/content/organizations/managing-access-to-your-organizations-repositories/managing-an-individuals-access-to-an-organization-repository.md @@ -1,6 +1,6 @@ --- -title: 管理个人对组织仓库的访问 -intro: 您可以管理个人对组织拥有的仓库的访问。 +title: Managing an individual's access to an organization repository +intro: You can manage a person's access to a repository owned by your organization. redirect_from: - /articles/managing-an-individual-s-access-to-an-organization-repository-early-access-program - /articles/managing-an-individual-s-access-to-an-organization-repository @@ -16,42 +16,43 @@ topics: - Teams shortTitle: Manage individual access permissions: People with admin access to a repository can manage access to the repository. -ms.openlocfilehash: 90a9df66f0cd4089634b2d29dd798b37629bbb7b -ms.sourcegitcommit: 47bd0e48c7dba1dde49baff60bc1eddc91ab10c5 -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/05/2022 -ms.locfileid: '145127478' --- -## 关于对组织仓库的访问 -从组织中的仓库删除协作者时,该协作者会失去对仓库的读写权限。 如果仓库是私有的,并且协作者对仓库进行了复刻,则其复刻也会被检测到,但协作者仍然保留仓库的任何本地克隆副本。 +## About access to organization repositories + +When you remove a collaborator from a repository in your organization, the collaborator loses read and write access to the repository. If the repository is private and the collaborator has forked the repository, then their fork is also deleted, but the collaborator will still retain any local clones of your repository. {% data reusables.repositories.deleted_forks_from_private_repositories_warning %} -{% ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5974 %} -## 管理个人对组织仓库的访问 -您可以在仓库设置中授予个人对仓库的访问权限,或更改个人对仓库的访问权限级别。 有关详细信息,请参阅“[管理有权访问存储库的团队和人员](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/managing-teams-and-people-with-access-to-your-repository)”。 +{% ifversion fpt or ghec or ghes > 3.3 or ghae > 3.3 %} +## Managing an individual's access to an organization repository +You can give a person access to a repository or change a person's level of access to a repository in your repository settings. For more information, see "[Managing teams and people with access to your repository](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/managing-teams-and-people-with-access-to-your-repository)." {% else %} -## 授予用户对仓库的访问权限 +## Giving a person access to a repository -{% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-settings %} {% data reusables.repositories.navigate-to-manage-access %} {% data reusables.organizations.invite-teams-or-people %} -1. 在搜索字段中,开始输入要邀请的人员的名称,然后单击匹配列表中的名称。 - ![用于输入要邀请加入存储库的团队或人员名称的搜索字段](/assets/images/help/repository/manage-access-invite-search-field.png) -6. 在“选择角色”下,选择要分配给此人的存储库角色,然后单击“将姓名添加到存储库”。 - ![为团队或人员选择权限](/assets/images/help/repository/manage-access-invite-choose-role-add.png) +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.sidebar-settings %} +{% data reusables.repositories.navigate-to-manage-access %} +{% data reusables.organizations.invite-teams-or-people %} +1. In the search field, start typing the name of the person to invite, then click a name in the list of matches. + ![Search field for typing the name of a team or person to invite to the repository](/assets/images/help/repository/manage-access-invite-search-field.png) +6. Under "Choose a role", select the repository role to assign the person, then click **Add NAME to REPOSITORY**. + ![Selecting permissions for the team or person](/assets/images/help/repository/manage-access-invite-choose-role-add.png) -## 管理个人对组织仓库的访问 +## Managing an individual's access to an organization repository -{% data reusables.profile.access_org %} {% data reusables.user-settings.access_org %} {% data reusables.organizations.people %} -4. 单击“成员”或“外部协作者”以管理具有不同访问权限类型的人员 。 ![邀请成员或外部协作者加入组织的按钮](/assets/images/help/organizations/select-outside-collaborators.png) -5. 在要管理的人员名称右侧,使用 {% octicon "gear" aria-label="The Settings gear" %} 下拉菜单,然后单击“管理”。 - ![管理访问链接](/assets/images/help/organizations/member-manage-access.png) -6. 在“管理访问权限”页面上的存储库旁边,单击“管理访问权限”。 -![“管理访问权限”按钮](/assets/images/help/organizations/repository-manage-access.png) -7. 检查个人对指定仓库的访问权限,例如他们是协作者还是通过团队成员资格来访问仓库。 -![用户的存储库访问权限矩阵](/assets/images/help/organizations/repository-access-matrix-for-user.png) {% endif %} -## 延伸阅读 +{% data reusables.profile.access_org %} +{% data reusables.user-settings.access_org %} +{% data reusables.organizations.people %} +4. Click either **Members** or **Outside collaborators** to manage people with different types of access. ![Button to invite members or outside collaborators to an organization](/assets/images/help/organizations/select-outside-collaborators.png) +5. To the right of the name of the person you'd like to manage, use the {% octicon "gear" aria-label="The Settings gear" %} drop-down menu, and click **Manage**. + ![The manage access link](/assets/images/help/organizations/member-manage-access.png) +6. On the "Manage access" page, next to the repository, click **Manage access**. +![Manage access button for a repository](/assets/images/help/organizations/repository-manage-access.png) +7. Review the person's access to a given repository, such as whether they're a collaborator or have access to the repository via team membership. +![Repository access matrix for the user](/assets/images/help/organizations/repository-access-matrix-for-user.png) +{% endif %} +## Further reading -{% ifversion fpt or ghec %}-“[限制与存储库的交互](/articles/limiting-interactions-with-your-repository)”{% endif %} -- [组织的存储库角色](/organizations/managing-access-to-your-organizations-repositories/repository-roles-for-an-organization) +{% ifversion fpt or ghec %}- "[Limiting interactions with your repository](/articles/limiting-interactions-with-your-repository)"{% endif %} +- "[Repository roles for an organization](/organizations/managing-access-to-your-organizations-repositories/repository-roles-for-an-organization)" diff --git a/translations/zh-CN/content/organizations/managing-access-to-your-organizations-repositories/managing-team-access-to-an-organization-repository.md b/translations/zh-CN/content/organizations/managing-access-to-your-organizations-repositories/managing-team-access-to-an-organization-repository.md index 167f69fe6c..039d6e4860 100644 --- a/translations/zh-CN/content/organizations/managing-access-to-your-organizations-repositories/managing-team-access-to-an-organization-repository.md +++ b/translations/zh-CN/content/organizations/managing-access-to-your-organizations-repositories/managing-team-access-to-an-organization-repository.md @@ -1,6 +1,6 @@ --- -title: 管理团队对组织仓库的访问 -intro: 您可以向团队授予仓库访问权限,删除团队的仓库访问权限,或者更改团队对仓库的权限级别。 +title: Managing team access to an organization repository +intro: 'You can give a team access to a repository, remove a team''s access to a repository, or change a team''s permission level for a repository.' redirect_from: - /articles/managing-team-access-to-an-organization-repository-early-access-program - /articles/managing-team-access-to-an-organization-repository @@ -14,53 +14,60 @@ topics: - Organizations - Teams shortTitle: Manage team access -ms.openlocfilehash: 34f912f4d5c55df30629b7b56200bef25281bf2d -ms.sourcegitcommit: 72e1c60459a610944184ca00e3ae60bf1f5fc6db -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/09/2022 -ms.locfileid: '147876046' --- -对仓库具有管理员权限的人员可以管理团队对仓库的访问权限。 如果团队能够直接访问存储库,团队维护员可以更改其对存储库的访问权限。 如果团队对存储库的访问权限继承自父团队,维护员可以选择重置当前权限以匹配父团队的权限。 + +People with admin access to a repository can manage team access to the repository. Team maintainers can remove a team's access to a repository if the team has direct access to it. If the team's access to the repository is inherited from a parent team, maintainers can choose to reset the current permission to match the parent team's permission. {% warning %} -警告: -- 如果团队能够直接访问仓库,您可以更改其权限级别。 如果团队对仓库的访问权限继承自父团队,则您必须更改团队对仓库的访问权限。 -- 如果您添加或删除父团队的仓库访问权限,则其每个子团队也会获得或失去相应的仓库访问权限。 有关详细信息,请参阅“[关于团队](/articles/about-teams)”。 +**Warnings:** +- You can change a team's permission level if the team has direct access to a repository. If the team's access to the repository is inherited from a parent team, you must change the parent team's access to the repository. +- If you add or remove repository access for a parent team, each of that parent's child teams will also receive or lose access to the repository. For more information, see "[About teams](/articles/about-teams)." {% endwarning %} -## 授予团队对仓库的访问权限 +## Giving a team access to a repository -{% ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5974 %} 可在存储库设置中授予团队对存储库的访问权限,或更改团队对存储库的访问权限级别。 有关详细信息,请参阅“[管理有权访问存储库的团队和人员](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/managing-teams-and-people-with-access-to-your-repository#inviting-a-team-or-person)”。 {% else %} {% data reusables.profile.access_org %} {% data reusables.user-settings.access_org %} {% data reusables.organizations.specific_team %} {% data reusables.organizations.team-repositories-tab %} -5. 在存储库列表上方,单击“添加存储库”。 - ![“添加存储库”按钮](/assets/images/help/organizations/add-repositories-button.png) -6. 输入存储库的名称,然后单击“将存储库添加到团队”。 - ![存储库搜索字段](/assets/images/help/organizations/team-repositories-add.png) -7. 也可选择在仓库名称右侧使用下拉菜单,为团队选择不同的权限级别。 - ![存储库访问级别下拉菜单](/assets/images/help/organizations/team-repositories-change-permission-level.png) {% endif %} -## 删除团队对仓库的访问权限 +{% ifversion fpt or ghec or ghes > 3.3 or ghae > 3.3 %} +You can give a team access to a repository or change a team's level of access to a repository in your repository settings. For more information, see "[Managing teams and people with access to your repository](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/managing-teams-and-people-with-access-to-your-repository#inviting-a-team-or-person)." +{% else %} +{% data reusables.profile.access_org %} +{% data reusables.user-settings.access_org %} +{% data reusables.organizations.specific_team %} +{% data reusables.organizations.team-repositories-tab %} +5. Above the list of repositories, click **Add repository**. + ![The Add repository button](/assets/images/help/organizations/add-repositories-button.png) +6. Type the name of a repository, then click **Add repository to team**. + ![Repository search field](/assets/images/help/organizations/team-repositories-add.png) +7. Optionally, to the right of the repository name, use the drop-down menu and choose a different permission level for the team. + ![Repository access level dropdown](/assets/images/help/organizations/team-repositories-change-permission-level.png) +{% endif %} +## Removing a team's access to a repository -{% ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5974 %} 可在存储库设置中删除团队对组织存储库的访问权限。 有关详细信息,请参阅“[管理有权访问存储库的团队和人员](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/managing-teams-and-people-with-access-to-your-repository#removing-access-for-a-team-or-person)”。 +{% ifversion fpt or ghec or ghes > 3.3 or ghae > 3.3 %} +You can remove a team's access to an organization repository in your repository settings. For more information, see "[Managing teams and people with access to your repository](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/managing-teams-and-people-with-access-to-your-repository#removing-access-for-a-team-or-person)." -如果团队可以直接访问仓库,您可以删除该团队对仓库的访问。 如果团队对仓库的访问权限继承自父团队,则必须删除父团队对仓库的访问权限才可删除其子团队的相应权限。 +If a team has direct access to a repository, you can remove that team's access to the repository. If a team's access to the repository is inherited from a parent team, you must remove the repository from the parent team in order to remove the repository from child teams. {% data reusables.repositories.deleted_forks_from_private_repositories_warning %} {% else %} -如果团队能够直接访问仓库,您可以更改其对仓库的访问权限。 如果团队对仓库的访问权限继承自父团队,则必须删除父团队对仓库的访问权限才可删除其子团队的相应权限。 +You can remove a team's access to a repository if the team has direct access to a repository. If a team's access to the repository is inherited from a parent team, you must remove the repository from the parent team in order to remove the repository from child teams. {% data reusables.repositories.deleted_forks_from_private_repositories_warning %} -{% data reusables.profile.access_org %} {% data reusables.user-settings.access_org %} {% data reusables.organizations.specific_team %} {% data reusables.organizations.team-repositories-tab %} -5. 选择要从团队删除的仓库。 - ![团队存储库列表,其中选中了某些存储库的复选框](/assets/images/help/teams/select-team-repositories-bulk.png) -6. 在存储库列表上方,使用下拉菜单,然后单击“从团队删除”。 - ![包含用于从团队删除存储库的选项的下拉菜单](/assets/images/help/teams/remove-team-repo-dropdown.png) -7. 检查要从团队删除的存储库,然后单击“删除存储库”。 - ![包含团队无法再访问的存储库列表的模态框](/assets/images/help/teams/confirm-remove-team-repos.png) {% endif %} -## 延伸阅读 +{% data reusables.profile.access_org %} +{% data reusables.user-settings.access_org %} +{% data reusables.organizations.specific_team %} +{% data reusables.organizations.team-repositories-tab %} +5. Select the repository or repositories you'd like to remove from the team. + ![List of team repositories with the checkboxes for some repositories selected](/assets/images/help/teams/select-team-repositories-bulk.png) +6. Above the list of repositories, use the drop-down menu, and click **Remove from team**. + ![Drop-down menu with the option to remove a repository from a team](/assets/images/help/teams/remove-team-repo-dropdown.png) +7. Review the repository or repositories that will be removed from the team, then click **Remove repositories**. + ![Modal box with a list of repositories that the team will no longer have access to](/assets/images/help/teams/confirm-remove-team-repos.png) +{% endif %} +## Further reading -- [组织的存储库角色](/organizations/managing-access-to-your-organizations-repositories/repository-roles-for-an-organization) +- "[Repository roles for an organization](/organizations/managing-access-to-your-organizations-repositories/repository-roles-for-an-organization)" diff --git a/translations/zh-CN/content/organizations/managing-access-to-your-organizations-repositories/removing-an-outside-collaborator-from-an-organization-repository.md b/translations/zh-CN/content/organizations/managing-access-to-your-organizations-repositories/removing-an-outside-collaborator-from-an-organization-repository.md index bb845b1e28..2460a6e4a0 100644 --- a/translations/zh-CN/content/organizations/managing-access-to-your-organizations-repositories/removing-an-outside-collaborator-from-an-organization-repository.md +++ b/translations/zh-CN/content/organizations/managing-access-to-your-organizations-repositories/removing-an-outside-collaborator-from-an-organization-repository.md @@ -1,6 +1,6 @@ --- -title: 从组织仓库中删除外部协作者 -intro: 所有者和仓库管理员可以删除外部协作者对仓库的访问权限。 +title: Removing an outside collaborator from an organization repository +intro: Owners and repository admins can remove an outside collaborator's access to a repository. redirect_from: - /articles/removing-an-outside-collaborator-from-an-organization-repository - /github/setting-up-and-managing-organizations-and-teams/removing-an-outside-collaborator-from-an-organization-repository @@ -13,55 +13,57 @@ topics: - Organizations - Teams shortTitle: Remove collaborator -ms.openlocfilehash: 71c8017b79425570e4ee7c2d2c7d3ac695c5c531 -ms.sourcegitcommit: fcf3546b7cc208155fb8acdf68b81be28afc3d2d -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/10/2022 -ms.locfileid: '145127466' --- + {% ifversion fpt or ghec %} {% warning %} -**警告:** -- 从私有仓库删除外部协作者后,付费许可数不会自动降级。 要在从组织中删除用户后减少付费的许可证数,请按照“[降级组织的付费席位](/articles/downgrading-your-organization-s-paid-seats)”中的步骤操作。 +**Warning:** +- When removing an outside collaborator from a private repository, the paid license count does not automatically downgrade. To pay for fewer licenses after removing users from your organization, follow the steps in "[Downgrading your organization's paid seats](/articles/downgrading-your-organization-s-paid-seats)." -- 您负责确保无法访问仓库的人员删除任何机密信息或知识产权。 +- You are responsible for ensuring that people who have lost access to a repository delete any confidential information or intellectual property. {% endwarning %} {% endif %} -尽管删除协作者时将删除私有仓库的复刻,但此人员将仍保留您仓库的任何本地克隆。 +While forks of private repositories are deleted when a collaborator is removed, the person will still retain any local clones of your repository. -## 从组织中的所有仓库删除外部协作者 +## Removing outside collaborators from all repositories in an organization -{% data reusables.profile.access_org %} {% data reusables.user-settings.access_org %} {% data reusables.organizations.people %} {% data reusables.organizations.people_tab_outside_collaborators %} -5. 选择您想要从组织中删除的一个或多个外部协作者。 -![外部协作者列表,其中已选择两个外部协作者](/assets/images/help/teams/list-of-outside-collaborators-selected-bulk.png) -6. 在外部协作者列表上方,使用下拉菜单,然后单击“从所有存储库中删除”。 -![包含删除外部协作者选项的下拉菜单](/assets/images/help/teams/user-bulk-management-options-for-outside-collaborators.png) -7. 查看将从组织中删除的一个或多个外部协作者,然后单击“删除外部协作者”。 - ![将删除的外部协作者的列表和“删除外部协作者”按钮](/assets/images/help/teams/confirm-remove-outside-collaborators-bulk.png) +{% data reusables.profile.access_org %} +{% data reusables.user-settings.access_org %} +{% data reusables.organizations.people %} +{% data reusables.organizations.people_tab_outside_collaborators %} +5. Select the outside collaborator or outside collaborators you'd like to remove from the organization. +![List of outside collaborators with two outside collaborators selected](/assets/images/help/teams/list-of-outside-collaborators-selected-bulk.png) +6. Above the list of outside collaborators, use the drop-down menu, and click **Remove from all repositories**. +![Drop-down menu with option to remove outside collaborators ](/assets/images/help/teams/user-bulk-management-options-for-outside-collaborators.png) +7. Review the outside collaborator or outside collaborators who will be removed from the organization, then click **Remove outside collaborators**. + ![List of outside collaborators who will be removed and Remove outside collaborators button](/assets/images/help/teams/confirm-remove-outside-collaborators-bulk.png) -## 从组织的特定仓库中删除外部协作者 +## Removing an outside collaborator from a particular repository in an organization -如果只是想要从组织的特定仓库中删除外部协作者,则可以一次删除此人员对一个特定仓库的访问权限。 +If you only want to remove an outside collaborator from certain repositories in your organization, you can remove this person's access to one specific repository at a time. -{% data reusables.profile.access_org %} {% data reusables.user-settings.access_org %} {% data reusables.organizations.people %} {% data reusables.organizations.people_tab_outside_collaborators %} -5. 在想要删除的人员用户名右侧,使用 {% octicon "gear" aria-label="The Settings gear" %} 下拉菜单,并单击“管理”。 - ![“管理访问权限”按钮](/assets/images/help/organizations/member-manage-access.png) -6. 在想要从中删除外部协作者的存储库的右侧,单击“管理访问权限”。 -![选择外部协作者具有访问权限的存储库旁边的“管理访问权限”按钮](/assets/images/help/organizations/second-manage-access-selection-for-collaborator.png) -7. 若要完全删除外部协作者对存储库的访问权限,请在右上角单击“删除对此存储库的访问权限”。 -![“删除对此存储库的访问权限”按钮](/assets/images/help/organizations/remove-access-to-this-repository.png) -8. 若要确认,请单击“删除访问权限”。 -![确认将从存储库中删除的外部协作者](/assets/images/help/teams/confirm-remove-outside-collaborator-from-a-repository.png) +{% data reusables.profile.access_org %} +{% data reusables.user-settings.access_org %} +{% data reusables.organizations.people %} +{% data reusables.organizations.people_tab_outside_collaborators %} +5. To the right of the username of the person you want to remove, use the {% octicon "gear" aria-label="The Settings gear" %} drop-down menu, and click **Manage**. + ![Manage access button](/assets/images/help/organizations/member-manage-access.png) +6. To the right of the repository that you want to remove the outside collaborator from, click **Manage access**. +![Select manage access button next to a repository the outside collaborator has access to](/assets/images/help/organizations/second-manage-access-selection-for-collaborator.png) +7. To completely remove the outside collaborator's access to the repository, in the upper right corner, click **Remove access to this repository**. +![Remove access to this repository button](/assets/images/help/organizations/remove-access-to-this-repository.png) +8. To confirm, click **Remove access**. +![Confirm outside collaborator who will be removed from the repository](/assets/images/help/teams/confirm-remove-outside-collaborator-from-a-repository.png) -{% ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5974 %} 还可以在存储库设置的访问概述中从存储库中删除外部协作者。 有关详细信息,请参阅“[管理有权访问存储库的团队和人员](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/managing-teams-and-people-with-access-to-your-repository#removing-access-for-a-team-or-person)”。 +{% ifversion fpt or ghec or ghes > 3.3 or ghae > 3.3 %} +You can also remove an outside collaborator from a repository in the access overview in your repository settings. For more information, see "[Managing teams and people with access to your repository](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/managing-teams-and-people-with-access-to-your-repository#removing-access-for-a-team-or-person)." {% endif %} -## 延伸阅读 +## Further reading -- [将外部协作者添加到组织中的存储库](/articles/adding-outside-collaborators-to-repositories-in-your-organization) -- [将组织成员转换为外部协作者](/articles/converting-an-organization-member-to-an-outside-collaborator) +- "[Adding outside collaborators to repositories in your organization](/articles/adding-outside-collaborators-to-repositories-in-your-organization)" +- "[Converting an organization member to an outside collaborator](/articles/converting-an-organization-member-to-an-outside-collaborator)" diff --git a/translations/zh-CN/content/organizations/managing-access-to-your-organizations-repositories/repository-roles-for-an-organization.md b/translations/zh-CN/content/organizations/managing-access-to-your-organizations-repositories/repository-roles-for-an-organization.md index 2165b22625..84d478f3b6 100644 --- a/translations/zh-CN/content/organizations/managing-access-to-your-organizations-repositories/repository-roles-for-an-organization.md +++ b/translations/zh-CN/content/organizations/managing-access-to-your-organizations-repositories/repository-roles-for-an-organization.md @@ -1,6 +1,6 @@ --- -title: 组织的存储库角色 -intro: 您可以通过细化角色自定义组织中每个仓库的权限,从而为每个用户提供所需的功能和任务权限。 +title: Repository roles for an organization +intro: 'You can customize access to each repository in your organization by assigning granular roles, giving people access to the features and tasks they need.' miniTocMaxHeadingLevel: 3 redirect_from: - /articles/repository-permission-levels-for-an-organization-early-access-program @@ -16,159 +16,160 @@ topics: - Organizations - Teams shortTitle: Repository roles -ms.openlocfilehash: dbb5075dfc57e01e0658138b65d6231fb12f1071 -ms.sourcegitcommit: 47bd0e48c7dba1dde49baff60bc1eddc91ab10c5 -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/05/2022 -ms.locfileid: '147526700' --- -## 组织的存储库角色 -您可以通过分配角色,为组织成员、外部协作者和人员团队提供对组织仓库不同级别的权限。 选择最适合每个人或团队在项目中的职能的角色,而不是提供超过其需求的项目权限。 +## Repository roles for organizations -组织存储库的角色从低到高的权限级别分别为: -- **读取**:建议提供给要查看或讨论项目的非代码参与者 -- **会审**:建议提供给需要主动管理问题和拉取请求,但没有写入权限的参与者 -- **写入**:建议提供给积极推送内容到项目的参与者 -- **维护**:建议提供给需要管理存储库而又无法访问敏感或破坏性操作的项目经理 -- **管理员**:建议提供给需要对项目具有完全访问权限的人员,包括管理安全性或删除存储库等敏感和破坏性操作 +You can give organization members, outside collaborators, and teams of people different levels of access to repositories owned by an organization by assigning them to roles. Choose the role that best fits each person or team's function in your project without giving people more access to the project than they need. -{% ifversion fpt %} 如果组织使用 {% data variables.product.prodname_ghe_cloud %},则可以创建自定义存储库角色。 有关详细信息,请参阅 {% data variables.product.prodname_ghe_cloud %} 文档中的“[管理组织的自定义存储库角色](/enterprise-cloud@latest/organizations/managing-peoples-access-to-your-organization-with-roles/managing-custom-repository-roles-for-an-organization)”。 -{% elsif ghec or ghes > 3.4 or ghae-issue-6271 %} 可以创建自定义存储库角色。 有关详细信息,请参阅“[管理组织的自定义存储库角色](/organizations/managing-peoples-access-to-your-organization-with-roles/managing-custom-repository-roles-for-an-organization)”。 +From least access to most access, the roles for an organization repository are: +- **Read**: Recommended for non-code contributors who want to view or discuss your project +- **Triage**: Recommended for contributors who need to proactively manage issues and pull requests without write access +- **Write**: Recommended for contributors who actively push to your project +- **Maintain**: Recommended for project managers who need to manage the repository without access to sensitive or destructive actions +- **Admin**: Recommended for people who need full access to the project, including sensitive and destructive actions like managing security or deleting a repository + +{% ifversion fpt %} +If your organization uses {% data variables.product.prodname_ghe_cloud %}, you can create custom repository roles. For more information, see "[Managing custom repository roles for an organization](/enterprise-cloud@latest/organizations/managing-peoples-access-to-your-organization-with-roles/managing-custom-repository-roles-for-an-organization)" in the {% data variables.product.prodname_ghe_cloud %} documentation. +{% elsif ghec or ghes > 3.4 or ghae > 3.4 %} +You can create custom repository roles. For more information, see "[Managing custom repository roles for an organization](/organizations/managing-peoples-access-to-your-organization-with-roles/managing-custom-repository-roles-for-an-organization)." {% endif %} -组织所有者可以在访问组织的任何仓库时设置适用于组织所有成员的基本权限。 有关详细信息,请参阅“[为组织设置基本权限](/organizations/managing-access-to-your-organizations-repositories/setting-base-permissions-for-an-organization#setting-base-permissions)”。 +Organization owners can set base permissions that apply to all members of an organization when accessing any of the organization's repositories. For more information, see "[Setting base permissions for an organization](/organizations/managing-access-to-your-organizations-repositories/setting-base-permissions-for-an-organization#setting-base-permissions)." -组织所有者还可以选择进一步限制对整个组织中某些设置和操作的权限。 有关特定设置的选项的详细信息,请参阅“[管理组织设置](/articles/managing-organization-settings)”。 +Organization owners can also choose to further limit access to certain settings and actions across the organization. For more information on options for specific settings, see "[Managing organization settings](/articles/managing-organization-settings)." -除了管理组织级设置之外,组织所有者对组织拥有的每个存储库都具有管理员权限。 有关详细信息,请参阅“[组织中的角色](/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization)”。 +In addition to managing organization-level settings, organization owners have admin access to every repository owned by the organization. For more information, see "[Roles in an organization](/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization)." {% warning %} -警告:当有人向存储库添加部署密钥时,拥有私钥的任何用户都可以读取或写入存储库(具体取决于密钥设置),即使他们后来从组织中删除也是如此。 +**Warning:** When someone adds a deploy key to a repository, any user who has the private key can read from or write to the repository (depending on the key settings), even if they're later removed from the organization. {% endwarning %} -## 每个角色的权限 +## Permissions for each role -{% ifversion fpt %} 下面列出的一些功能仅限于使用 {% data variables.product.prodname_ghe_cloud %} 的组织。 {% data reusables.enterprise.link-to-ghec-trial %} {% endif %} +{% ifversion fpt %} +Some of the features listed below are limited to organizations using {% data variables.product.prodname_ghe_cloud %}. {% data reusables.enterprise.link-to-ghec-trial %} +{% endif %} -{% ifversion fpt or ghes or ghec %} {% note %} +{% ifversion fpt or ghes or ghec %} +{% note %} -注意:下面的“[安全功能的访问要求](#access-requirements-for-security-features)”中列出了使用安全功能所需的角色。 +**Note:** The roles required to use security features are listed in "[Access requirements for security features](#access-requirements-for-security-features)" below. -{% endnote %} {% endif %} +{% endnote %} +{% endif %} -| 仓库操作 | 读取 | 会审 | 写入 | 维护 | 管理员 | +| Repository action | Read | Triage | Write | Maintain | Admin | |:---|:---:|:---:|:---:|:---:|:---:| -| 管理[个人](/organizations/managing-access-to-your-organizations-repositories/managing-an-individuals-access-to-an-organization-repository)、[团队](/organizations/managing-access-to-your-organizations-repositories/managing-team-access-to-an-organization-repository)和[外部协作者](/organizations/managing-access-to-your-organizations-repositories/adding-outside-collaborators-to-repositories-in-your-organization)对存储库的访问 | | | | | ✔️ | -| 从人员或团队的已分配仓库拉取 | ✔️ | ✔️ | ✔️ | ✔️ | ✔️ | -| 复刻人员或团队的已分配仓库 | ✔️ | ✔️ | ✔️ | ✔️ | ✔️ | -| 编辑和删除自己的评论 | ✔️ | ✔️ | ✔️ | ✔️ | ✔️ | -| 打开议题 | ✔️ | ✔️ | ✔️ | ✔️ | ✔️ | -| 关闭自己打开的议题 | ✔️ | ✔️ | ✔️ | ✔️ | ✔️ | -| 重新打开自己关闭的议题 | ✔️ | ✔️ | ✔️ | ✔️ | ✔️ | -| 受理议题 | ✔️ | ✔️ | ✔️ | ✔️ | ✔️ | -| 从团队已分配仓库的复刻发送拉取请求 | ✔️ | ✔️ | ✔️ | ✔️ | ✔️ | -| 提交拉取请求审查 | ✔️ | ✔️ | ✔️ | ✔️ | ✔️ | -| 查看已发布的版本 | ✔️ | ✔️ | ✔️ | ✔️ | ✔️ |{% ifversion fpt or ghec %} -| 查看 [GitHub Actions 工作流运行](/actions/automating-your-workflow-with-github-actions/managing-a-workflow-run) | ✔️ | ✔️ | ✔️ | ✔️ | ✔️ |{% endif %} -| 编辑公共仓库中的 Wiki | ✔️ | ✔️ | ✔️ | ✔️ | ✔️ | -| 编辑私有仓库中的 Wiki | | | ✔️ | ✔️ | ✔️ |{% ifversion fpt or ghec %} -| [举报滥用或垃圾内容](/communities/maintaining-your-safety-on-github/reporting-abuse-or-spam) | ✔️ | ✔️ | ✔️ | ✔️ | ✔️ |{% endif %} -| 应用/忽略标签 | | ✔️ | ✔️ | ✔️ | ✔️ | -| 创建、编辑、删除标签 | | | ✔️ | ✔️ | ✔️ | -| 关闭、重新打开和分配所有议题与拉取请求 | | ✔️ | ✔️ | ✔️ | ✔️ | -| [针对拉取请求启用和禁用自动合并](/github/administering-a-repository/managing-auto-merge-for-pull-requests-in-your-repository) | | | ✔️ | ✔️ | ✔️ | -| 应用里程碑 | | ✔️ | ✔️ | ✔️ | ✔️ | -| 标记[重复问题和拉取请求](/articles/about-duplicate-issues-and-pull-requests)| | ✔️ | ✔️ | ✔️ | ✔️ | -| 请求[拉取请求审查](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/requesting-a-pull-request-review) | | ✔️ | ✔️ | ✔️ | ✔️ | -| 合并[拉取请求](/github/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/about-pull-request-merges) | | | ✔️ | ✔️ | ✔️ | -| 推送到(写入)人员或团队的已分配仓库 | | | ✔️ | ✔️ | ✔️ | -| 编辑和删除任何人对提交、拉取请求和议题的评论 | | | ✔️ | ✔️ | ✔️ | -| [隐藏任何人的评论](/communities/moderating-comments-and-conversations/managing-disruptive-comments) | | | ✔️ | ✔️ | ✔️ | -| [锁定对话](/communities/moderating-comments-and-conversations/locking-conversations) | | | ✔️ | ✔️ | ✔️ | -| 转移问题(有关详细信息,请参阅“[将问题转移到其他存储库](/articles/transferring-an-issue-to-another-repository)”) | | | ✔️ | ✔️ | ✔️ | -| [作为存储库的指定代码所有者](/articles/about-code-owners) | | | ✔️ | ✔️ | ✔️ | -| [将拉取请求草稿标记为可供审查](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/changing-the-stage-of-a-pull-request) | | | ✔️ | ✔️ | ✔️ | -| [将拉取请求转换为草稿](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/changing-the-stage-of-a-pull-request) | | | ✔️ | ✔️ | ✔️ | -| 提交影响拉取请求可合并性的审查 | | | ✔️ | ✔️ | ✔️ | -| [将建议的更改应用于](/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/incorporating-feedback-in-your-pull-request)拉取请求 | | | ✔️ | ✔️ | ✔️ | -| 创建[状态检查](/pull-requests/collaborating-with-pull-requests/collaborating-on-repositories-with-code-quality-features/about-status-checks) | | | ✔️ | ✔️ | ✔️ |{% ifversion fpt or ghec %} -| 创建、编辑、运行、重新运行和取消 [GitHub Actions 工作流](/actions/automating-your-workflow-with-github-actions/) | | | ✔️ | ✔️ | ✔️ |{% endif %} -| 创建和编辑发行版 | | | ✔️ | ✔️ | ✔️ | -| 查看发行版草稿 | | | ✔️ | ✔️ | ✔️ | -| 编辑仓库的说明 | | | | ✔️ | ✔️ |{% ifversion fpt or ghae or ghec %} -| [查看和安装包](/packages/publishing-and-managing-packages) | ✔️ | ✔️ | ✔️ | ✔️ | ✔️ | -| [发布包](/packages/publishing-and-managing-packages/publishing-a-package) | | | ✔️ | ✔️ | ✔️ | -| [删除和恢复包](/packages/learn-github-packages/deleting-and-restoring-a-package) | | | | | ✔️ | {% endif %} -| 管理[主题](/articles/classifying-your-repository-with-topics) | | | | ✔️ | ✔️ | -| 启用 wiki 和限制 wiki 编辑器 | | | | ✔️ | ✔️ | -| 启用项目板 | | | | ✔️ | ✔️ | -| 配置[拉取请求合并](/articles/configuring-pull-request-merges) | | | | ✔️ | ✔️ | -| [为 {% data variables.product.prodname_pages %} 配置发布源](/articles/configuring-a-publishing-source-for-github-pages) | | | | ✔️ | ✔️ | -| [管理分支保护规则](/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/managing-a-branch-protection-rule) | | | | | ✔️ | -| [推送到受保护的分支](/articles/about-protected-branches) | | | | ✔️ | ✔️ | -| 合并受保护分支上的拉取请求(即使没有批准审查) | | | | | ✔️ |{% ifversion fpt or ghes > 3.4 or ghae-issue-6337 or ghec %} -| 创建与[标记保护规则](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/configuring-tag-protection-rules)匹配的标记 | | | | ✔️ | ✔️ | -| 删除与[标记保护规则](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/configuring-tag-protection-rules)匹配的标记 | | | | | ✔️ |{% endif %} -| [创建和编辑存储库社交卡](/articles/customizing-your-repositorys-social-media-preview) | | | | ✔️ | ✔️ |{% ifversion fpt or ghec %} -| 限制[存储库中的交互](/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository)| | | | ✔️ | ✔️ |{% endif %} -| 删除问题(请参阅“[删除问题](/articles/deleting-an-issue)”) | | | | | ✔️ | -| [定义存储库的代码所有者](/articles/about-code-owners) | | | | | ✔️ | -| 将存储库添加到团队(有关详细信息,请参阅“[管理团队对组织存储库的访问](/organizations/managing-access-to-your-organizations-repositories/managing-team-access-to-an-organization-repository#giving-a-team-access-to-a-repository)”) | | | | | ✔️ | -| [管理外部协作者对存储库的访问](/articles/adding-outside-collaborators-to-repositories-in-your-organization) | | | | | ✔️ | -| [更改存储库的可见性](/articles/restricting-repository-visibility-changes-in-your-organization) | | | | | ✔️ | -| 将存储库设为模板(请参阅“[创建模板存储库](/articles/creating-a-template-repository)”) | | | | | ✔️ | -| 更改仓库设置 | | | | | ✔️ | -| 管理团队和协作者对仓库的权限 | | | | | ✔️ | -| 编辑仓库的默认分支 | | | | | ✔️ | -| 重命名存储库的默认分支(请参阅“[重命名分支](/github/administering-a-repository/renaming-a-branch)”) | | | | | ✔️ | -| 重命名存储库默认分支以外的其他分支(请参阅“[重命名分支](/github/administering-a-repository/renaming-a-branch)”) | | | ✔️ | ✔️ | ✔️ | -| 管理 web 挂钩和部署密钥 | | | | | ✔️ |{% ifversion fpt or ghec %} -| [管理专用存储库的数据使用设置](/get-started/privacy-on-github/managing-data-use-settings-for-your-private-repository) | | | | | ✔️ |{% endif %} -| [管理存储库的分支创建策略](/github/administering-a-repository/managing-the-forking-policy-for-your-repository) | | | | | ✔️ | -| [将存储库转移到组织中](/articles/restricting-repository-creation-in-your-organization) | | | | | ✔️ | -| [从组织中删除或转移存储库](/articles/setting-permissions-for-deleting-or-transferring-repositories) | | | | | ✔️ | -| [存档存储库](/articles/about-archiving-repositories) | | | | | ✔️ |{% ifversion fpt or ghec %} -| 显示赞助按钮(请参阅“[在存储库中显示赞助按钮](/articles/displaying-a-sponsor-button-in-your-repository)”) | | | | | ✔️ |{% endif %} -| 创建对外部资源的自动链接引用,例如 Jira 或 Zendesk(请参阅“[配置自动链接以引用外部资源](/articles/configuring-autolinks-to-reference-external-resources)”) | | | | | ✔️ |{% ifversion discussions %} -| 在存储库中[启用 {% data variables.product.prodname_discussions %}](/github/administering-a-repository/enabling-or-disabling-github-discussions-for-a-repository) | | | | ✔️ | ✔️ | -| 为 {% data variables.product.prodname_discussions %} [创建和编辑类别](/discussions/managing-discussions-for-your-community/managing-categories-for-discussions) | | | | ✔️ | ✔️ | -| [将讨论移至其他类别](/discussions/managing-discussions-for-your-community/managing-discussions) | | | ✔️ | ✔️ | ✔️ | -| [将讨论转移](/discussions/managing-discussions-for-your-community/managing-discussions)到新的存储库| | | ✔️ | ✔️ | ✔️ | -| [管理置顶的讨论](/discussions/managing-discussions-for-your-community/managing-discussions) | | | ✔️ | ✔️ | ✔️ | -| [将问题批量转化为讨论](/discussions/managing-discussions-for-your-community/managing-discussions) | | | ✔️ | ✔️ | ✔️ | -| [锁定和解锁讨论](/discussions/managing-discussions-for-your-community/moderating-discussions) | | ✔️ | ✔️ | ✔️ | ✔️ | -| [单独将问题转化为讨论](/discussions/managing-discussions-for-your-community/moderating-discussions) | | ✔️ | ✔️ | ✔️ | ✔️ | -| [创建新讨论并对现有讨论发表评论](/discussions/collaborating-with-your-community-using-discussions/participating-in-a-discussion) | ✔️ | ✔️ | ✔️ | ✔️ | ✔️ | -| [删除讨论](/discussions/managing-discussions-for-your-community/managing-discussions#deleting-a-discussion) | | ✔️ | | ✔️ | ✔️ |{% endif %}{% ifversion fpt or ghec %} -| 创建[代码空间](/codespaces/about-codespaces) | | | ✔️ | ✔️ | ✔️ |{% endif %} +| Manage [individual](/organizations/managing-access-to-your-organizations-repositories/managing-an-individuals-access-to-an-organization-repository), [team](/organizations/managing-access-to-your-organizations-repositories/managing-team-access-to-an-organization-repository), and [outside collaborator](/organizations/managing-access-to-your-organizations-repositories/adding-outside-collaborators-to-repositories-in-your-organization) access to the repository | | | | | **✔️** | +| Pull from the person or team's assigned repositories | **✔️** | **✔️** | **✔️** | **✔️** | **✔️** | +| Fork the person or team's assigned repositories | **✔️** | **✔️** | **✔️** | **✔️** | **✔️** | +| Edit and delete their own comments | **✔️** | **✔️** | **✔️** | **✔️** | **✔️** | +| Open issues | **✔️** | **✔️** | **✔️** | **✔️** | **✔️** | +| Close issues they opened themselves | **✔️** | **✔️** | **✔️** | **✔️** | **✔️** | +| Reopen issues they closed themselves | **✔️** | **✔️** | **✔️** | **✔️** | **✔️** | +| Have an issue assigned to them | **✔️** | **✔️** | **✔️** | **✔️** | **✔️** | +| Send pull requests from forks of the team's assigned repositories | **✔️** | **✔️** | **✔️** | **✔️** | **✔️** | +| Submit reviews on pull requests | **✔️** | **✔️** | **✔️** | **✔️** | **✔️** | +| View published releases | **✔️** | **✔️** | **✔️** | **✔️** | **✔️** |{% ifversion fpt or ghec %} +| View [GitHub Actions workflow runs](/actions/automating-your-workflow-with-github-actions/managing-a-workflow-run) | **✔️** | **✔️** | **✔️** | **✔️** | **✔️** |{% endif %} +| Edit wikis in public repositories | **✔️** | **✔️** | **✔️** | **✔️** | **✔️** | +| Edit wikis in private repositories | | | **✔️** | **✔️** | **✔️** |{% ifversion fpt or ghec %} +| [Report abusive or spammy content](/communities/maintaining-your-safety-on-github/reporting-abuse-or-spam) | **✔️** | **✔️** | **✔️** | **✔️** | **✔️** |{% endif %} +| Apply/dismiss labels | | **✔️** | **✔️** | **✔️** | **✔️** | +| Create, edit, delete labels | | | **✔️** | **✔️** | **✔️** | +| Close, reopen, and assign all issues and pull requests | | **✔️** | **✔️** | **✔️** | **✔️** | +| [Enable and disable auto-merge on a pull request](/github/administering-a-repository/managing-auto-merge-for-pull-requests-in-your-repository) | | | **✔️** | **✔️** | **✔️** | +| Apply milestones | | **✔️** | **✔️** | **✔️** | **✔️** | +| Mark [duplicate issues and pull requests](/articles/about-duplicate-issues-and-pull-requests)| | **✔️** | **✔️** | **✔️** | **✔️** | +| Request [pull request reviews](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/requesting-a-pull-request-review) | | **✔️** | **✔️** | **✔️** | **✔️** | +| Merge a [pull request](/github/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/about-pull-request-merges) | | | **✔️** | **✔️** | **✔️** | +| Push to (write) the person or team's assigned repositories | | | **✔️** | **✔️** | **✔️** | +| Edit and delete anyone's comments on commits, pull requests, and issues | | | **✔️** | **✔️** | **✔️** | +| [Hide anyone's comments](/communities/moderating-comments-and-conversations/managing-disruptive-comments) | | | **✔️** | **✔️** | **✔️** | +| [Lock conversations](/communities/moderating-comments-and-conversations/locking-conversations) | | | **✔️** | **✔️** | **✔️** | +| Transfer issues (see "[Transferring an issue to another repository](/articles/transferring-an-issue-to-another-repository)" for details) | | | **✔️** | **✔️** | **✔️** | +| [Act as a designated code owner for a repository](/articles/about-code-owners) | | | **✔️** | **✔️** | **✔️** | +| [Mark a draft pull request as ready for review](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/changing-the-stage-of-a-pull-request) | | | **✔️** | **✔️** | **✔️** | +| [Convert a pull request to a draft](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/changing-the-stage-of-a-pull-request) | | | **✔️** | **✔️** | **✔️** | +| Submit reviews that affect a pull request's mergeability | | | **✔️** | **✔️** | **✔️** | +| [Apply suggested changes](/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/incorporating-feedback-in-your-pull-request) to pull requests | | | **✔️** | **✔️** | **✔️** | +| Create [status checks](/pull-requests/collaborating-with-pull-requests/collaborating-on-repositories-with-code-quality-features/about-status-checks) | | | **✔️** | **✔️** | **✔️** |{% ifversion fpt or ghec %} +| Create, edit, run, re-run, and cancel [GitHub Actions workflows](/actions/automating-your-workflow-with-github-actions/) | | | **✔️** | **✔️** | **✔️** |{% endif %} +| Create and edit releases | | | **✔️** | **✔️** | **✔️** | +| View draft releases | | | **✔️** | **✔️** | **✔️** | +| Edit a repository's description | | | | **✔️** | **✔️** |{% ifversion fpt or ghae or ghec %} +| [View and install packages](/packages/publishing-and-managing-packages) | **✔️** | **✔️** | **✔️** | **✔️** | **✔️** | +| [Publish packages](/packages/publishing-and-managing-packages/publishing-a-package) | | | **✔️** | **✔️** | **✔️** | +| [Delete and restore packages](/packages/learn-github-packages/deleting-and-restoring-a-package) | | | | | **✔️** | {% endif %} +| Manage [topics](/articles/classifying-your-repository-with-topics) | | | | **✔️** | **✔️** | +| Enable wikis and restrict wiki editors | | | | **✔️** | **✔️** | +| Enable project boards | | | | **✔️** | **✔️** | +| Configure [pull request merges](/articles/configuring-pull-request-merges) | | | | **✔️** | **✔️** | +| Configure [a publishing source for {% data variables.product.prodname_pages %}](/articles/configuring-a-publishing-source-for-github-pages) | | | | **✔️** | **✔️** | +| [Manage branch protection rules](/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/managing-a-branch-protection-rule) | | | | | **✔️** | +| [Push to protected branches](/articles/about-protected-branches) | | | | **✔️** | **✔️** | +| Merge pull requests on protected branches, even if there are no approving reviews | | | | | **✔️** |{% ifversion fpt or ghes > 3.4 or ghae > 3.4 or ghec %} +| Create tags that match a [tag protection rule](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/configuring-tag-protection-rules) | | | | **✔️** | **✔️** | +| Delete tags that match a [tag protection rule](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/configuring-tag-protection-rules) | | | | | **✔️** |{% endif %} +| [Create and edit repository social cards](/articles/customizing-your-repositorys-social-media-preview) | | | | **✔️** | **✔️** |{% ifversion fpt or ghec %} +| Limit [interactions in a repository](/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository)| | | | **✔️** | **✔️** |{% endif %} +| Delete an issue (see "[Deleting an issue](/articles/deleting-an-issue)") | | | | | **✔️** | +| [Define code owners for a repository](/articles/about-code-owners) | | | | | **✔️** | +| Add a repository to a team (see "[Managing team access to an organization repository](/organizations/managing-access-to-your-organizations-repositories/managing-team-access-to-an-organization-repository#giving-a-team-access-to-a-repository)" for details) | | | | | **✔️** | +| [Manage outside collaborator access to a repository](/articles/adding-outside-collaborators-to-repositories-in-your-organization) | | | | | **✔️** | +| [Change a repository's visibility](/articles/restricting-repository-visibility-changes-in-your-organization) | | | | | **✔️** | +| Make a repository a template (see "[Creating a template repository](/articles/creating-a-template-repository)") | | | | | **✔️** | +| Change a repository's settings | | | | | **✔️** | +| Manage team and collaborator access to the repository | | | | | **✔️** | +| Edit the repository's default branch | | | | | **✔️** | +| Rename the repository's default branch (see "[Renaming a branch](/github/administering-a-repository/renaming-a-branch)") | | | | | **✔️** | +| Rename a branch other than the repository's default branch (see "[Renaming a branch](/github/administering-a-repository/renaming-a-branch)") | | | **✔️** | **✔️** | **✔️** | +| Manage webhooks and deploy keys | | | | | **✔️** |{% ifversion fpt or ghec %} +| [Manage data use settings for your private repository](/get-started/privacy-on-github/managing-data-use-settings-for-your-private-repository) | | | | | **✔️** |{% endif %} +| [Manage the forking policy for a repository](/github/administering-a-repository/managing-the-forking-policy-for-your-repository) | | | | | **✔️** | +| [Transfer repositories into the organization](/articles/restricting-repository-creation-in-your-organization) | | | | | **✔️** | +| [Delete or transfer repositories out of the organization](/articles/setting-permissions-for-deleting-or-transferring-repositories) | | | | | **✔️** | +| [Archive repositories](/articles/about-archiving-repositories) | | | | | **✔️** |{% ifversion fpt or ghec %} +| Display a sponsor button (see "[Displaying a sponsor button in your repository](/articles/displaying-a-sponsor-button-in-your-repository)") | | | | | **✔️** |{% endif %} +| Create autolink references to external resources, like Jira or Zendesk (see "[Configuring autolinks to reference external resources](/articles/configuring-autolinks-to-reference-external-resources)") | | | | | **✔️** |{% ifversion discussions %} +| [Enable {% data variables.product.prodname_discussions %}](/github/administering-a-repository/enabling-or-disabling-github-discussions-for-a-repository) in a repository | | | | **✔️** | **✔️** | +| [Create and edit categories](/discussions/managing-discussions-for-your-community/managing-categories-for-discussions) for {% data variables.product.prodname_discussions %} | | | | **✔️** | **✔️** | +| [Move a discussion to a different category](/discussions/managing-discussions-for-your-community/managing-discussions) | | | **✔️** | **✔️** | **✔️** | +| [Transfer a discussion](/discussions/managing-discussions-for-your-community/managing-discussions) to a new repository| | | **✔️** | **✔️** | **✔️** | +| [Manage pinned discussions](/discussions/managing-discussions-for-your-community/managing-discussions) | | | **✔️** | **✔️** | **✔️** | +| [Convert issues to discussions in bulk](/discussions/managing-discussions-for-your-community/managing-discussions) | | | **✔️** | **✔️** | **✔️** | +| [Lock and unlock discussions](/discussions/managing-discussions-for-your-community/moderating-discussions) | | **✔️** | **✔️** | **✔️** | **✔️** | +| [Individually convert issues to discussions](/discussions/managing-discussions-for-your-community/moderating-discussions) | | **✔️** | **✔️** | **✔️** | **✔️** | +| [Create new discussions and comment on existing discussions](/discussions/collaborating-with-your-community-using-discussions/participating-in-a-discussion) | **✔️** | **✔️** | **✔️** | **✔️** | **✔️** | +| [Delete a discussion](/discussions/managing-discussions-for-your-community/managing-discussions#deleting-a-discussion) | | **✔️** | | **✔️** | **✔️** |{% endif %}{% ifversion fpt or ghec %} +| Create [codespaces](/codespaces/about-codespaces) | | | **✔️** | **✔️** | **✔️** |{% endif %} -### 安全功能的访问要求 +### Access requirements for security features -在本节中,您可以找到一些安全功能所需的访问权限,例如 {% data variables.product.prodname_advanced_security %} 功能。 +In this section, you can find the access required for security features, such as {% data variables.product.prodname_advanced_security %} features. -| 仓库操作 | 读取 | 会审 | 写入 | 维护 | 管理员 | +| Repository action | Read | Triage | Write | Maintain | Admin | |:---|:---:|:---:|:---:|:---:|:---:| -| 接收存储库中[不安全的依赖项的 {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies) | | | | | ✔️ | -| [忽略 {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/viewing-and-updating-vulnerable-dependencies-in-your-repository) | | | | | ✔️ |{% ifversion ghes or ghae or ghec %} -| [指定其他人员或团队接收安全警报](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository#granting-access-to-security-alerts) | | | | | ✔️ |{% endif %}{% ifversion fpt or ghec %} -| 创建[安全通告](/code-security/security-advisories/about-github-security-advisories) | | | | | ✔️ |{% endif %}{% ifversion ghes or ghae or ghec %} -| 管理对 {% data variables.product.prodname_GH_advanced_security %} 功能的访问(请参阅“[管理组织的安全和分析设置](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization)”) | | | | | ✔️ |{% endif %}{% ifversion fpt or ghec %} -| 为专用存储库[启用依赖项关系图](/code-security/supply-chain-security/exploring-the-dependencies-of-a-repository) | | | | | ✔️ |{% endif %}{% ifversion ghes or ghae or ghec %} -| [查看依赖项审查](/code-security/supply-chain-security/about-dependency-review) | ✔️ | ✔️ | ✔️ | ✔️ | ✔️ |{% endif %} -| [查看拉取请求上的 {% data variables.product.prodname_code_scanning %} 警报](/github/finding-security-vulnerabilities-and-errors-in-your-code/triaging-code-scanning-alerts-in-pull-requests) | ✔️ | ✔️ | ✔️ | ✔️ | ✔️ | -| [列出、忽略和删除 {% data variables.product.prodname_code_scanning %} 警报](/github/finding-security-vulnerabilities-and-errors-in-your-code/managing-code-scanning-alerts-for-your-repository) | | | ✔️ | ✔️ | ✔️ | -| [查看存储库中的 {% data variables.product.prodname_secret_scanning %} 警报](/github/administering-a-repository/managing-alerts-from-secret-scanning) | | | ✔️{% ifversion not ghae %}[1]{% endif %} | ✔️{% ifversion not ghae %}[1]{% endif %} | ✔️ |{% ifversion ghes or ghae or ghec %} -| [解决、撤销或重新打开 {% data variables.product.prodname_secret_scanning %} 警报](/github/administering-a-repository/managing-alerts-from-secret-scanning) | | | ✔️{% ifversion not ghae %}[1]{% endif %} | ✔️{% ifversion not ghae %}[1]{% endif %} | ✔️ |{% endif %}{% ifversion ghes or ghae or ghec %} -| [指定其他人员或团队接收存储库中的 {% data variables.product.prodname_secret_scanning %} 警报](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository#granting-access-to-security-alerts) | | | | | ✔️ |{% endif %} +| Receive [{% data variables.product.prodname_dependabot_alerts %} for insecure dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies) in a repository | | | | | **✔️** | +| [Dismiss {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/viewing-and-updating-vulnerable-dependencies-in-your-repository) | | | | | **✔️** |{% ifversion ghes or ghae or ghec %} +| [Designate additional people or teams to receive security alerts](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository#granting-access-to-security-alerts) | | | | | **✔️** |{% endif %}{% ifversion fpt or ghec %} +| Create [security advisories](/code-security/security-advisories/about-github-security-advisories) | | | | | **✔️** |{% endif %}{% ifversion ghes or ghae or ghec %} +| Manage access to {% data variables.product.prodname_GH_advanced_security %} features (see "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization)") | | | | | **✔️** |{% endif %}{% ifversion fpt or ghec %} +| [Enable the dependency graph](/code-security/supply-chain-security/exploring-the-dependencies-of-a-repository) for a private repository | | | | | **✔️** |{% endif %}{% ifversion ghes or ghae or ghec %} +| [View dependency reviews](/code-security/supply-chain-security/about-dependency-review) | **✔️** | **✔️** | **✔️** | **✔️** | **✔️** |{% endif %} +| [View {% data variables.product.prodname_code_scanning %} alerts on pull requests](/github/finding-security-vulnerabilities-and-errors-in-your-code/triaging-code-scanning-alerts-in-pull-requests) | **✔️** | **✔️** | **✔️** | **✔️** | **✔️** | +| [List, dismiss, and delete {% data variables.product.prodname_code_scanning %} alerts](/github/finding-security-vulnerabilities-and-errors-in-your-code/managing-code-scanning-alerts-for-your-repository) | | | **✔️** | **✔️** | **✔️** | +| [View {% data variables.product.prodname_secret_scanning %} alerts in a repository](/github/administering-a-repository/managing-alerts-from-secret-scanning) | | | **✔️**{% ifversion not ghae %}[1]{% endif %} | **✔️**{% ifversion not ghae %}[1]{% endif %} | **✔️** |{% ifversion ghes or ghae or ghec %} +| [Resolve, revoke, or re-open {% data variables.product.prodname_secret_scanning %} alerts](/github/administering-a-repository/managing-alerts-from-secret-scanning) | | | **✔️**{% ifversion not ghae %}[1]{% endif %} | **✔️**{% ifversion not ghae %}[1]{% endif %} | **✔️** |{% endif %}{% ifversion ghes or ghae or ghec %} +| [Designate additional people or teams to receive {% data variables.product.prodname_secret_scanning %} alerts](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository#granting-access-to-security-alerts) in repositories | | | | | **✔️** |{% endif %} -[1] 仓库作者和维护者只能看到他们自己提交的警报信息。 +[1] Repository writers and maintainers can only see alert information for their own commits. -## 延伸阅读 +## Further reading -- [管理对组织存储库的访问](/articles/managing-access-to-your-organization-s-repositories) -- [将外部协作者添加到组织中的存储库](/articles/adding-outside-collaborators-to-repositories-in-your-organization) -- [组织的项目板权限](/articles/project-board-permissions-for-an-organization) +- "[Managing access to your organization's repositories](/articles/managing-access-to-your-organization-s-repositories)" +- "[Adding outside collaborators to repositories in your organization](/articles/adding-outside-collaborators-to-repositories-in-your-organization)" +- "[Project board permissions for an organization](/articles/project-board-permissions-for-an-organization)" diff --git a/translations/zh-CN/content/organizations/managing-access-to-your-organizations-repositories/viewing-people-with-access-to-your-repository.md b/translations/zh-CN/content/organizations/managing-access-to-your-organizations-repositories/viewing-people-with-access-to-your-repository.md index 84e8487f5d..6c437bf3f1 100644 --- a/translations/zh-CN/content/organizations/managing-access-to-your-organizations-repositories/viewing-people-with-access-to-your-repository.md +++ b/translations/zh-CN/content/organizations/managing-access-to-your-organizations-repositories/viewing-people-with-access-to-your-repository.md @@ -1,6 +1,6 @@ --- -title: 查看具有仓库访问权限的人员 -intro: '您可以查看{% ifversion ghec or ghes or ghae %} 和导出{% endif %} 拥有组织内仓库访问权限的人员列表。' +title: Viewing people with access to your repository +intro: 'You can view{% ifversion ghec or ghes or ghae %} and export{% endif %} a list of people with access to a repository within an organization.' redirect_from: - /articles/viewing-people-with-access-to-your-repository - /github/setting-up-and-managing-organizations-and-teams/viewing-people-with-access-to-your-repository @@ -14,34 +14,45 @@ topics: - Teams shortTitle: View people with access permissions: Organization owners can view people with access to a repository. -ms.openlocfilehash: 01ee5b1844e32b4ba631fda67babaa9e9f8a982e -ms.sourcegitcommit: fb047f9450b41b24afc43d9512a5db2a2b750a2a -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/11/2022 -ms.locfileid: '147066632' --- -## 关于有权访问您的存储库的人员列表 -您可以使用此信息来帮助离职人员、收集合规性数据以及其他常规安全检查。 +## About the list of people with access to your repository -{% ifversion fpt %} 使用 {% data variables.product.prodname_ghe_cloud %} 的组织还可以导出有权访问存储库的人员的 CSV 列表。 有关详细信息,请参阅 [{% data variables.product.prodname_ghe_cloud %} 文档](/enterprise-cloud@latest/organizations/managing-access-to-your-organizations-repositories/viewing-people-with-access-to-your-repository)。 +You can use this information to help off-board people, gather data for compliance, and other general security checkups. + +{% ifversion fpt %} +Organizations that use {% data variables.product.prodname_ghe_cloud %} can also export a CSV list of people who have access to a repository. For more information, see [the {% data variables.product.prodname_ghe_cloud %} documentation](/enterprise-cloud@latest/organizations/managing-access-to-your-organizations-repositories/viewing-people-with-access-to-your-repository). {% endif %} -{% ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5974 %} ![访问管理概述](/assets/images/help/repository/manage-access-overview.png) {% else %} ![仓库人员权限列表](/assets/images/help/repository/repository-permissions-list.png) {% endif %} -## 查看具有仓库访问权限的人员 +{% ifversion fpt or ghec or ghes > 3.3 or ghae > 3.3 %} +![Access management overview](/assets/images/help/repository/manage-access-overview.png) +{% else %} +![Repository people permissions list](/assets/images/help/repository/repository-permissions-list.png) +{% endif %} +## Viewing people with access to your repository -{% ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5974 %} 你可以在存储库设置中查看团队和具有存储库访问权限的团队和人员的组合概述。 有关详细信息,请参阅“[管理有权访问存储库的团队和人员](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/managing-teams-and-people-with-access-to-your-repository#about-access-management-for-repositories)”。 {% else %} {% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.accessing-repository-graphs %} {% data reusables.repositories.accessing-repository-people %} {% endif %} +{% ifversion fpt or ghec or ghes > 3.3 or ghae > 3.3 %} +You can see a combined overview of teams and people with access to your repository in your repository settings. For more information, see "[Managing teams and people with access to your repository](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/managing-teams-and-people-with-access-to-your-repository#about-access-management-for-repositories)." +{% else %} +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.accessing-repository-graphs %} +{% data reusables.repositories.accessing-repository-people %} +{% endif %} {% ifversion ghec or ghes or ghae %} -## 导出具有您的仓库访问权限人员的列表 +## Exporting a list of people with access to your repository -{% ifversion ghec %} {% note %} +{% ifversion ghec %} +{% note %} -**注意:** 只有使用 {% data variables.product.prodname_ghe_cloud %} 的组织才能导出有权访问存储库的人员列表。 {% data reusables.enterprise.link-to-ghec-trial %} +**Note:** Only organizations that use {% data variables.product.prodname_ghe_cloud %} can export a list of people with access to a repository. {% data reusables.enterprise.link-to-ghec-trial %} -{% endnote %} {% endif %} +{% endnote %} +{% endif %} -{% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.accessing-repository-graphs %} {% data reusables.repositories.accessing-repository-people %} -4. 单击“导出 CSV”。 - ![存储库边栏中的“人员”选项卡](/assets/images/help/repository/export-repository-permissions.png) {% endif %} +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.accessing-repository-graphs %} +{% data reusables.repositories.accessing-repository-people %} +4. Click **Export CSV**. + ![People tab in the repository sidebar](/assets/images/help/repository/export-repository-permissions.png) +{% endif %} diff --git a/translations/zh-CN/content/organizations/managing-organization-settings/disabling-project-boards-in-your-organization.md b/translations/zh-CN/content/organizations/managing-organization-settings/disabling-project-boards-in-your-organization.md index 0247655e87..86b75c4cd6 100644 --- a/translations/zh-CN/content/organizations/managing-organization-settings/disabling-project-boards-in-your-organization.md +++ b/translations/zh-CN/content/organizations/managing-organization-settings/disabling-project-boards-in-your-organization.md @@ -1,6 +1,6 @@ --- -title: '在组织中禁用{% ifversion projects-v2 %}项目{% else %}项目板{% endif %}' -intro: '组织所有者可以在组织中关闭{% ifversion projects-v2 %}组织范围的{% data variables.projects.projects_v2 %}、组织范围的{% data variables.projects.projects_v1_boards %}和存储库级别的{% data variables.projects.projects_v1_boards %}{% else %}组织范围的项目板和存储库项目板{% endif %}。' +title: 'Disabling {% ifversion projects-v2 %}projects{% else %}project boards{% endif %} in your organization' +intro: 'Organization owners can turn off {% ifversion projects-v2 %}organization-wide {% data variables.projects.projects_v2 %}, organization-wide {% data variables.projects.projects_v1_boards %}, and repository-level {% data variables.projects.projects_v1_boards %}{% else %}organization-wide project boards and repository project boards{% endif %} in an organization.' redirect_from: - /github/managing-your-work-on-github/managing-project-boards/disabling-project-boards-in-your-organization - /articles/disabling-project-boards-in-your-organization @@ -14,36 +14,32 @@ topics: - Pull requests shortTitle: Disable projects allowTitleToDifferFromFilename: true -ms.openlocfilehash: e1e2aed1e7c689bee83dabc4a6750f8976206f4a -ms.sourcegitcommit: 47bd0e48c7dba1dde49baff60bc1eddc91ab10c5 -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/05/2022 -ms.locfileid: '147423322' --- -禁用组织范围的项目板后,将无法在组织级别创建新的项目板,并且将无法通过其先前的 URL 访问任何现有组织级别项目板。 组织仓库中的项目板不受影响。 {% ifversion projects-v2 %}这些设置适用于 {% data variables.projects.projects_v2 %} 和 {% data variables.projects.projects_v1_boards %}。{% endif %} +After you disable organization-wide project boards, it won’t be possible to create new project boards at the organization level, and any existing organization-level project boards will become inaccessible at their previous URLs. Project boards in repositories in the organization are not affected. {% ifversion projects-v2 %}These settings apply to {% data variables.projects.projects_v2 %} and {% data variables.projects.projects_v1_boards %}.{% endif %} -在组织中禁用仓库项目板后,将无法在任何组织仓库中创建新项目板,并且将无法通过其先前的 URL 访问组织仓库中的任何现有项目板。 组织级别的项目板不受影响。 +After you disable repository project boards in an organization, it won't be possible to create new project boards in any repositories in the organization, and any existing project boards in repositories in the organization will become inaccessible at their previous URLs. Project boards at the organization level are not affected. -禁用项目板后,在时间表或[审核日志](/organizations/keeping-your-organization-secure/reviewing-the-audit-log-for-your-organization)中将不再看到项目板信息。 +When you disable project boards, you will no longer see project board information in timelines or [audit logs](/organizations/keeping-your-organization-secure/reviewing-the-audit-log-for-your-organization). -{% data reusables.profile.access_org %} {% data reusables.profile.org_settings %} {% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5658 %} -1. 在边栏的“代码规划和自动化”部分,单击“{% octicon "table" aria-label="The table icon" %} 项目”。 +{% data reusables.profile.access_org %} +{% data reusables.profile.org_settings %} +{% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %} +1. In the "Code planning, and automation" section of the sidebar, click **{% octicon "table" aria-label="The table icon" %} Projects**. {% endif %} -1. 决定是否禁用组织范围的项目板,禁用组织中的仓库项目板,或两者均禁用。 然后,在“项目”(项目)下: - - 若要禁用组织范围的项目板,请取消选择“启用组织的项目”。 - - 若要在组织中禁用存储库项目板,请取消选择“启用所有存储库的项目”。 - ![用于禁用单个组织或单个组织所有存储库的项目的复选框](/assets/images/help/projects/disable-org-projects-checkbox.png) -1. 单击“ **保存**”。 +1. Decide whether to disable organization-wide project boards, disable repository project boards in the organization, or both. Then, under "Projects": + - To disable organization-wide project boards, unselect **Enable projects for the organization**. + - To disable repository project boards in the organization, unselect **Enable projects for all repositories**. + ![Checkboxes to disable projects for an organization or for all of an organization's repositories](/assets/images/help/projects/disable-org-projects-checkbox.png) +1. Click **Save**. {% data reusables.organizations.disable_project_board_results %} -## 延伸阅读 +## Further reading -{% ifversion projects-v2 %}- [关于 {% data variables.product.prodname_projects_v2 %}](/issues/planning-and-tracking-with-projects/learning-about-projects/about-projects){% endif %} -- [关于 {% data variables.product.prodname_projects_v1 %}](/articles/about-project-boards) -- [关闭 {% data variables.projects.projects_v1_board %}](/articles/closing-a-project-board) -- [删除 {% data variables.projects.projects_v1_board %}](/articles/deleting-a-project-board) -- [禁用 {% data variables.projects.projects_v1_boards %} in a repository](/articles/disabling-project-boards-in-a-repository) +{% ifversion projects-v2 %}- "[About {% data variables.product.prodname_projects_v2 %}](/issues/planning-and-tracking-with-projects/learning-about-projects/about-projects)"{% endif %} +- "[About {% data variables.product.prodname_projects_v1 %}](/articles/about-project-boards)" +- "[Closing a {% data variables.projects.projects_v1_board %}](/articles/closing-a-project-board)" +- "[Deleting a {% data variables.projects.projects_v1_board %}](/articles/deleting-a-project-board)" +- "[Disabling {% data variables.projects.projects_v1_boards %} in a repository](/articles/disabling-project-boards-in-a-repository)" diff --git a/translations/zh-CN/content/organizations/managing-organization-settings/integrating-jira-with-your-organization-project-board.md b/translations/zh-CN/content/organizations/managing-organization-settings/integrating-jira-with-your-organization-project-board.md index 10ec2765f0..98f6bf0f5b 100644 --- a/translations/zh-CN/content/organizations/managing-organization-settings/integrating-jira-with-your-organization-project-board.md +++ b/translations/zh-CN/content/organizations/managing-organization-settings/integrating-jira-with-your-organization-project-board.md @@ -1,6 +1,6 @@ --- -title: 集成 Jira 与组织项目板 -intro: 您可以将 Jira Cloud 与组织帐户集成,以扫描提交和拉取请求,在任何提及的 Jira 议题中创建相关的元数据和超链接。 +title: Integrating Jira with your organization project board +intro: 'You can integrate Jira Cloud with your organization account to scan commits and pull requests, creating relevant metadata and hyperlinks in any mentioned Jira issues.' redirect_from: - /articles/integrating-jira-with-your-organization-project-board - /github/setting-up-and-managing-organizations-and-teams/integrating-jira-with-your-organization-project-board @@ -8,33 +8,31 @@ versions: ghes: '*' ghae: '*' shortTitle: Integrate Jira -ms.openlocfilehash: 0b773dc865373ab006f7c596b50ac81af5d6636a -ms.sourcegitcommit: 47bd0e48c7dba1dde49baff60bc1eddc91ab10c5 -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/05/2022 -ms.locfileid: '145109460' --- -{% ifversion ghes > 3.4 or ghae-issue-5658 %} {% data reusables.profile.access_org %} {% data reusables.profile.org_settings %} -1. 在左侧边栏中,选择“{% octicon "code" aria-label="The code icon" %} 开发人员设置”,然后单击“OAuth 应用” 。 - ![左侧边栏中的 OAuth 应用程序选项卡](/assets/images/help/organizations/org-oauth-applications-ghe.png) -1. 单击“新建 OAuth 应用”。 -{% else %} {% data reusables.user-settings.access_settings %} -1. 在左侧边栏的“组织设置”下,单击组织的名称。 -![侧边栏组织名称](/assets/images/help/settings/organization-settings-from-sidebar.png) -1. 在左侧边栏中的“开发人员设置”下,单击“OAuth 应用程序” 。 - ![左侧边栏中的 OAuth 应用程序选项卡](/assets/images/help/organizations/org-oauth-applications-ghe.png) -1. 单击“注册新应用程序”。 +{% ifversion ghes > 3.4 or ghae > 3.4 %} +{% data reusables.profile.access_org %} +{% data reusables.profile.org_settings %} +1. In the left sidebar, select **{% octicon "code" aria-label="The code icon" %} Developer settings**, then click **OAuth Apps**. + ![OAuth applications tab in the left sidebar](/assets/images/help/organizations/org-oauth-applications-ghe.png) +1. Click **New OAuth App**. +{% else %} +{% data reusables.user-settings.access_settings %} +1. In the left sidebar under **Organization settings**, click the name of your organization. +![Sidebar organization name](/assets/images/help/settings/organization-settings-from-sidebar.png) +1. In the left sidebar under **Developer settings**, click **OAuth applications**. + ![OAuth applications tab in the left sidebar](/assets/images/help/organizations/org-oauth-applications-ghe.png) +1. Click **Register a new application**. {% endif %} -1. 在“应用程序名称”下,键入“Jira”。 -2. 在“主页 URL”下,键入 Jira 实例的完整 URL。 -3. 在“授权回叫 URL”下,键入 Jira 实例的完整 URL。 -4. 单击“注册应用程序”。 -![“注册应用程序”按钮](/assets/images/help/oauth/register-application-button.png) -9. 在“组织拥有的应用程序”下,记下“客户端 ID”和“客户端密码”值。 -![客户端 ID 和客户端密码](/assets/images/help/oauth/client-id-and-secret.png) {% data reusables.user-settings.jira_help_docs %} +1. Under **Application name**, type "Jira". +2. Under **Homepage URL**, type the full URL to your Jira instance. +3. Under **Authorization callback URL**, type the full URL to your Jira instance. +4. Click **Register application**. +![Register application button](/assets/images/help/oauth/register-application-button.png) +9. Under **Organization owned applications**, note the "Client ID" and "Client Secret" values. +![Client ID and Client Secret](/assets/images/help/oauth/client-id-and-secret.png) +{% data reusables.user-settings.jira_help_docs %} -## 延伸阅读 +## Further reading -- [将 Jira 与个人项目集成](/articles/integrating-jira-with-your-personal-projects) -- 将 Jira Cloud 连接到 GitHub(Atlassian 文档) +- ["Integrating Jira with your personal projects"](/articles/integrating-jira-with-your-personal-projects) +- Connect Jira Cloud to GitHub (Atlassian documentation) diff --git a/translations/zh-CN/content/organizations/managing-peoples-access-to-your-organization-with-roles/managing-security-managers-in-your-organization.md b/translations/zh-CN/content/organizations/managing-peoples-access-to-your-organization-with-roles/managing-security-managers-in-your-organization.md index d4b9244794..6d9e44bf37 100644 --- a/translations/zh-CN/content/organizations/managing-peoples-access-to-your-organization-with-roles/managing-security-managers-in-your-organization.md +++ b/translations/zh-CN/content/organizations/managing-peoples-access-to-your-organization-with-roles/managing-security-managers-in-your-organization.md @@ -1,6 +1,6 @@ --- -title: 管理组织中的安全管理员 -intro: 通过将团队分配给安全管理员角色,您可以为安全团队提供他们对组织所需的最少访问权限。 +title: Managing security managers in your organization +intro: You can give your security team the least access they need to your organization by assigning a team to the security manager role. versions: feature: security-managers topics: @@ -8,48 +8,48 @@ topics: - Teams shortTitle: Security manager role permissions: Organization owners can assign the security manager role. -ms.openlocfilehash: c29dd20a123ccb20a32d40896064e11d59643bd9 -ms.sourcegitcommit: 80842b4e4c500daa051eff0ccd7cde91c2d4bb36 -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/12/2022 -ms.locfileid: '145065962' --- + {% data reusables.organizations.security-manager-beta-note %} {% data reusables.organizations.about-security-managers %} -## 安全管理员角色的权限 +## Permissions for the security manager role -具有安全管理员角色的团队成员仅具有有效管理组织安全性所需的权限。 +Members of a team with the security manager role have only the permissions required to effectively manage security for the organization. -- 除了任何现有的存储库访问外,还可以读取组织中的所有存储库 -- 对组织中所有安全警报的写入访问权限 {% ifversion not fpt %} -- 访问组织的安全概述 {% endif %} -- 能够在组织级配置安全设置{% ifversion not fpt %},包括启用或禁用 {% data variables.product.prodname_GH_advanced_security %}{% endif %} -- 能够在存储库级配置安全设置{% ifversion not fpt %},包括启用或禁用 {% data variables.product.prodname_GH_advanced_security %}{% endif %} +- Read access on all repositories in the organization, in addition to any existing repository access +- Write access on all security alerts in the organization {% ifversion not fpt %} +- Access to the organization's security overview {% endif %} +- The ability to configure security settings at the organization level{% ifversion not fpt %}, including the ability to enable or disable {% data variables.product.prodname_GH_advanced_security %}{% endif %} +- The ability to configure security settings at the repository level{% ifversion not fpt %}, including the ability to enable or disable {% data variables.product.prodname_GH_advanced_security %}{% endif %} -{% ifversion fpt %} 其他功能(包括组织的安全概述)在将 {% data variables.product.prodname_ghe_cloud %} 与 {% data variables.product.prodname_advanced_security %} 一起使用的组织中可用。 有关详细信息,请参阅 [{% data variables.product.prodname_ghe_cloud %} 文档](/enterprise-cloud@latest/organizations/managing-peoples-access-to-your-organization-with-roles/managing-security-managers-in-your-organization)。 +{% ifversion fpt %} +Additional functionality, including a security overview for the organization, is available in organizations that use {% data variables.product.prodname_ghe_cloud %} with {% data variables.product.prodname_advanced_security %}. For more information, see the [{% data variables.product.prodname_ghe_cloud %} documentation](/enterprise-cloud@latest/organizations/managing-peoples-access-to-your-organization-with-roles/managing-security-managers-in-your-organization). {% endif %} -如果团队具有安全管理员角色,则对团队和特定存储库具有管理员访问权限的人员可以更改团队对该存储库的访问级别,但不能删除访问权限。 有关详细信息,请参阅“[管理团队对组织存储库的访问](/organizations/managing-access-to-your-organizations-repositories/managing-team-access-to-an-organization-repository){% ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5974 %}”和“[管理有权访问存储库的团队和人员](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/managing-teams-and-people-with-access-to-your-repository)”。{% else %}."{% endif %} +If a team has the security manager role, people with admin access to the team and a specific repository can change the team's level of access to that repository but cannot remove the access. For more information, see "[Managing team access to an organization repository](/organizations/managing-access-to-your-organizations-repositories/managing-team-access-to-an-organization-repository){% ifversion fpt or ghec or ghes > 3.3 or ghae > 3.3 %}" and "[Managing teams and people with access to your repository](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/managing-teams-and-people-with-access-to-your-repository)."{% else %}."{% endif %} - ![使用安全管理器管理存储库访问 UI](/assets/images/help/organizations/repo-access-security-managers.png) + ![Manage repository access UI with security managers](/assets/images/help/organizations/repo-access-security-managers.png) -## 将安全管理员角色分配给组织中的团队 -您可以将安全管理员角色分配给组织中最多 10 个团队。 +## Assigning the security manager role to a team in your organization +You can assign the security manager role to a maximum of 10 teams in your organization. -{% data reusables.profile.access_org %} {% data reusables.profile.org_settings %} {% data reusables.organizations.security-and-analysis %} -1. 在“安全管理员”下,搜索并选择要授予该角色的团队。 您选择的每个团队都将显示在搜索栏下方的列表中。 - ![添加安全管理员](/assets/images/help/organizations/add-security-managers.png) -## 从组织中的团队中删除安全管理员角色 +{% data reusables.profile.access_org %} +{% data reusables.profile.org_settings %} +{% data reusables.organizations.security-and-analysis %} +1. Under **Security managers**, search for and select the team to give the role. Each team you select will appear in a list below the search bar. + ![Add security manager](/assets/images/help/organizations/add-security-managers.png) +## Removing the security manager role from a team in your organization {% warning %} -警告:从团队中删除安全管理员角色将删除团队在整个组织中管理安全警报和设置的能力,但团队将保留对分配角色时授予的存储库读取访问权限。 您必须手动删除任何不需要的读取访问权限。 有关详细信息,请参阅“[管理团队对组织存储库的访问](/organizations/managing-access-to-your-organizations-repositories/managing-team-access-to-an-organization-repository#removing-a-teams-access-to-a-repository)”。 +**Warning:** Removing the security manager role from a team will remove the team's ability to manage security alerts and settings across the organization, but the team will retain read access to repositories that was granted when the role was assigned. You must remove any unwanted read access manually. For more information, see "[Managing team access to an organization repository](/organizations/managing-access-to-your-organizations-repositories/managing-team-access-to-an-organization-repository#removing-a-teams-access-to-a-repository)." {% endwarning %} -{% data reusables.profile.access_org %} {% data reusables.profile.org_settings %} {% data reusables.organizations.security-and-analysis %} -1. 在“安全管理员”下,在要删除为安全管理员的团队右侧,单击“{% octicon "x" aria-label="The X icon" %}”。 - ![删除安全管理员](/assets/images/help/organizations/remove-security-managers.png) +{% data reusables.profile.access_org %} +{% data reusables.profile.org_settings %} +{% data reusables.organizations.security-and-analysis %} +1. Under **Security managers**, to the right of the team you want to remove as security managers, click {% octicon "x" aria-label="The X icon" %}. + ![Remove security managers](/assets/images/help/organizations/remove-security-managers.png) diff --git a/translations/zh-CN/content/organizations/organizing-members-into-teams/managing-code-review-settings-for-your-team.md b/translations/zh-CN/content/organizations/organizing-members-into-teams/managing-code-review-settings-for-your-team.md index ef554092da..afbb13b86e 100644 --- a/translations/zh-CN/content/organizations/organizing-members-into-teams/managing-code-review-settings-for-your-team.md +++ b/translations/zh-CN/content/organizations/organizing-members-into-teams/managing-code-review-settings-for-your-team.md @@ -1,6 +1,6 @@ --- -title: 管理团队的代码审查设置 -intro: 您可以通过在请求团队审阅拉取请求时限制通知来减少团队的干扰。 +title: Managing code review settings for your team +intro: You can decrease noise for your team by limiting notifications when your team is requested to review a pull request. redirect_from: - /github/setting-up-and-managing-organizations-and-teams/managing-code-review-assignment-for-your-team - /organizations/organizing-members-into-teams/managing-code-review-assignment-for-your-team @@ -15,78 +15,89 @@ topics: - Teams shortTitle: Code review settings permissions: Team maintainers and organization owners can configure code review settings. -ms.openlocfilehash: 701ebf6a2306a8c8a734905d752c4b44c225ace6 -ms.sourcegitcommit: 47bd0e48c7dba1dde49baff60bc1eddc91ab10c5 -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/05/2022 -ms.locfileid: '146180165' --- -## 关于代码审查设置 -{% ifversion only-notify-requested-members %} 为减少团队的干扰并阐明拉取请求审查的个人责任,可配置代码审查设置。 - -- 团队通知 -- 自动分配 - -## 关于团队通知 - -如果选择仅通知请求的团队成员,则在请求团队审阅拉取请求时,如果还请求审阅整个团队的特定成员,则可以禁用向整个团队发送通知。 当存储库将团队配置为代码所有者时,这尤其有用,但存储库的参与者通常知道作为其拉取请求的正确审查者的特定个人。 有关详细信息,请参阅“[关于代码所有者](/github/creating-cloning-and-archiving-repositories/about-code-owners)”。 - -## 关于自动分配 -{% endif %} - -启用自动分配后,每当请求您的团队审阅拉取请求时,该团队都会被删除为审阅者,并且会在团队的位置分配指定的团队成员子集。 代码审查分配允许您决定在请求团队审查时是通知整个团队,还是只通知一部分团队成员。 - -当自动请求代码所有者进行审阅时,除非将分支保护规则配置为要求代码所有者进行审阅,否则仍将删除团队并将其替换为个人。 如果存在此类分支保护规则,则无法删除团队请求,因此还会显示单个请求。 - -### 路由算法 - -代码审查分配根据两种可能的算法之一自动选择和分配审查者。 - -循环算法根据最近收到最少审查请求的人员选择审查者,侧重于在团队所有成员之间的轮替,而不管他们目前拥有多少未完成的审查。 - -负载平衡算法根据每个成员最近的审查请求总数选择审查者,并考虑每个成员未完成的审查数。 负载平衡算法努力确保每个团队成员在任意 30 天内审查相同数量的拉取请求。 - -任何将状态设置为“忙碌”的团队成员将不会被选中进行审核。 如果所有团队成员都忙碌,拉取请求仍将分配给团队本身。 有关用户状态的详细信息,请参阅“[设置状态](/account-and-profile/setting-up-and-managing-your-github-profile/customizing-your-profile/personalizing-your-profile#setting-a-status)”。 +## About code review settings {% ifversion only-notify-requested-members %} -## 配置团队通知 +To reduce noise for your team and clarify individual responsibility for pull request reviews, you can configure code review settings. -{% data reusables.profile.access_org %} {% data reusables.user-settings.access_org %} {% data reusables.organizations.specific_team %} {% data reusables.organizations.team_settings %} {% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5658 %} -1. 在左侧边栏中,单击“{% octicon "code-review" aria-label="The code-review icon" %} 代码审查”。 -{% else %} -1. 在左侧边栏中,单击“代码审查” -![代码审查按钮](/assets/images/help/teams/review-button.png) {% endif %} -1. 选择“仅通知请求的团队成员。” -![代码审查团队通知](/assets/images/help/teams/review-assignment-notifications.png) -1. 单击“保存更改”。 +- Team notifications +- Auto assignment + +## About team notifications + +When you choose to only notify requested team members, you disable sending notifications to the entire team when the team is requested to review a pull request if a specific member of that team is also requested for review. This is especially useful when a repository is configured with teams as code owners, but contributors to the repository often know a specific individual that would be the correct reviewer for their pull request. For more information, see "[About code owners](/github/creating-cloning-and-archiving-repositories/about-code-owners)." + +## About auto assignment {% endif %} -## 配置自动分配 -{% data reusables.profile.access_org %} {% data reusables.user-settings.access_org %} {% data reusables.organizations.specific_team %} {% data reusables.organizations.team_settings %} {% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5658 %} -1. 在左侧边栏中,单击“{% octicon "code-review" aria-label="The code-review icon" %} 代码审查”。 -{% else %} -1. 在左侧边栏中,单击“代码审查” -![代码审查按钮](/assets/images/help/teams/review-button.png) {% endif %} -1. 选择“启用自动分配”。 -![自动分配按钮](/assets/images/help/teams/review-assignment-enable.png) -1. 在“How many team members should be assigned to review?(应分配多少团队成员进行审查?)”下,使用下拉菜单选择多个要分配给每个拉取请求的审查者。 -![审查者人数下拉列表](/assets/images/help/teams/review-assignment-number.png) -1. 在“Routing algorithm(路由算法)”下,使用下拉菜单选择要使用的算法。 有关详细信息,请参阅“[路由算法](#routing-algorithms)”。 -![路由算法下拉列表](/assets/images/help/teams/review-assignment-algorithm.png) -1. (可选)要始终跳过某些团队成员,请选择“永不分配某些团队成员”。 然后,选择要始终跳过的一个或多个团队成员。 -![永不分配某些团队成员复选框和下拉菜单](/assets/images/help/teams/review-assignment-skip-members.png) {% ifversion ghes < 3.4 %} -1. (可选)要对每个拉取请求审查只通知代码审查分配所选择的团队成员,在“通知”下选择“分配团队成员时不通知整个团队”。 -{%- endif %} {% ifversion fpt or ghec or ghae-issue-5108 or ghes > 3.2 %} -1. (可选)在分配请求时,要将子团队成员作为潜在审查者,请选择“子团队成员”。 -1. (可选)要根据可分配的成员总数计算已请求审查的成员,选择“计算现有请求”。 -1. (可选)在分配团队成员时,要从团队中删除审查请求,请选择“团队审查请求”。 -{%- endif %} -1. 单击“保存更改”。 +When you enable auto assignment, any time your team has been requested to review a pull request, the team is removed as a reviewer and a specified subset of team members are assigned in the team's place. Code review assignments allow you to decide whether the whole team or just a subset of team members are notified when a team is requested for review. -## 禁用自动分配 -{% data reusables.profile.access_org %} {% data reusables.user-settings.access_org %} {% data reusables.organizations.specific_team %} {% data reusables.organizations.team_settings %} -1. 选择“启用自动分配”以删除复选标记。 -![代码审查分配按钮](/assets/images/help/teams/review-assignment-enable.png) -1. 单击“保存更改”。 +When code owners are automatically requested for review, the team is still removed and replaced with individuals unless a branch protection rule is configured to require review from code owners. If such a branch protection rule is in place, the team request cannot be removed and so the individual request will appear in addition. + +### Routing algorithms + +Code review assignments automatically choose and assign reviewers based on one of two possible algorithms. + +The round robin algorithm chooses reviewers based on who's received the least recent review request, focusing on alternating between all members of the team regardless of the number of outstanding reviews they currently have. + +The load balance algorithm chooses reviewers based on each member's total number of recent review requests and considers the number of outstanding reviews for each member. The load balance algorithm tries to ensure that each team member reviews an equal number of pull requests in any 30 day period. + +Any team members that have set their status to "Busy" will not be selected for review. If all team members are busy, the pull request will remain assigned to the team itself. For more information about user statuses, see "[Setting a status](/account-and-profile/setting-up-and-managing-your-github-profile/customizing-your-profile/personalizing-your-profile#setting-a-status)." + +{% ifversion only-notify-requested-members %} +## Configuring team notifications + +{% data reusables.profile.access_org %} +{% data reusables.user-settings.access_org %} +{% data reusables.organizations.specific_team %} +{% data reusables.organizations.team_settings %} +{% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %} +1. In the left sidebar, click **{% octicon "code-review" aria-label="The code-review icon" %} Code review**. +{% else %} +1. In the left sidebar, click **Code review** +![Code review button](/assets/images/help/teams/review-button.png) +{% endif %} +1. Select **Only notify requested team members.** +![Code review team notifications](/assets/images/help/teams/review-assignment-notifications.png) +1. Click **Save changes**. +{% endif %} + +## Configuring auto assignment +{% data reusables.profile.access_org %} +{% data reusables.user-settings.access_org %} +{% data reusables.organizations.specific_team %} +{% data reusables.organizations.team_settings %} +{% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %} +1. In the left sidebar, click **{% octicon "code-review" aria-label="The code-review icon" %} Code review**. +{% else %} +1. In the left sidebar, click **Code review** +![Code review button](/assets/images/help/teams/review-button.png) +{% endif %} +1. Select **Enable auto assignment**. +![Auto-assignment button](/assets/images/help/teams/review-assignment-enable.png) +1. Under "How many team members should be assigned to review?", use the drop-down menu and choose a number of reviewers to be assigned to each pull request. +![Number of reviewers dropdown](/assets/images/help/teams/review-assignment-number.png) +1. Under "Routing algorithm", use the drop-down menu and choose which algorithm you'd like to use. For more information, see "[Routing algorithms](#routing-algorithms)." +![Routing algorithm dropdown](/assets/images/help/teams/review-assignment-algorithm.png) +1. Optionally, to always skip certain members of the team, select **Never assign certain team members**. Then, select one or more team members you'd like to always skip. +![Never assign certain team members checkbox and dropdown](/assets/images/help/teams/review-assignment-skip-members.png) +{% ifversion ghes < 3.4 %} +1. Optionally, to only notify the team members chosen by code review assignment for each pull review request, under "Notifications" select **If assigning team members, don't notify the entire team.** +{%- endif %} +{% ifversion fpt or ghec or ghae > 3.3 or ghes > 3.2 %} +1. Optionally, to include members of child teams as potential reviewers when assigning requests, select **Child team members**. +1. Optionally, to count any members whose review has already been requested against the total number of members to assign, select **Count existing requests**. +1. Optionally, to remove the review request from the team when assigning team members, select **Team review request**. +{%- endif %} +1. Click **Save changes**. + +## Disabling auto assignment +{% data reusables.profile.access_org %} +{% data reusables.user-settings.access_org %} +{% data reusables.organizations.specific_team %} +{% data reusables.organizations.team_settings %} +1. Select **Enable auto assignment** to remove the checkmark. +![Code review assignment button](/assets/images/help/teams/review-assignment-enable.png) +1. Click **Save changes**. diff --git a/translations/zh-CN/content/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-and-deleting-branches-within-your-repository.md b/translations/zh-CN/content/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-and-deleting-branches-within-your-repository.md index bd8cd1a745..8ef0737eac 100644 --- a/translations/zh-CN/content/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-and-deleting-branches-within-your-repository.md +++ b/translations/zh-CN/content/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-and-deleting-branches-within-your-repository.md @@ -1,6 +1,6 @@ --- -title: 创建和删除仓库中的分支 -intro: '您可以直接在 {% data variables.product.product_name %} 上创建或删除分支。' +title: Creating and deleting branches within your repository +intro: 'You can create or delete branches directly on {% data variables.product.product_name %}.' redirect_from: - /github/collaborating-with-issues-and-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-and-deleting-branches-within-your-repository - /articles/deleting-branches-in-a-pull-request @@ -14,70 +14,69 @@ versions: topics: - Pull requests shortTitle: Create & delete branches -ms.openlocfilehash: 44b56d8a1884e5cbfe0832f291cdc244b57a3810 -ms.sourcegitcommit: 47bd0e48c7dba1dde49baff60bc1eddc91ab10c5 -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/05/2022 -ms.locfileid: '147526628' --- -## 创建分支 -可以在 {% data variables.product.product_name %} 上以不同的方式创建分支。 + +## Creating a branch +You can create a branch in different ways on {% data variables.product.product_name %}. {% note %} -注意:只能在具有推送访问权限的存储库中创建分支。 +**Note:** You can only create a branch in a repository to which you have push access. {% endnote %} {% ifversion create-branch-from-overview %} -### 通过分支概述创建分支 -{% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.navigate-to-branches %} -1. 单击“新建分支”。 - ![分支概述页的屏幕截图,其中突出显示了“新建分支”按钮](/assets/images/help/branches/new-branch-button.png) -2. 在对话框中,输入分支名称,并可选择性地更改分支源。 - 如果存储库是一个分支,还可以选择上游存储库作为分支源。 - ![分支的分支创建模式的屏幕截图,其中突出显示了“分支源”](/assets/images/help/branches/branch-creation-popup-branch-source.png) -3. 单击“创建分支”。 - ![分支创建模式的屏幕截图,其中突出显示了“创建分支”按钮](/assets/images/help/branches/branch-creation-popup-button.png) {% endif %} - -### 使用分支下拉列表创建分支 +### Creating a branch via the branches overview {% data reusables.repositories.navigate-to-repo %} -1. (可选)如果要从存储库的默认分支以外的分支创建新分支,请单击“{% octicon "git-branch" aria-label="The branch icon" %} 分支”,然后选择另一个分支。 - ![概述页面上的分支链接](/assets/images/help/branches/branches-overview-link.png) -1. 单击分支选择器菜单。 - ![分支选择器菜单](/assets/images/help/branch/branch-selection-dropdown.png) -1. 键入新分支的唯一名称,然后选择“创建分支”。 - ![分支创建文本框](/assets/images/help/branch/branch-creation-text-box.png) - -{% ifversion fpt or ghec or ghes > 3.4 %} -### 为问题创建分支 -可以创建一个分支以直接从问题页面处理问题,方便快捷。 有关详细信息,请参阅“[创建分支以处理问题](/issues/tracking-your-work-with-issues/creating-a-branch-for-an-issue)”。 +{% data reusables.repositories.navigate-to-branches %} +1. Click **New branch**. + ![Screenshot of branches overview page with new branch button emphasized](/assets/images/help/branches/new-branch-button.png) +2. In the dialog box, enter the branch name and optionally change the branch source. + If the repository is a fork, you also have the option to select the upstream repository as the branch source. + ![Screenshot of branch creation modal for a fork with branch source emphasized](/assets/images/help/branches/branch-creation-popup-branch-source.png) +3. Click **Create branch**. + ![Screenshot of branch creation modal with create branch button emphasized](/assets/images/help/branches/branch-creation-popup-button.png) {% endif %} -## 删除分支 +### Creating a branch using the branch dropdown +{% data reusables.repositories.navigate-to-repo %} +1. Optionally, if you want to create the new branch from a branch other than the default branch of the repository, click {% octicon "git-branch" aria-label="The branch icon" %} **Branches** then choose another branch. + ![Branches link on overview page](/assets/images/help/branches/branches-overview-link.png) +1. Click the branch selector menu. + ![branch selector menu](/assets/images/help/branch/branch-selection-dropdown.png) +1. Type a unique name for your new branch, then select **Create branch**. + ![branch creation text box](/assets/images/help/branch/branch-creation-text-box.png) + +{% ifversion fpt or ghec or ghes > 3.4 %} +### Creating a branch for an issue +You can create a branch to work on an issue directly from the issue page and get started right away. For more information, see "[Creating a branch to work on an issue](/issues/tracking-your-work-with-issues/creating-a-branch-for-an-issue)". +{% endif %} + +## Deleting a branch {% data reusables.pull_requests.automatically-delete-branches %} {% note %} -**注意:** 如果要删除的分支是存储库的默认分支,则在删除该分支之前必须选择新的默认分支。 有关详细信息,请参阅“[更改默认分支](/github/administering-a-repository/changing-the-default-branch)”。 +**Note:** If the branch you want to delete is the repository's default branch, you must choose a new default branch before deleting the branch. For more information, see "[Changing the default branch](/github/administering-a-repository/changing-the-default-branch)." {% endnote %} -如果要删除的分支与打开的拉取请求关联,则在删除该分支之前必须合并或关闭拉取请求。 有关详细信息,请参阅“[合并拉取请求](/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/merging-a-pull-request)”或“[关闭拉取请求](/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/closing-a-pull-request)”。 +If the branch you want to delete is associated with an open pull request, you must merge or close the pull request before deleting the branch. For more information, see "[Merging a pull request](/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/merging-a-pull-request)" or "[Closing a pull request](/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/closing-a-pull-request)." -{% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.navigate-to-branches %} -1. 滚动到要删除的分支,然后单击 {% octicon "trash" aria-label="The trash icon to delete the branch" %}。 - ![删除分支](/assets/images/help/branches/branches-delete.png){% ifversion fpt or ghes > 3.5 or ghae-issue-6763 or ghec %} -1. 如果尝试删除与至少一个打开的拉取请求关联的分支,必须确认要关闭拉取请求。 +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.navigate-to-branches %} +1. Scroll to the branch that you want to delete, then click {% octicon "trash" aria-label="The trash icon to delete the branch" %}. + ![delete the branch](/assets/images/help/branches/branches-delete.png) {% ifversion fpt or ghes > 3.5 or ghae > 3.5 or ghec %} +1. If you try to delete a branch that is associated with at least one open pull request, you must confirm that you intend to close the pull request(s). - ![确认删除分支](/assets/images/help/branches/confirm-deleting-branch.png){% endif %} + ![Confirm deleting a branch](/assets/images/help/branches/confirm-deleting-branch.png){% endif %} -{% data reusables.pull_requests.retargeted-on-branch-deletion %} 有关详细信息,请参阅“[关于分支](/github/collaborating-with-issues-and-pull-requests/about-branches#working-with-branches)”。 +{% data reusables.pull_requests.retargeted-on-branch-deletion %} +For more information, see "[About branches](/github/collaborating-with-issues-and-pull-requests/about-branches#working-with-branches)." -## 延伸阅读 +## Further reading -- [关于分支](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/about-branches) -- [查看存储库中的分支](/github/administering-a-repository/viewing-branches-in-your-repository) -- [删除和恢复拉取请求中的分支](/github/administering-a-repository/deleting-and-restoring-branches-in-a-pull-request) +- "[About branches](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/about-branches)" +- "[Viewing branches in your repository](/github/administering-a-repository/viewing-branches-in-your-repository)" +- "[Deleting and restoring branches in a pull request](/github/administering-a-repository/deleting-and-restoring-branches-in-a-pull-request)" diff --git a/translations/zh-CN/content/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/keeping-your-pull-request-in-sync-with-the-base-branch.md b/translations/zh-CN/content/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/keeping-your-pull-request-in-sync-with-the-base-branch.md index ef6021e594..b40883211d 100644 --- a/translations/zh-CN/content/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/keeping-your-pull-request-in-sync-with-the-base-branch.md +++ b/translations/zh-CN/content/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/keeping-your-pull-request-in-sync-with-the-base-branch.md @@ -1,6 +1,6 @@ --- -title: 使拉取请求与基础分支保持同步 -intro: 打开拉取请求后,可以使用基础分支中所做的任何更改更新头分支(其中包含你所做的更改)。 +title: Keeping your pull request in sync with the base branch +intro: 'After you open a pull request, you can update the head branch, which contains your changes, with any changes that have been made in the base branch.' permissions: People with write permissions to the repository to which the head branch of the pull request belongs can update the head branch with changes that have been made in the base branch. versions: fpt: '*' @@ -10,48 +10,47 @@ versions: topics: - Pull requests shortTitle: Update the head branch -ms.openlocfilehash: d7819b45cf3290c09e3b231825e494fd1d82daea -ms.sourcegitcommit: fcf3546b7cc208155fb8acdf68b81be28afc3d2d -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/10/2022 -ms.locfileid: '145130091' --- -## 关于使拉取请求保持同步 -在合并拉取请求之前,其他更改可能会合并到基础分支中,从而导致拉取请求的头分支不同步。使用来自基础分支的最新更改更新拉取请求有助于在合并之前发现问题。 +## About keeping your pull request in sync -可以从命令行或拉取请求页更新拉取请求的头分支。 当所有这些均为 true 时,将显示“更新分支”按钮: +Before merging your pull requests, other changes may get merged into the base branch causing your pull request's head branch to be out of sync. Updating your pull request with the latest changes from the base branch can help catch problems prior to merging. -* 拉取请求分支和基础分支之间没有合并冲突。 -* 拉取请求分支未与基础分支保持同步。 -* 基础分支在合并 {% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6069 %} 之前要求分支是最新的,或启用始终建议更新分支的设置{% endif %}。 +You can update a pull request's head branch from the command line or the pull request page. The **Update branch** button is displayed when all of these are true: -有关详细信息,请参阅“[合并之前需要检查状态](/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/about-protected-branches) {% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6069 %}”和“[管理更新拉取请求分支的建议](/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/managing-suggestions-to-update-pull-request-branches) {% endif %}”。 +* There are no merge conflicts between the pull request branch and the base branch. +* The pull request branch is not up to date with the base branch. +* The base branch requires branches to be up to date before merging{% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %} or the setting to always suggest updating branches is enabled{% endif %}. -如果对基础分支的更改导致拉取请求分支中的合并冲突,则在所有冲突都解决之前,你将无法更新分支。 有关详细信息,请参阅“[关于合并冲突](/pull-requests/collaborating-with-pull-requests/addressing-merge-conflicts/about-merge-conflicts)”。 +For more information, see "[Require status checks before merging](/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/about-protected-branches){% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %}" and "[Managing suggestions to update pull request branches](/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/managing-suggestions-to-update-pull-request-branches){% endif %}." -{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6069 %} 从拉取请求页面,可以使用传统合并或变基来更新拉取请求的分支。 传统的合并会导致合并提交,将基础分支合并到拉取请求的头分支。 变基将你的分支中的更改应用到最新版本的基础分支上。 结果是具有线性历史记录的分支,因为不会创建合并提交。 -{% else %} 从拉取请求页更新分支执行传统合并。 生成的合并提交将基础分支合并到拉取请求的头分支中。 +If there are changes to the base branch that cause merge conflicts in your pull request branch, you will not be able to update the branch until all conflicts are resolved. For more information, see "[About merge conflicts](/pull-requests/collaborating-with-pull-requests/addressing-merge-conflicts/about-merge-conflicts)." + +{% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %} +From the pull request page you can update your pull request's branch using a traditional merge or by rebasing. A traditional merge results in a merge commit that merges the base branch into the head branch of the pull request. Rebasing applies the changes from _your_ branch onto the latest version of the base branch. The result is a branch with a linear history, since no merge commit is created. +{% else %} +Updating your branch from the pull request page performs a traditional merge. The resulting merge commit merges the base branch into the head branch of the pull request. {% endif %} -## 更新拉取请求分支 +## Updating your pull request branch {% data reusables.repositories.sidebar-pr %} -1. 在“拉取请求”列表中,单击要更新的拉取请求。 +1. In the "Pull requests" list, click the pull request you'd like to update. -{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6069 %} -1. 在页面底部附近的合并部分中,可以: - - 单击“更新分支”执行传统合并。 - ![用于更新分支的按钮](/assets/images/help/pull_requests/pull-request-update-branch-with-dropdown.png) - - 单击“更新分支”下拉菜单,单击“使用变基更新”,然后单击“变基分支”以通过对基础分支变基来更新 。 - ![显示合并和变基选项的下拉菜单](/assets/images/help/pull_requests/pull-request-update-branch-rebase-option.png) {% else %} -1. 在页面底部附近的合并部分中,单击“更新分支”执行传统合并。 - ![用于更新分支的按钮](/assets/images/help/pull_requests/pull-request-update-branch.png) {% endif %} +{% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %} +1. In the merge section near the bottom of the page, you can: + - Click **Update branch** to perform a traditional merge. + ![Button to update branch](/assets/images/help/pull_requests/pull-request-update-branch-with-dropdown.png) + - Click the update branch drop down menu, click **Update with rebase**, and then click **Rebase branch** to update by rebasing on the base branch. + ![Drop-down menu showing merge and rebase options](/assets/images/help/pull_requests/pull-request-update-branch-rebase-option.png) +{% else %} +1. In the merge section near the bottom of the page, click **Update branch** to perform a traditional merge. + ![Button to update branch](/assets/images/help/pull_requests/pull-request-update-branch.png) +{% endif %} -## 延伸阅读 +## Further reading -- [关于拉取请求](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/about-pull-requests) -- [更改拉取请求的阶段](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/changing-the-stage-of-a-pull-request) -- [提交对从分支创建的拉取请求分支的更改](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/committing-changes-to-a-pull-request-branch-created-from-a-fork) +- "[About pull requests](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/about-pull-requests)" +- "[Changing the stage of a pull request](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/changing-the-stage-of-a-pull-request)" +- "[Committing changes to a pull request branch created from a fork](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/committing-changes-to-a-pull-request-branch-created-from-a-fork)" diff --git a/translations/zh-CN/content/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-dependency-changes-in-a-pull-request.md b/translations/zh-CN/content/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-dependency-changes-in-a-pull-request.md index 715fae6549..ed8a455560 100644 --- a/translations/zh-CN/content/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-dependency-changes-in-a-pull-request.md +++ b/translations/zh-CN/content/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-dependency-changes-in-a-pull-request.md @@ -1,6 +1,6 @@ --- -title: 审查拉取请求中的依赖项更改 -intro: 如果拉取请求包含对依赖项的更改,您可以查看已更改内容摘要以及任何依赖项中是否存在已知漏洞。 +title: Reviewing dependency changes in a pull request +intro: 'If a pull request contains changes to dependencies, you can view a summary of what has changed and whether there are known vulnerabilities in any of the dependencies.' product: '{% data reusables.gated-features.dependency-review %}' versions: fpt: '*' @@ -19,73 +19,72 @@ redirect_from: - /github/collaborating-with-issues-and-pull-requests/reviewing-dependency-changes-in-a-pull-request - /github/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-dependency-changes-in-a-pull-request shortTitle: Review dependency changes -ms.openlocfilehash: 3887db045b68f7adeca275db0449a12547453771 -ms.sourcegitcommit: 770ed406ec075528ec9c9695aa4bfdc8c8b25fd3 -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/12/2022 -ms.locfileid: '147888426' --- {% data reusables.dependency-review.beta %} -## 关于依赖项评审 +## About dependency review {% data reusables.dependency-review.feature-overview %} -{% ifversion ghec %}在私有存储库中使用依赖项审查之前,必须启用依赖项关系图。 有关详细信息,请参阅“[探索存储库的依赖项](/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository#enabling-and-disabling-the-dependency-graph-for-a-private-repository)”。{% endif %} +{% ifversion ghec %}Before you can use dependency review in a private repository, you must enable the dependency graph. For more information, see "[Exploring the dependencies of a repository](/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository#enabling-and-disabling-the-dependency-graph-for-a-private-repository)."{% endif %} -{% ifversion ghes %} 在使用依赖项审查之前,必须启用依赖项关系图并将 {% data variables.product.product_location %} 连接到 {% data variables.product.prodname_dotcom_the_website %}。 有关详细信息,请参阅“[为 {% data variables.product.prodname_ghe_server %} 上的易受攻击依赖项启用警报](/admin/configuration/managing-connections-between-github-enterprise-server-and-github-enterprise-cloud/enabling-alerts-for-vulnerable-dependencies-on-github-enterprise-server)”。{% endif %} +{% ifversion ghes %} Before you can use dependency review, you must enable the dependency graph and connect {% data variables.product.product_location %} to {% data variables.product.prodname_dotcom_the_website %}. For more information, see "[Enabling alerts for vulnerable dependencies on {% data variables.product.prodname_ghe_server %}](/admin/configuration/managing-connections-between-github-enterprise-server-and-github-enterprise-cloud/enabling-alerts-for-vulnerable-dependencies-on-github-enterprise-server)."{% endif %} -依赖关系审核允许您“左移”。 您可以使用所提供的预测信息在易受攻击的依赖项进入生产之前捕获它们。 有关详细信息,请参阅“[关于依赖项审查](/code-security/supply-chain-security/about-dependency-review)”。 +Dependency review allows you to "shift left". You can use the provided predictive information to catch vulnerable dependencies before they hit production. For more information, see "[About dependency review](/code-security/supply-chain-security/about-dependency-review)." -{% ifversion fpt or ghec or ghes > 3.5 or ghae-issue-6396 %} +{% ifversion fpt or ghec or ghes > 3.5 or ghae > 3.5 %} -可使用 {% data variables.product.prodname_dependency_review_action %} 来帮助对存储库中的拉取请求强制实施依赖项审查。 {% data reusables.dependency-review.dependency-review-action-overview %} +You can use the {% data variables.product.prodname_dependency_review_action %} to help enforce dependency reviews on pull requests in your repository. {% data reusables.dependency-review.dependency-review-action-overview %} -{% ifversion dependency-review-action-configuration %} 可通过指定要捕获的依赖项漏洞类型,配置 {% data variables.product.prodname_dependency_review_action %} 来更好地满足需求。 有关详细信息,请参阅“[配置依赖项审查](/code-security/supply-chain-security/understanding-your-software-supply-chain/configuring-dependency-review#configuring-the-dependency-review-github-action)”。 {% endif %} +{% ifversion dependency-review-action-configuration %} +You can configure the {% data variables.product.prodname_dependency_review_action %} to better suit your needs by specifying the type of dependency vulnerability you wish to catch. For more information, see "[Configuring dependency review](/code-security/supply-chain-security/understanding-your-software-supply-chain/configuring-dependency-review#configuring-the-dependency-review-github-action)." +{% endif %} {% endif %} -## 审查拉取请求中的依赖项 +## Reviewing dependencies in a pull request -{% data reusables.repositories.sidebar-pr %} {% data reusables.repositories.choose-pr-review %} {% data reusables.repositories.changed-files %} +{% data reusables.repositories.sidebar-pr %} +{% data reusables.repositories.choose-pr-review %} +{% data reusables.repositories.changed-files %} -1. 如果拉取请求包含许多文件,请使用“文件筛选器”下拉菜单折叠所有不记录依赖项的文件。 这将有助于您将审查的重点放在依赖项更改上。 +1. If the pull request contains many files, use the **File filter** drop-down menu to collapse all files that don't record dependencies. This will make it easier to focus your review on the dependency changes. - ![文件筛选器菜单](/assets/images/help/pull_requests/file-filter-menu-json.png) 依赖项审查提供关于大型锁定文件中已更改内容的更清晰视图,源差异在默认情况下不会呈现。 + ![The file filter menu](/assets/images/help/pull_requests/file-filter-menu-json.png) + The dependency review provides a clearer view of what has changed in large lock files, where the source diff is not rendered by default. {% note %} - 注意:依赖项审查多差异不适用于已提交的静态 JavaScript 文件,如 `jquery.js`。 + **Note:** Dependency review rich diffs are not available for committed static JavaScript files like `jquery.js`. {% endnote %} -1. 在清单或锁定文件标头的右侧,单击 {% octicon "file" aria-label="The rich diff icon" %} 多差异按钮以显示依赖项审查。 +1. On the right of the header for a manifest or lock file, display the dependency review by clicking the **{% octicon "file" aria-label="The rich diff icon" %}** rich diff button. - ![多差异按钮](/assets/images/help/pull_requests/dependency-review-rich-diff.png) + ![The rich diff button](/assets/images/help/pull_requests/dependency-review-rich-diff.png) -2. 检查依赖项审查中列出的依赖项。 +2. Check the dependencies listed in the dependency review. - ![依赖项审查中的漏洞警告](/assets/images/help/pull_requests/dependency-review-vulnerability.png) + ![Vulnerability warnings in a dependency review](/assets/images/help/pull_requests/dependency-review-vulnerability.png) - 任何已添加或更改的有漏洞依赖项先按严重程度排序,然后按依赖项名称排序。 这意味着严重程度最高的依赖项始终处于依赖项审查的顶部。 其他依赖项按其名称的字母顺序排列。 + Any added or changed dependencies that have vulnerabilities are listed first, ordered by severity and then by dependency name. This means that the highest severity dependencies are always at the top of a dependency review. Other dependencies are listed alphabetically by dependency name. - 每个依赖项旁边的图标指示该依赖项在此拉取请求中是否已添加 ({% octicon "diff-added" aria-label="Dependency added icon" %})、更新 ({% octicon "diff-modified" aria-label="Dependency modified icon" %}) 或删除 ({% octicon "diff-removed" aria-label="Dependency removed icon" %})。 + The icon beside each dependency indicates whether the dependency has been added ({% octicon "diff-added" aria-label="Dependency added icon" %}), updated ({% octicon "diff-modified" aria-label="Dependency modified icon" %}), or removed ({% octicon "diff-removed" aria-label="Dependency removed icon" %}) in this pull request. - 其他信息包括: + Other information includes: - * 新、更新或删除的依赖项的版本或版本范围。 - * 对于依赖项的特定版本: - * 依赖项的发布时间。 - * 依赖此软件的项目数量。 此信息取自依赖关系图。 检查依赖项的数量可以帮助您避免意外添加错误的依赖项。 - * 此依赖项使用的许可(如果此信息可用)。 如果要避免在项目中使用具有某些许可的代码,此选项非常有用。 + * The version, or version range, of the new, updated, or deleted dependency. + * For a specific version of a dependency: + * The age of that release of the dependency. + * The number of projects that are dependent on this software. This information is taken from the dependency graph. Checking the number of dependents can help you avoid accidentally adding the wrong dependency. + * The license used by this dependency, if this information is available. This is useful if you want to avoid code with certain licenses being used in your project. - 如果依赖项具有已知漏洞,则警告消息包括: + Where a dependency has a known vulnerability, the warning message includes: - * 漏洞的简要说明。 - * 通用漏洞披露 (CVE) 或 {% data variables.product.prodname_security_advisories %} (GHSA) 标识号。 您可以单击此 ID 以查找有关漏洞的更多信息。 - * 漏洞的严重程度。 - * 修复漏洞的依赖项版本。 审查某人的拉取请求时,您可以要求参与者将依赖项更新到修补版本或更新版本。 + * A brief description of the vulnerability. + * A Common Vulnerabilities and Exposures (CVE) or {% data variables.product.prodname_security_advisories %} (GHSA) identification number. You can click this ID to find out more about the vulnerability. + * The severity of the vulnerability. + * The version of the dependency in which the vulnerability was fixed. If you are reviewing a pull request for someone, you might ask the contributor to update the dependency to the patched version, or a later release. {% data reusables.repositories.return-to-source-diff %} diff --git a/translations/zh-CN/content/repositories/archiving-a-github-repository/archiving-repositories.md b/translations/zh-CN/content/repositories/archiving-a-github-repository/archiving-repositories.md index 0ba7978f1f..b866e36b70 100644 --- a/translations/zh-CN/content/repositories/archiving-a-github-repository/archiving-repositories.md +++ b/translations/zh-CN/content/repositories/archiving-a-github-repository/archiving-repositories.md @@ -1,6 +1,6 @@ --- -title: 存档仓库 -intro: 您可以存档仓库,将其设为对所有用户只读,并且指出不再主动维护它。 您也可以取消存档已经存档的仓库。 +title: Archiving repositories +intro: You can archive a repository to make it read-only for all users and indicate that it's no longer actively maintained. You can also unarchive repositories that have been archived. redirect_from: - /articles/archiving-repositories - /github/creating-cloning-and-archiving-repositories/archiving-repositories @@ -15,43 +15,43 @@ versions: ghec: '*' topics: - Repositories -ms.openlocfilehash: a9d5b33b94e6067bb4decfa8f47da8aa25860da4 -ms.sourcegitcommit: fcf3546b7cc208155fb8acdf68b81be28afc3d2d -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/11/2022 -ms.locfileid: '145129429' --- -## 关于存储库存档 -{% ifversion fpt or ghec %} {% note %} +## About repository archival -注意:如果原本有各存储库计费计划,仍然需要对存档的存储库付费。 如果不想对存档的仓库付费,则必须升级到新产品。 有关详细信息,请参阅“[{% data variables.product.prodname_dotcom %} 的产品](/articles/github-s-products)”。 +{% ifversion fpt or ghec %} +{% note %} -{% endnote %} {% endif %} +**Note:** If you have a legacy per-repository billing plan, you will still be charged for your archived repository. If you don't want to be charged for an archived repository, you must upgrade to a new product. For more information, see "[{% data variables.product.prodname_dotcom %}'s products](/articles/github-s-products)." -{% ifversion ghec or ghes > 3.4 or ghae-issue-6329 %} {% note %} +{% endnote %} +{% endif %} -注意:使用 {% data variables.product.prodname_GH_advanced_security %} 的客户可以在存档的存储库上启用 {% data variables.product.prodname_secret_scanning %}。 有关详细信息,请参阅“[关于 {% data variables.product.prodname_secret_scanning %}](/code-security/secret-scanning/about-secret-scanning#about-secret-scanning-for-private-repositories)”。 +{% ifversion ghec or ghes > 3.4 or ghae > 3.4 %} +{% note %} -{% endnote %} {% endif %} +**Note:** Customers who use {% data variables.product.prodname_GH_advanced_security %} can enable {% data variables.product.prodname_secret_scanning %} on archived repositories. For more information, see "[About {% data variables.product.prodname_secret_scanning %}](/code-security/secret-scanning/about-secret-scanning#about-secret-scanning-for-private-repositories)." + +{% endnote %} +{% endif %} {% data reusables.repositories.archiving-repositories-recommendation %} -在仓库存档后,便无法添加或删除协作者或团队。 具有仓库访问权限的贡献者只能对项目复刻或标星。 +Once a repository is archived, you cannot add or remove collaborators or teams. Contributors with access to the repository can only fork or star your project. -当仓库存档后,其议题、拉取请求、代码、标签、里程碑、项目、wiki、版本、提交、标记、分支、反应、代码扫描警报、评论和权限都会变成只读。 要更改存档的仓库,必须先对仓库取消存档。 +When a repository is archived, its issues, pull requests, code, labels, milestones, projects, wiki, releases, commits, tags, branches, reactions, code scanning alerts, comments and permissions become read-only. To make changes in an archived repository, you must unarchive the repository first. -您可以搜索已存档的仓库。 有关详细信息,请参阅“[搜索存储库](/search-github/searching-on-github/searching-for-repositories/#search-based-on-whether-a-repository-is-archived)”。 更多信息请参阅“搜索仓库”。 有关详细信息,请参阅“[搜索问题和拉取请求](/search-github/searching-on-github/searching-issues-and-pull-requests/#search-based-on-whether-a-repository-is-archived)”。 +You can search for archived repositories. For more information, see "[Searching for repositories](/search-github/searching-on-github/searching-for-repositories/#search-based-on-whether-a-repository-is-archived)." You can also search for issues and pull requests within archived repositories. For more information, see "[Searching issues and pull requests](/search-github/searching-on-github/searching-issues-and-pull-requests/#search-based-on-whether-a-repository-is-archived)." -## 存档仓库 +## Archiving a repository {% data reusables.repositories.archiving-repositories-recommendation %} -{% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-settings %} -3. 在“危险区域”下,单击“存档此存储库”或“取消存档此存储库” 。 - ![“存档此存储库”按钮](/assets/images/help/repository/archive-repository.png) -4. 阅读警告。 -5. 输入要存档或取消存档的仓库的名称。 - ![存档存储库警告](/assets/images/help/repository/archive-repository-warnings.png) -6. 单击“我了解后果,存档此存储库”。 +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.sidebar-settings %} +3. Under "Danger Zone", click **Archive this repository** or **Unarchive this repository**. + ![Archive this repository button](/assets/images/help/repository/archive-repository.png) +4. Read the warnings. +5. Type the name of the repository you want to archive or unarchive. + ![Archive repository warnings](/assets/images/help/repository/archive-repository-warnings.png) +6. Click **I understand the consequences, archive this repository**. diff --git a/translations/zh-CN/content/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/configuring-commit-merging-for-pull-requests.md b/translations/zh-CN/content/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/configuring-commit-merging-for-pull-requests.md index 22f277d9bd..506a34d3b1 100644 --- a/translations/zh-CN/content/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/configuring-commit-merging-for-pull-requests.md +++ b/translations/zh-CN/content/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/configuring-commit-merging-for-pull-requests.md @@ -1,6 +1,6 @@ --- -title: 为拉取请求配置提交合并 -intro: '对于存储库中 {% data variables.product.product_location %} 上的所有拉取请求合并,你可以使用合并提交来实施、允许或禁用合并。' +title: Configuring commit merging for pull requests +intro: 'You can enforce, allow, or disable merging with a merge commit for all pull request merges on {% data variables.product.product_location %} in your repository.' versions: fpt: '*' ghes: '*' @@ -9,23 +9,24 @@ versions: topics: - Repositories shortTitle: Configure commit merging -ms.openlocfilehash: 322f74168935175a75f3a8f19cc4faca2cde174b -ms.sourcegitcommit: 47bd0e48c7dba1dde49baff60bc1eddc91ab10c5 -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/05/2022 -ms.locfileid: '147580726' --- {% data reusables.pull_requests.configure_pull_request_merges_intro %} -{% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-settings %} -1. 在{% ifversion fpt or ghec or ghes > 3.5 or ghae-issue-6069 %}“拉取请求”{% else %}“合并按钮”{% endif %}下,选择“允许合并提交”。 这允许参与者将拉取请求与提交的完整历史记录合并。{% ifversion default-merge-squash-commit-message %}![“拉取请求”设置的屏幕截图,其中突出显示了“允许合并提交”复选框](/assets/images/help/repository/allow-merge-commits.png){% endif %}{% ifversion ghes = 3.6 %}![“拉取请求”设置的屏幕截图,其中突出显示了“允许合并提交”复选框](/assets/images/help/repository/allow-merge-commits-no-dropdown.png){% endif %} {% ifversion ghes < 3.6 %} ![allow_standard_merge_commits](/assets/images/help/repository/pr-merge-full-commits.png){% endif %} {% ifversion default-merge-squash-commit-message %} -1. (可选)在“允许合并提交”下,使用下拉列表选择合并时向参与者显示的提交消息的格式。 默认消息包括拉取请求编号和标题。 例如,`Merge pull request #123 from patch-1`。 还可以选择仅使用拉取请求标题或拉取请求标题和说明。 -![突出显示默认提交消息下拉列表的屏幕截图](/assets/images/help/repository/default-commit-message-dropdown.png) {% endif %} +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.sidebar-settings %} +1. Under {% ifversion fpt or ghec or ghes > 3.5 or ghae > 3.4 %}"Pull Requests"{% else %}"Merge button"{% endif %}, select **Allow merge commits**. This allows contributors to merge a pull request with a full history of commits.{% ifversion default-merge-squash-commit-message %} + ![Screenshot of Pull Request settings with allow merge commits checkbox emphasized](/assets/images/help/repository/allow-merge-commits.png){% endif %}{% ifversion ghes = 3.6 %} + ![Screenshot of Pull Request settings with allow merge commits checkbox emphasized](/assets/images/help/repository/allow-merge-commits-no-dropdown.png){% endif %} +{% ifversion ghes < 3.6 %} + ![allow_standard_merge_commits](/assets/images/help/repository/pr-merge-full-commits.png){% endif %} +{% ifversion default-merge-squash-commit-message %} +1. Optionally, under **Allow merge commits**, use the dropdown to choose the format of the commit message presented to contributors when merging. The default message includes the pull request number and title. For example, `Merge pull request #123 from patch-1`. You can also choose to use just the pull request title, or the pull request title and description. +![Screenshot of emphasized default commit message dropdown](/assets/images/help/repository/default-commit-message-dropdown.png) +{% endif %} -如果选择多个合并方法,协作者可以选择合并拉取请求时要使用的合并提交类型。 {% data reusables.repositories.squash-and-rebase-linear-commit-history %} +If you select more than one merge method, collaborators can choose which type of merge commit to use when they merge a pull request. {% data reusables.repositories.squash-and-rebase-linear-commit-history %} -## 延伸阅读 +## Further reading -- [关于拉取请求合并](/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/about-pull-request-merges) -- [合并拉取请求](/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/merging-a-pull-request) +- "[About pull request merges](/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/about-pull-request-merges)" +- "[Merging a pull request](/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/merging-a-pull-request)" diff --git a/translations/zh-CN/content/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/configuring-commit-rebasing-for-pull-requests.md b/translations/zh-CN/content/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/configuring-commit-rebasing-for-pull-requests.md index 8f1d716103..714645fa9e 100644 --- a/translations/zh-CN/content/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/configuring-commit-rebasing-for-pull-requests.md +++ b/translations/zh-CN/content/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/configuring-commit-rebasing-for-pull-requests.md @@ -1,6 +1,6 @@ --- -title: 为拉取请求配置提交变基 -intro: '对于仓库中 {% data variables.product.product_location %} 上的所有拉取请求合并,您可以实施、允许或禁用提交变基。' +title: Configuring commit rebasing for pull requests +intro: 'You can enforce, allow, or disable commit rebasing for all pull request merges on {% data variables.product.product_location %} in your repository.' redirect_from: - /articles/configuring-commit-rebasing-for-pull-requests - /github/administering-a-repository/configuring-commit-rebasing-for-pull-requests @@ -13,17 +13,16 @@ versions: topics: - Repositories shortTitle: Configure commit rebasing -ms.openlocfilehash: e2614349b5baab9be33d1fe6d80a99a78811d8df -ms.sourcegitcommit: 47bd0e48c7dba1dde49baff60bc1eddc91ab10c5 -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/05/2022 -ms.locfileid: '147580525' --- {% data reusables.pull_requests.configure_pull_request_merges_intro %} -{% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-settings %} -3. 在{% ifversion fpt or ghec or ghes > 3.5 or ghae-issue-6069 %}“拉取请求”{% else %}“合并按钮”{% endif %}下,选择“允许变基合并”。 这将允许贡献者通过将其个人提交变基到基本分支来合并拉取请求。 -{% ifversion default-merge-squash-commit-message %}![“拉取请求”设置的屏幕截图,其中突出显示了“允许变基合并”复选框](/assets/images/help/repository/allow-rebase-merging.png){% endif %}{% ifversion ghes = 3.6 %}![“拉取请求”设置的屏幕截图,其中突出显示了“允许变基合并”复选框](/assets/images/help/repository/allow-rebase-merging-no-dropdown.png){% endif %} {% ifversion ghes < 3.6 %} ![拉取请求变基提交](/assets/images/help/repository/pr-merge-rebase.png){% endif %} +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.sidebar-settings %} +3. Under {% ifversion fpt or ghec or ghes > 3.5 or ghae > 3.4 %}"Pull Requests"{% else %}"Merge button"{% endif %}, select **Allow rebase merging**. This allows contributors to merge a pull request by rebasing their individual commits onto the base branch. +{% ifversion default-merge-squash-commit-message %} + ![Screenshot of Pull Request settings with allow rebase merging checkbox emphasized](/assets/images/help/repository/allow-rebase-merging.png){% endif %}{% ifversion ghes = 3.6 %} + ![Screenshot of Pull Request settings with allow rebase merging checkbox emphasized](/assets/images/help/repository/allow-rebase-merging-no-dropdown.png){% endif %} + {% ifversion ghes < 3.6 %} + ![Pull request rebased commits](/assets/images/help/repository/pr-merge-rebase.png){% endif %} -如果您还选择了另一种合并方法,则贡献者在合并拉取请求时能够选择合并提交的类型。 {% data reusables.repositories.squash-and-rebase-linear-commit-history %} +If you also select another merge method, collaborators will be able to choose the type of merge commit when merging a pull request. {% data reusables.repositories.squash-and-rebase-linear-commit-history %} diff --git a/translations/zh-CN/content/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/configuring-commit-squashing-for-pull-requests.md b/translations/zh-CN/content/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/configuring-commit-squashing-for-pull-requests.md index 4accb793fd..0473b10065 100644 --- a/translations/zh-CN/content/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/configuring-commit-squashing-for-pull-requests.md +++ b/translations/zh-CN/content/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/configuring-commit-squashing-for-pull-requests.md @@ -1,6 +1,6 @@ --- -title: 为拉取请求配置提交压缩 -intro: '对于仓库中 {% data variables.product.product_location %} 上的所有拉取请求合并,您可以实施、允许或禁用提交压缩。' +title: Configuring commit squashing for pull requests +intro: 'You can enforce, allow, or disable commit squashing for all pull request merges on {% data variables.product.product_location %} in your repository.' redirect_from: - /articles/configuring-commit-squashing-for-pull-requests - /github/administering-a-repository/configuring-commit-squashing-for-pull-requests @@ -13,25 +13,26 @@ versions: topics: - Repositories shortTitle: Configure commit squashing -ms.openlocfilehash: 8d53a558163b6a847fa4fb509399b1e7b7c6c05c -ms.sourcegitcommit: 47bd0e48c7dba1dde49baff60bc1eddc91ab10c5 -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/05/2022 -ms.locfileid: '147580709' --- {% data reusables.pull_requests.configure_pull_request_merges_intro %} {% data reusables.pull_requests.default-commit-message-squash-merge %} -{% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-settings %} -1. 在{% ifversion fpt or ghec or ghes > 3.5 or ghae-issue-6069 %}“拉取请求”{% else %}“合并按钮”{% endif %}下,选择“允许压缩合并”。 这将允许贡献者通过将所有提交压缩到单个提交中来合并拉取请求。 合并时向参与者显示的默认提交消息是提交标题和消息(如果拉取请求仅包含 1 个提交),或拉取请求标题和提交列表(如果拉取请求包含 2 个或更多提交)。 {% ifversion ghes = 3.6 %} 若要始终使用拉取请求的标题,而不考虑拉取请求中的提交数,请选择“默认为压缩合并提交的拉取请求标题”。{% endif %}{% ifversion default-merge-squash-commit-message %} ![拉取请求压缩的提交](/assets/images/help/repository/allow-squash-merging.png){% endif %}{% ifversion ghes = 3.6 %} ![拉取请求设置的屏幕截图,其中突出显示了“允许合并提交”复选框](/assets/images/help/repository/allow-squash-merging-no-dropdown.png){% endif %} {% ifversion ghes < 3.6 %} ![拉取请求压缩的提交](/assets/images/enterprise/3.5/repository/pr-merge-squash.png){% endif %} {% ifversion default-merge-squash-commit-message %} -1. (可选)在“允许压缩合并”下,使用下拉列表选择合并时向参与者显示的默认压缩提交消息的格式。 默认消息使用提交标题和消息(如果拉取请求仅包含 1 个提交),或拉取请求标题和提交列表(如果拉取请求包含 2 个或更多提交)。 还可以选择仅使用拉取请求标题、拉取请求标题和提交详细信息,或拉取请求标题和说明。 -![突出显示默认压缩消息下拉列表的屏幕截图](/assets/images/help/repository/default-squash-message-dropdown.png) {% endif %} +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.sidebar-settings %} +1. Under {% ifversion fpt or ghec or ghes > 3.5 or ghae > 3.4 %}"Pull Requests"{% else %}"Merge button"{% endif %}, select **Allow squash merging**. This allows contributors to merge a pull request by squashing all commits into a single commit. The default commit message presented to contributors when merging is the commit title and message if the pull request contains only 1 commit, or the pull request title and list of commits if the pull request contains 2 or more commits. {% ifversion ghes = 3.6 %} To always use the title of the pull request regardless of the number of commits in the pull request select **Default to PR title for squash merge commits**.{% endif %}{% ifversion default-merge-squash-commit-message %} + ![Pull request squashed commits](/assets/images/help/repository/allow-squash-merging.png){% endif %}{% ifversion ghes = 3.6 %} + ![Screenshot of Pull Request settings with allow merge commits checkbox emphasized](/assets/images/help/repository/allow-squash-merging-no-dropdown.png){% endif %} +{% ifversion ghes < 3.6 %} + ![Pull request squashed commits](/assets/images/enterprise/3.5/repository/pr-merge-squash.png){% endif %} +{% ifversion default-merge-squash-commit-message %} +1. Optionally, under **Allow squash merging**, use the dropdown to choose the format of the default squash commit message presented to contributors when merging. The default message uses the commit title and message if the pull request contains only 1 commit, or the pull request title and list of commits if the pull request contains 2 or more commits. You can also choose to use just the pull request title, the pull request title and commit details, or the pull request title and description. +![Screenshot of emphasized default squash message dropdown](/assets/images/help/repository/default-squash-message-dropdown.png) +{% endif %} -如果选择多个合并方法,协作者可以选择合并拉取请求时要使用的合并提交类型。 {% data reusables.repositories.squash-and-rebase-linear-commit-history %} +If you select more than one merge method, collaborators can choose which type of merge commit to use when they merge a pull request. {% data reusables.repositories.squash-and-rebase-linear-commit-history %} -## 延伸阅读 +## Further reading -- [关于拉取请求合并](/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/about-pull-request-merges) -- [合并拉取请求](/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/merging-a-pull-request) +- "[About pull request merges](/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/about-pull-request-merges)" +- "[Merging a pull request](/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/merging-a-pull-request)" diff --git a/translations/zh-CN/content/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/managing-auto-merge-for-pull-requests-in-your-repository.md b/translations/zh-CN/content/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/managing-auto-merge-for-pull-requests-in-your-repository.md index db04a2e0fd..73f543e7e9 100644 --- a/translations/zh-CN/content/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/managing-auto-merge-for-pull-requests-in-your-repository.md +++ b/translations/zh-CN/content/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/managing-auto-merge-for-pull-requests-in-your-repository.md @@ -1,6 +1,6 @@ --- -title: 管理仓库中拉取请求的自动合并 -intro: 您可以允许或禁止仓库中拉取请求的自动合并。 +title: Managing auto-merge for pull requests in your repository +intro: You can allow or disallow auto-merge for pull requests in your repository. product: '{% data reusables.gated-features.auto-merge %}' versions: fpt: '*' @@ -14,21 +14,16 @@ redirect_from: - /github/administering-a-repository/managing-auto-merge-for-pull-requests-in-your-repository - /github/administering-a-repository/configuring-pull-request-merges/managing-auto-merge-for-pull-requests-in-your-repository shortTitle: Manage auto merge -ms.openlocfilehash: 4d0f0d465ea3c8551dc909d56620a06ee9864c1c -ms.sourcegitcommit: fcf3546b7cc208155fb8acdf68b81be28afc3d2d -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/11/2022 -ms.locfileid: '147883439' --- -## 关于自动合并 +## About auto-merge -如果您允许自动合并仓库中的拉取请求,则具有写入权限的用户可以配置仓库中的单个拉取请求在满足所有合并要求时自动合并。 如果没有写入权限的人员将更改推送到已启用自动合并的拉取请求,将对该拉取请求禁用自动合并。 有关详细信息,请参阅“[自动合并拉取请求](/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/automatically-merging-a-pull-request)”。 +If you allow auto-merge for pull requests in your repository, people with write permissions can configure individual pull requests in the repository to merge automatically when all merge requirements are met. If someone who does not have write permissions pushes changes to a pull request that has auto-merge enabled, auto-merge will be disabled for that pull request. For more information, see "[Automatically merging a pull request](/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/automatically-merging-a-pull-request)." -## 管理自动合并 +## Managing auto-merge {% data reusables.pull_requests.auto-merge-requires-branch-protection %} -{% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-settings %} -1. 在{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6069 %}“拉取请求”{% else %}“合并按钮”{% endif %}下,选择或取消选择“允许自动合并”。 - ![允许或禁止自动合并的复选框](/assets/images/help/pull_requests/allow-auto-merge-checkbox.png) +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.sidebar-settings %} +1. Under {% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %}"Pull Requests"{% else %}"Merge button"{% endif %}, select or deselect **Allow auto-merge**. + ![Checkbox to allow or disallow auto-merge](/assets/images/help/pull_requests/allow-auto-merge-checkbox.png) diff --git a/translations/zh-CN/content/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/managing-suggestions-to-update-pull-request-branches.md b/translations/zh-CN/content/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/managing-suggestions-to-update-pull-request-branches.md index a42416e495..a062a40948 100644 --- a/translations/zh-CN/content/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/managing-suggestions-to-update-pull-request-branches.md +++ b/translations/zh-CN/content/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/managing-suggestions-to-update-pull-request-branches.md @@ -1,30 +1,26 @@ --- -title: 管理更新拉取请求分支的建议 -intro: 用户可以在拉取请求分支未随基本分支保持最新时始终更新该分支。 +title: Managing suggestions to update pull request branches +intro: You can give users the ability to always update a pull request branch when it is not up to date with the base branch. versions: fpt: '*' ghes: '> 3.4' - ghae: issue-6069 + ghae: '>= 3.5' ghec: '*' topics: - Repositories shortTitle: Manage branch updates permissions: People with maintainer permissions can enable or disable the setting to suggest updating pull request branches. -ms.openlocfilehash: a29e2e9d11b24287cdad71b71f617a58e64df297 -ms.sourcegitcommit: 47bd0e48c7dba1dde49baff60bc1eddc91ab10c5 -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/05/2022 -ms.locfileid: '147578608' --- -## 关于更新拉取请求分支的建议 -如果启用此设置以始终建议更新存储库中的拉取请求分支,则当拉取请求的头分支与基本分支不同步时,具有写入权限的用户将始终能够在拉取请求页面上更新拉取请求的头分支。 如果未启用,则仅当基本分支要求分支在合并之前保持最新且分支不是最新的时,更新功能才可用。 有关详细信息,请参阅“[使拉取请求与基本分支保持同步](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/keeping-your-pull-request-in-sync-with-the-base-branch)”。 +## About suggestions to update a pull request branch + +If you enable the setting to always suggest updating pull request branches in your repository, people with write permissions will always have the ability, on the pull request page, to update a pull request's head branch when it's not up to date with the base branch. When not enabled, the ability to update is only available when the base branch requires branches to be up to date before merging and the branch is not up to date. For more information, see "[Keeping your pull request in sync with the base branch](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/keeping-your-pull-request-in-sync-with-the-base-branch)." {% data reusables.enterprise.3-5-missing-feature %} -## 管理更新拉取请求分支的建议 +## Managing suggestions to update a pull request branch -{% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-settings %} -3. 在“拉取请求”下,选择或取消选择“始终建议更新请求分支”。 - ![用于启用或禁用“始终建议更新分支”的复选框](/assets/images/help/repository/always-suggest-updating-branches.png) +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.sidebar-settings %} +3. Under "Pull Requests", select or unselect **Always suggest updating pull request branches**. + ![Checkbox to enable or disable always suggest updating branch](/assets/images/help/repository/always-suggest-updating-branches.png) diff --git a/translations/zh-CN/content/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/managing-the-automatic-deletion-of-branches.md b/translations/zh-CN/content/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/managing-the-automatic-deletion-of-branches.md index 544089c0bd..75a9ffa039 100644 --- a/translations/zh-CN/content/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/managing-the-automatic-deletion-of-branches.md +++ b/translations/zh-CN/content/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/managing-the-automatic-deletion-of-branches.md @@ -1,6 +1,6 @@ --- -title: 管理分支的自动删除 -intro: 您可让头部分支在仓库中的拉取请求合并后自动删除。 +title: Managing the automatic deletion of branches +intro: You can have head branches automatically deleted after pull requests are merged in your repository. redirect_from: - /articles/managing-the-automatic-deletion-of-branches - /github/administering-a-repository/managing-the-automatic-deletion-of-branches @@ -13,19 +13,14 @@ versions: topics: - Repositories shortTitle: Automatic branch deletion -ms.openlocfilehash: feaeb7c2178beab4dc23a310df6924c6e1c52e0f -ms.sourcegitcommit: fb047f9450b41b24afc43d9512a5db2a2b750a2a -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/11/2022 -ms.locfileid: '147882455' --- -对仓库具有管理员权限的任何人都可启用或禁用分支的自动删除。 +Anyone with admin permissions to a repository can enable or disable the automatic deletion of branches. -{% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-settings %} -3. 在 {% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6069 %}“拉取请求”{% else %}“合并按钮”{% endif %}下,选择或取消选择“自动删除主分支”。 - ![启用或禁用自动删除分支的复选框](/assets/images/help/repository/automatically-delete-branches.png) +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.sidebar-settings %} +3. Under {% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %}"Pull Requests"{% else %}"Merge button"{% endif %}, select or unselect **Automatically delete head branches**. + ![Checkbox to enable or disable automatic deletion of branches](/assets/images/help/repository/automatically-delete-branches.png) -## 延伸阅读 -- [合并拉取请求](/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/merging-a-pull-request) -- [在存储库中创建和删除分支](/articles/creating-and-deleting-branches-within-your-repository) +## Further reading +- "[Merging a pull request](/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/merging-a-pull-request)" +- "[Creating and deleting branches within your repository](/articles/creating-and-deleting-branches-within-your-repository)" diff --git a/translations/zh-CN/content/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/about-protected-branches.md b/translations/zh-CN/content/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/about-protected-branches.md index c588d47c38..6e4dea54e6 100644 --- a/translations/zh-CN/content/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/about-protected-branches.md +++ b/translations/zh-CN/content/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/about-protected-branches.md @@ -1,6 +1,6 @@ --- -title: 关于受保护分支 -intro: 您可以通过设置分支保护规则来保护重要分支,这些规则定义协作者是否可以删除或强制推送到分支以及设置任何分支推送要求,例如通过状态检查或线性提交历史记录。 +title: About protected branches +intro: 'You can protect important branches by setting branch protection rules, which define whether collaborators can delete or force push to the branch and set requirements for any pushes to the branch, such as passing status checks or a linear commit history.' product: '{% data reusables.gated-features.protected-branches %}' redirect_from: - /articles/about-protected-branches @@ -24,166 +24,177 @@ versions: ghec: '*' topics: - Repositories -ms.openlocfilehash: 14a0875de13a453824dd692c2eea02c1ff585883 -ms.sourcegitcommit: 47bd0e48c7dba1dde49baff60bc1eddc91ab10c5 -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/05/2022 -ms.locfileid: '147614333' --- -## 关于分支保护规则 +## About branch protection rules -您可以通过创建分支保护规则,实施某些工作流程或要求,以规定协作者如何向您仓库中的分支推送更改,包括将拉取请求合并到分支。 +You can enforce certain workflows or requirements before a collaborator can push changes to a branch in your repository, including merging a pull request into the branch, by creating a branch protection rule. -默认情况下,每个分支保护规则都禁止强制推送到匹配的分支并阻止删除匹配的分支。 您可以选择禁用这些限制并启用其他分支保护设置。 +By default, each branch protection rule disables force pushes to the matching branches and prevents the matching branches from being deleted. You can optionally disable these restrictions and enable additional branch protection settings. -{% ifversion bypass-branch-protections %} 默认情况下,分支保护规则的限制不适用于对存储库具有管理员权限的人员或具有“绕过分支保护”权限的自定义角色。 也可以选择将限制应用于具有“绕过分支保护”权限的管理员和角色。 有关详细信息,请参阅“[管理组织的自定义存储库角色](/en/enterprise-cloud@latest/organizations/managing-peoples-access-to-your-organization-with-roles/managing-custom-repository-roles-for-an-organization)”。 -{% else %} 默认情况下,分支保护规则的限制不适用于对仓库具有管理员权限的人。 还可以选择包括管理员。{% endif %} +{% ifversion bypass-branch-protections %} +By default, the restrictions of a branch protection rule don't apply to people with admin permissions to the repository or custom roles with the "bypass branch protections" permission. You can optionally apply the restrictions to administrators and roles with the "bypass branch protections" permission, too. For more information, see "[Managing custom repository roles for an organization](/en/enterprise-cloud@latest/organizations/managing-peoples-access-to-your-organization-with-roles/managing-custom-repository-roles-for-an-organization)". +{% else %} +By default, the restrictions of a branch protection rule don't apply to people with admin permissions to the repository. You can optionally choose to include administrators, too.{% endif %} -{% data reusables.repositories.branch-rules-example %} 有关分支名称模式的详细信息,请参阅“[管理分支保护规则](/github/administering-a-repository/managing-a-branch-protection-rule)”。 +{% data reusables.repositories.branch-rules-example %} For more information about branch name patterns, see "[Managing a branch protection rule](/github/administering-a-repository/managing-a-branch-protection-rule)." {% data reusables.pull_requests.you-can-auto-merge %} -## 关于分支保护设置 +## About branch protection settings -对于每个分支保护规则,您可以选择启用或禁用以下设置。 -- [在合并前需要拉取请求审查](#require-pull-request-reviews-before-merging) -- [合并前必需状态检查](#require-status-checks-before-merging) -- [合并前需要对话解决](#require-conversation-resolution-before-merging) -- [需要签名提交](#require-signed-commits) -- [需要线性历史记录](#require-linear-history) {% ifversion fpt or ghec %} -- [需要合并队列](#require-merge-queue) {% endif %} {%- ifversion required-deployments %} -- [合并前要求部署成功](#require-deployments-to-succeed-before-merging) {%- endif %} {% ifversion bypass-branch-protections %}- [不允许绕过上述设置](#do-not-allow-bypassing-the-above-settings){% else %}- [包括管理员](#include-administrators){% endif %} -- [限制可推送到匹配分支的人员](#restrict-who-can-push-to-matching-branches) -- [允许强制推送](#allow-force-pushes) -- [允许删除](#allow-deletions) +For each branch protection rule, you can choose to enable or disable the following settings. +- [Require pull request reviews before merging](#require-pull-request-reviews-before-merging) +- [Require status checks before merging](#require-status-checks-before-merging) +- [Require conversation resolution before merging](#require-conversation-resolution-before-merging) +- [Require signed commits](#require-signed-commits) +- [Require linear history](#require-linear-history) +{% ifversion fpt or ghec %} +- [Require merge queue](#require-merge-queue) +{% endif %} +{%- ifversion required-deployments %} +- [Require deployments to succeed before merging](#require-deployments-to-succeed-before-merging) +{%- endif %} +{% ifversion bypass-branch-protections %}- [Do not allow bypassing the above settings](#do-not-allow-bypassing-the-above-settings){% else %}- [Include administrators](#include-administrators){% endif %} +- [Restrict who can push to matching branches](#restrict-who-can-push-to-matching-branches) +- [Allow force pushes](#allow-force-pushes) +- [Allow deletions](#allow-deletions) -有关如何设置分支保护的详细信息,请参阅“[管理分支保护规则](/github/administering-a-repository/managing-a-branch-protection-rule)”。 +For more information on how to set up branch protection, see "[Managing a branch protection rule](/github/administering-a-repository/managing-a-branch-protection-rule)." -### 合并前必需拉取请求审查 +### Require pull request reviews before merging {% data reusables.pull_requests.required-reviews-for-prs-summary %} -如果启用必需审查,则协作者只能通过由所需数量的具有写入权限之审查者批准的拉取请求向受保护分支推送更改。 +If you enable required reviews, collaborators can only push changes to a protected branch via a pull request that is approved by the required number of reviewers with write permissions. -如果某个具有管理员权限的人员在审查中选择“请求更改”选项,则拉取请求必须经此人批准后才可合并。 如果申请更改拉取请求的审查者没有空,则具有仓库写入权限的任何人都可忽略阻止审查。 +If a person with admin permissions chooses the **Request changes** option in a review, then that person must approve the pull request before the pull request can be merged. If a reviewer who requests changes on a pull request isn't available, anyone with write permissions for the repository can dismiss the blocking review. {% data reusables.repositories.review-policy-overlapping-commits %} -如果协作者尝试将待处理或被拒绝审查的拉取请求合并到受保护分支,则该协作者将收到错误消息。 +If a collaborator attempts to merge a pull request with pending or rejected reviews into the protected branch, the collaborator will receive an error message. ```shell remote: error: GH006: Protected branch update failed for refs/heads/main. remote: error: Changes have been requested. ``` -(可选)您可以选择在推送提交时忽略旧拉取请求批准。 如果有人将修改代码的提交推送到已批准的拉取请求,则该批准将被忽略,拉取请求无法合并。 这不适用于协作者推送不修改代码的提交,例如将基础分值合并到拉取请求的分支。 有关基分支的信息,请参阅“[关于拉取请求](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/about-pull-requests)”。 +Optionally, you can choose to dismiss stale pull request approvals when commits are pushed. If anyone pushes a commit that modifies code to an approved pull request, the approval will be dismissed, and the pull request cannot be merged. This doesn't apply if the collaborator pushes commits that don't modify code, like merging the base branch into the pull request's branch. For information about the base branch, see "[About pull requests](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/about-pull-requests)." -(可选)您可以限制特定人员或团队忽略拉取请求审查的权限。 有关详细信息,请参阅“[消除拉取请求审查](/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/dismissing-a-pull-request-review)”。 +Optionally, you can restrict the ability to dismiss pull request reviews to specific people or teams. For more information, see "[Dismissing a pull request review](/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/dismissing-a-pull-request-review)." -(可选)您可以选择要求代码所有者进行审查。 如果这样做,则任何影响代码的拉取请求都必须得到代码所有者的批准,才能合并到受保护分支。 +Optionally, you can choose to require reviews from code owners. If you do, any pull request that affects code with a code owner must be approved by that code owner before the pull request can be merged into the protected branch. -### 合并前必需状态检查 +### Require status checks before merging -必需状态检查确保在协作者可以对受保护分支进行更改前,所有必需的 CI 测试都已通过。 更多信息请参阅“配置受保护分支”和“启用必需状态检查”。 有关详细信息,请参阅“[关于状态检查](/github/collaborating-with-issues-and-pull-requests/about-status-checks)”。 +Required status checks ensure that all required CI tests are passing before collaborators can make changes to a protected branch. Required status checks can be checks or statuses. For more information, see "[About status checks](/github/collaborating-with-issues-and-pull-requests/about-status-checks)." -必须配置仓库使用状态 API 后才可启用必需状态检查。 有关详细信息,请参阅 REST 文档中的“[存储库](/rest/reference/commits#commit-statuses)”。 +Before you can enable required status checks, you must configure the repository to use the status API. For more information, see "[Repositories](/rest/reference/commits#commit-statuses)" in the REST documentation. -启用必需状态检查后,必须通过所有必需状态检查,协作者才能将更改合并到受保护分支。 所有必需状态检查通过后,必须将任何提交推送到另一个分支,然后合并或直接推送到受保护分支。 +After enabling required status checks, all required status checks must pass before collaborators can merge changes into the protected branch. After all required status checks pass, any commits must either be pushed to another branch and then merged or pushed directly to the protected branch. -任何对存储库具有写入权限的人员或集成都可以在存储库中设置任何状态检查的状态{% ifversion fpt or ghes > 3.3 or ghae-issue-5379 or ghec %},但在某些情况下,你可能只想接受来自特定 {% data variables.product.prodname_github_app %} 的状态检查。 添加所需的状态检查时,可以选择最近将此检查设置为预期状态更新源的应用。{% endif %} 如果状态由任何其他人员或集成设置,则不允许合并。 如果选择“任何来源”,您仍然可以手动验证合并框中列出的每个状态的作者。 +Any person or integration with write permissions to a repository can set the state of any status check in the repository{% ifversion fpt or ghes > 3.3 or ghae > 3.3 or ghec %}, but in some cases you may only want to accept a status check from a specific {% data variables.product.prodname_github_app %}. When you add a required status check, you can select an app that has recently set this check as the expected source of status updates.{% endif %} If the status is set by any other person or integration, merging won't be allowed. If you select "any source", you can still manually verify the author of each status, listed in the merge box. -您可以将必需状态检查设置为“宽松”或“严格”。 您选择的必需状态检查类型确定合并之前是否需要使用基础分支将您的分支保持最新状态。 +You can set up required status checks to either be "loose" or "strict." The type of required status check you choose determines whether your branch is required to be up to date with the base branch before merging. -| 必需状态检查的类型 | 设置 | 合并要求 | 注意事项 | +| Type of required status check | Setting | Merge requirements | Considerations | | --- | --- | --- | --- | -| **Strict** | 选中“合并前要求分支保持最新状态”复选框。 | 在合并之前,必须利用基分支使分支保持最新状态。 | 这是必需状态检查的默认行为。 可能需要更多构建,因为在其他协作者将拉取请求合并到受保护基础分支后,您需要使头部分支保持最新状态。| -| 宽松 | 未选中“合并前要求分支保持最新状态”复选框 。 | 在合并之前,不必利用基分支使分支保持最新状态。 | 您将需要更少的构建,因为在其他协作者合并拉取请求后,您不需要使头部分支保持最新状态。 如果存在与基础分支不兼容的变更,则在合并分支后,状态检查可能会失败。 | -| **已禁用** | 未选中“合并前要求通过状态检查”复选框 。 | 分支没有合并限制。 | 如果未启用必需状态检查,协作者可以随时合并分支,无论它是否使用基础分支保持最新状态。 这增加了不兼容变更的可能性。 +| **Strict** | The **Require branches to be up to date before merging** checkbox is checked. | The branch **must** be up to date with the base branch before merging. | This is the default behavior for required status checks. More builds may be required, as you'll need to bring the head branch up to date after other collaborators merge pull requests to the protected base branch.| +| **Loose** | The **Require branches to be up to date before merging** checkbox is **not** checked. | The branch **does not** have to be up to date with the base branch before merging. | You'll have fewer required builds, as you won't need to bring the head branch up to date after other collaborators merge pull requests. Status checks may fail after you merge your branch if there are incompatible changes with the base branch. | +| **Disabled** | The **Require status checks to pass before merging** checkbox is **not** checked. | The branch has no merge restrictions. | If required status checks aren't enabled, collaborators can merge the branch at any time, regardless of whether it is up to date with the base branch. This increases the possibility of incompatible changes. -有关故障排除信息,请参阅“[对所需状态检查进行故障排除](/github/administering-a-repository/troubleshooting-required-status-checks)”。 +For troubleshooting information, see "[Troubleshooting required status checks](/github/administering-a-repository/troubleshooting-required-status-checks)." -### 合并前需要对话解决 +### Require conversation resolution before merging -在合并到受保护的分支之前,所有对拉取请求的评论都需要解决。 这确保所有评论在合并前都得到解决或确认。 +Requires all comments on the pull request to be resolved before it can be merged to a protected branch. This ensures that all comments are addressed or acknowledged before merge. -### 要求签名提交 +### Require signed commits -如果你在分支上启用所需的提交签名,参与者{% ifversion fpt or ghec %}和机器人{% endif %}只能将已签名和验证的提交推送到分支。 有关详细信息,请参阅“[关于提交签名验证](/articles/about-commit-signature-verification)”。 +When you enable required commit signing on a branch, contributors {% ifversion fpt or ghec %}and bots{% endif %} can only push commits that have been signed and verified to the branch. For more information, see "[About commit signature verification](/articles/about-commit-signature-verification)." {% note %} -{% ifversion fpt or ghec %} 注意: +{% ifversion fpt or ghec %} +**Notes:** -* 如果您已经启用了警戒模式,这表明您的提交总是会签名,允许在需要签名提交的分支上提交 {% data variables.product.prodname_dotcom %} 识别为“部分验证”的任何提交。 有关警戒模式的详细信息,请参阅“[显示所有提交的验证状态](/github/authenticating-to-github/displaying-verification-statuses-for-all-of-your-commits)”。 -* 如果协作者将未签名的提交推送到要求提交签名的分支,则协作者需要变基提交以包含验证的签名,然后将重写的提交强制推送到分支。 +* If you have enabled vigilant mode, which indicates that your commits will always be signed, any commits that {% data variables.product.prodname_dotcom %} identifies as "Partially verified" are permitted on branches that require signed commits. For more information about vigilant mode, see "[Displaying verification statuses for all of your commits](/github/authenticating-to-github/displaying-verification-statuses-for-all-of-your-commits)." +* If a collaborator pushes an unsigned commit to a branch that requires commit signatures, the collaborator will need to rebase the commit to include a verified signature, then force push the rewritten commit to the branch. -{% else %} 注意:如果协作者将未签名的提交推送到要求提交签名的分支,则协作者需要变基提交以包含验证的签名,然后将重写的提交强制推送到分支。 +{% else %} +**Note:** If a collaborator pushes an unsigned commit to a branch that requires commit signatures, the collaborator will need to rebase the commit to include a verified signature, then force push the rewritten commit to the branch. {% endif %} {% endnote %} -如果提交已进行签名和验证,则始终可以将本地提交推送到分支。 {% ifversion fpt or ghec %}你也可以使用 {% data variables.product.product_name %} 上的拉取请求将已签名和验证的提交合并到分支。 但除非你是拉取请求的作者,否则不能将拉取请求压缩并合并到 {% data variables.product.product_name %} 上的分支。{% else %} 但你不能将拉取请求合并到 {% data variables.product.product_name %} 上的分支。{% endif %} 你可以在本地{% ifversion fpt or ghec %}压缩和{% endif %}合并拉取请求。 有关详细信息,请参阅“[在本地签出拉取请求](/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/checking-out-pull-requests-locally)”。 +You can always push local commits to the branch if the commits are signed and verified. {% ifversion fpt or ghec %}You can also merge signed and verified commits into the branch using a pull request on {% data variables.product.product_name %}. However, you cannot squash and merge a pull request into the branch on {% data variables.product.product_name %} unless you are the author of the pull request.{% else %} However, you cannot merge pull requests into the branch on {% data variables.product.product_name %}.{% endif %} You can {% ifversion fpt or ghec %}squash and {% endif %}merge pull requests locally. For more information, see "[Checking out pull requests locally](/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/checking-out-pull-requests-locally)." -{% ifversion fpt or ghec %} 有关详细信息,请参阅“[关于 {% data variables.product.prodname_dotcom %} 上的合并方法](/github/administering-a-repository/about-merge-methods-on-github)”。{% endif %} +{% ifversion fpt or ghec %} For more information about merge methods, see "[About merge methods on {% data variables.product.prodname_dotcom %}](/github/administering-a-repository/about-merge-methods-on-github)."{% endif %} -### 需要线性历史记录 +### Require linear history -强制实施线性提交历史记录可阻止协作者将合并提交推送到分支。 这意味着合并到受保护分支的任何拉取请求都必须使用压缩合并或变基合并。 严格的线性提交历史记录可以帮助团队更容易回溯更改。 有关合并方法的详细信息,请参阅“[关于拉取请求合并](/github/collaborating-with-issues-and-pull-requests/about-pull-request-merges)”。 +Enforcing a linear commit history prevents collaborators from pushing merge commits to the branch. This means that any pull requests merged into the protected branch must use a squash merge or a rebase merge. A strictly linear commit history can help teams reverse changes more easily. For more information about merge methods, see "[About pull request merges](/github/collaborating-with-issues-and-pull-requests/about-pull-request-merges)." -在需要线性提交历史记录之前,仓库必须允许压缩合并或变基合并。 有关详细信息,请参阅“[配置拉取请求合并](/github/administering-a-repository/configuring-pull-request-merges)”。 +Before you can require a linear commit history, your repository must allow squash merging or rebase merging. For more information, see "[Configuring pull request merges](/github/administering-a-repository/configuring-pull-request-merges)." {% ifversion fpt or ghec %} -### 需要合并队列 +### Require merge queue -{% data reusables.pull_requests.merge-queue-beta %} {% data reusables.pull_requests.merge-queue-overview %} +{% data reusables.pull_requests.merge-queue-beta %} +{% data reusables.pull_requests.merge-queue-overview %} -{% data reusables.pull_requests.merge-queue-merging-method %} {% data reusables.pull_requests.merge-queue-references %} +{% data reusables.pull_requests.merge-queue-merging-method %} +{% data reusables.pull_requests.merge-queue-references %} {% endif %} -### 在合并前要求部署成功 +### Require deployments to succeed before merging -在合并分支之前,可以要求将更改成功部署到特定环境。 例如,可以使用此规则确保在更改合并到默认分支之前成功部署到过渡环境。 +You can require that changes are successfully deployed to specific environments before a branch can be merged. For example, you can use this rule to ensure that changes are successfully deployed to a staging environment before the changes merge to your default branch. -{% ifversion bypass-branch-protections %}### 不允许绕过上述设置{% else %} -### 包括管理员{% endif %} +{% ifversion bypass-branch-protections %}### Do not allow bypassing the above settings{% else %} +### Include administrators{% endif %} -{% ifversion bypass-branch-protections %} 默认情况下,分支保护规则的限制不适用于对存储库具有管理员权限的人员或在存储库中具有“绕过分支保护”权限的自定义角色。 +{% ifversion bypass-branch-protections %} +By default, the restrictions of a branch protection rule do not apply to people with admin permissions to the repository or custom roles with the "bypass branch protections" permission in a repository. -也可以启用此设置以将限制应用于具有“绕过分支保护”权限的管理员和角色。 有关详细信息,请参阅“[管理组织的自定义存储库角色](/en/enterprise-cloud@latest/organizations/managing-peoples-access-to-your-organization-with-roles/managing-custom-repository-roles-for-an-organization)”。 -{% else %} 默认情况下,受保护分支规则不适用于对仓库具有管理员权限的人。 可以启用此设置将管理员纳入受保护分支规则。{% endif %} +You can enable this setting to apply the restrictions to admins and roles with the "bypass branch protections" permission, too. For more information, see "[Managing custom repository roles for an organization](/en/enterprise-cloud@latest/organizations/managing-peoples-access-to-your-organization-with-roles/managing-custom-repository-roles-for-an-organization)". +{% else %} +By default, protected branch rules do not apply to people with admin permissions to a repository. You can enable this setting to include administrators in your protected branch rules.{% endif %} -### 限制谁可以推送到匹配的分支 +### Restrict who can push to matching branches -{% ifversion fpt or ghec %} 如果你的存储库为使用 {% data variables.product.prodname_team %} 或 {% data variables.product.prodname_ghe_cloud %} 的组织所有,你可以启用分支限制。 +{% ifversion fpt or ghec %} +You can enable branch restrictions if your repository is owned by an organization using {% data variables.product.prodname_team %} or {% data variables.product.prodname_ghe_cloud %}. {% endif %} -启用分支限制时,只有已授予权限的用户、团队或应用程序才能推送到受保护的分支。 您可以在受保护分支的设置中查看和编辑对受保护分支具有推送权限的用户、团队或应用程序。 当需要状态检查时,如果所需的检查失败,仍会阻止有权推送到受保护分支的人员、团队和应用合并为一个分支。 当需要拉取请求时,有权推送到受保护分支的人员、团队和应用仍需要创建拉取请求。 +When you enable branch restrictions, only users, teams, or apps that have been given permission can push to the protected branch. You can view and edit the users, teams, or apps with push access to a protected branch in the protected branch's settings. When status checks are required, the people, teams, and apps that have permission to push to a protected branch will still be prevented from merging into the branch when the required checks fail. People, teams, and apps that have permission to push to a protected branch will still need to create a pull request when pull requests are required. -{% ifversion restrict-pushes-create-branch %}(可选)可以将相同的限制应用于创建与规则匹配的分支。 例如,如果创建一个仅允许特定团队推送到包含单词 `release` 的任何分支的规则,则只有该团队的成员才能创建包含单词 `release` 的新分支。 +{% ifversion restrict-pushes-create-branch %} +Optionally, you can apply the same restrictions to the creation of branches that match the rule. For example, if you create a rule that only allows a certain team to push to any branches that contain the word `release`, only members of that team would be able to create a new branch that contains the word `release`. {% endif %} -只能向对存储库具有写入权限的用户、团队或已安装的 {% data variables.product.prodname_github_apps %} 授予推送到受保护分支或创建匹配分支的权限。 对存储库具有管理员权限的人员和应用程序始终能够推送到受保护分支或创建匹配分支。 +You can only give push access to a protected branch, or give permission to create a matching branch, to users, teams, or installed {% data variables.product.prodname_github_apps %} with write access to a repository. People and apps with admin permissions to a repository are always able to push to a protected branch or create a matching branch. -### 允许强制推送 +### Allow force pushes -{% ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5624 %} 默认情况下,{% data variables.product.product_name %} 会阻止对所有受保护分支的强制推送。 启用强制推送到受保护分支时,可以选择两个可以强制推送的组之一: +{% ifversion fpt or ghec or ghes > 3.3 or ghae > 3.3 %} +By default, {% data variables.product.product_name %} blocks force pushes on all protected branches. When you enable force pushes to a protected branch, you can choose one of two groups who can force push: -1. 允许至少具有存储库写入权限的每个人强制推送到分支,包括具有管理员权限的人员。 -1. 仅允许特定人员或团队强制推送到分支。 +1. Allow everyone with at least write permissions to the repository to force push to the branch, including those with admin permissions. +1. Allow only specific people or teams to force push to the branch. -如果有人强制推送到分支,则强制推送可能会覆盖其他协作者基于其工作的承诺。 用户可能有合并冲突或损坏的拉取请求。 +If someone force pushes to a branch, the force push may overwrite commits that other collaborators based their work on. People may have merge conflicts or corrupted pull requests. -{% else %} 默认情况下,{% data variables.product.product_name %} 会阻止对所有受保护分支的强制推送。 对受保护分支启用强制推送时,只要具有仓库写入权限,任何人(包括具有管理员权限的人)都可以强制推送到该分支。 如果有人强制推送到分支,则强制推送可能会覆盖其他协作者基于其工作的承诺。 用户可能有合并冲突或损坏的拉取请求。 +{% else %} +By default, {% data variables.product.product_name %} blocks force pushes on all protected branches. When you enable force pushes to a protected branch, anyone with at least write permissions to the repository can force push to the branch, including those with admin permissions. If someone force pushes to a branch, the force push may overwrite commits that other collaborators based their work on. People may have merge conflicts or corrupted pull requests. {% endif %} -启用强制推送不会覆盖任何其他分支保护规则。 例如,如果分支需要线性提交历史记录,则无法强制推送合并提交到该分支。 +Enabling force pushes will not override any other branch protection rules. For example, if a branch requires a linear commit history, you cannot force push merge commits to that branch. -{% ifversion ghes or ghae %}如果站点管理员阻止了强制推送到存储库中的所有分支,则你无法对受保护分支启用强制推送。 有关详细信息,请参阅“[阻止对个人帐户或组织拥有的存储库进行强制推送](/enterprise/admin/developer-workflow/blocking-force-pushes-to-repositories-owned-by-a-user-account-or-organization)”。 +{% ifversion ghes or ghae %}You cannot enable force pushes for a protected branch if a site administrator has blocked force pushes to all branches in your repository. For more information, see "[Blocking force pushes to repositories owned by a personal account or organization](/enterprise/admin/developer-workflow/blocking-force-pushes-to-repositories-owned-by-a-user-account-or-organization)." -如果站点管理员只阻止强制推送到默认分支,您仍然可以为任何其他受保护分支启用强制推送。{% endif %} +If a site administrator has blocked force pushes to the default branch only, you can still enable force pushes for any other protected branch.{% endif %} -### 允许删除 +### Allow deletions -默认情况下,您不能删除受保护的分支。 启用删除受保护分支后,任何对仓库至少拥有写入权限的人都可以删除分支。 +By default, you cannot delete a protected branch. When you enable deletion of a protected branch, anyone with at least write permissions to the repository can delete the branch. diff --git a/translations/zh-CN/content/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/managing-a-branch-protection-rule.md b/translations/zh-CN/content/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/managing-a-branch-protection-rule.md index 1e4a1294c4..872d6e08f0 100644 --- a/translations/zh-CN/content/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/managing-a-branch-protection-rule.md +++ b/translations/zh-CN/content/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/managing-a-branch-protection-rule.md @@ -1,6 +1,6 @@ --- -title: 管理分支保护规则 -intro: 可创建分支保护规则,为一个或多个分支强制实施某些工作流,例如要求进行审批评审或通过状态检查来确保所有拉取请求都已合并到受保护的分支的。 +title: Managing a branch protection rule +intro: 'You can create a branch protection rule to enforce certain workflows for one or more branches, such as requiring an approving review or passing status checks for all pull requests merged into the protected branch.' product: '{% data reusables.gated-features.protected-branches %}' redirect_from: - /articles/configuring-protected-branches @@ -27,102 +27,117 @@ permissions: People with admin permissions to a repository can manage branch pro topics: - Repositories shortTitle: Branch protection rule -ms.openlocfilehash: aed3ab7599d8c74c16d95e4667e94aa3264c9491 -ms.sourcegitcommit: 47bd0e48c7dba1dde49baff60bc1eddc91ab10c5 -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/05/2022 -ms.locfileid: '147614173' --- -## 关于分支保护规则 +## About branch protection rules {% data reusables.repositories.branch-rules-example %} -可以使用通配符语法 `*` 为存储库中所有当前和未来的分支创建规则。 由于 {% data variables.product.company_short %} 对 `File.fnmatch` 语法使用 `File::FNM_PATHNAME` 标志,因此通配符与目录分隔符 (`/`) 不匹配。 例如,`qa/*` 将匹配所有以 `qa/` 开头并包含单个斜杠的分支。 可以用 `qa/**/*` 包含多个斜杠,也可以用 `qa**/**/*` 扩展 `qa` 字符串,以使规则更具包容性。 有关分支规则语法选项的详细信息,请参阅 [fnmatch 文档](https://ruby-doc.org/core-2.5.1/File.html#method-c-fnmatch)。 +You can create a rule for all current and future branches in your repository with the wildcard syntax `*`. Because {% data variables.product.company_short %} uses the `File::FNM_PATHNAME` flag for the `File.fnmatch` syntax, the wildcard does not match directory separators (`/`). For example, `qa/*` will match all branches beginning with `qa/` and containing a single slash. You can include multiple slashes with `qa/**/*`, and you can extend the `qa` string with `qa**/**/*` to make the rule more inclusive. For more information about syntax options for branch rules, see the [fnmatch documentation](https://ruby-doc.org/core-2.5.1/File.html#method-c-fnmatch). -如果仓库有多个影响相同分支的受保护分支规则,则包含特定分支名称的规则具有最高优先级。 如果有多个受保护分支规则引用相同的特定规则名称,则最先创建的分支规则优先级更高。 +If a repository has multiple protected branch rules that affect the same branches, the rules that include a specific branch name have the highest priority. If there is more than one protected branch rule that references the same specific branch name, then the branch rule created first will have higher priority. -提及特殊字符的受保护分支规则,如 `*`、`?` 或 `]`,将按其创建的顺序应用,因此含有这些字符的规则创建时间越早,优先级越高。 +Protected branch rules that mention a special character, such as `*`, `?`, or `]`, are applied in the order they were created, so older rules with these characters have a higher priority. -要创建对现有分支规则的例外,您可以创建优先级更高的新分支保护规则,例如针对特定分支名称的分支规则。 +To create an exception to an existing branch rule, you can create a new branch protection rule that is higher priority, such as a branch rule for a specific branch name. -有关每个可用分支保护设置的详细信息,请参阅“[关于受保护的分支](/github/administering-a-repository/about-protected-branches)”。 +For more information about each of the available branch protection settings, see "[About protected branches](/github/administering-a-repository/about-protected-branches)." -## 创建分支保护规则 +## Creating a branch protection rule -创建分支规则时,指定的分支不必是仓库中现有的分支。 +When you create a branch rule, the branch you specify doesn't have to exist yet in the repository. -{% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-settings %} {% data reusables.repositories.repository-branches %} {% data reusables.repositories.add-branch-protection-rules %} {% ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5506 %} -1. (可选)启用所需的拉取请求。 - - 在“保护匹配分支”下,选择“合并前需要拉取请求”。 - ![拉取请求审阅限制复选框](/assets/images/help/repository/PR-reviews-required-updated.png) - - (可选)若需要在合并拉取请求之前审批,选择“需要审批”,单击“合并前所需的审批数”下拉菜单,然后选择希望分支上要求的审批审阅数 。 - ![用于选择必需审阅审批数量的下拉菜单](/assets/images/help/repository/number-of-required-review-approvals-updated.png) {% else %} -1. (可选)启用必需拉取请求审查。 - - 在“保护匹配分支”下,选择“合并前需要拉取请求审阅”。 - ![拉取请求审阅限制复选框](/assets/images/help/repository/PR-reviews-required.png) - - 单击“必需的审批审阅”下拉菜单,然后选择分支上要求的审批审阅数。 - ![用于选择必需审阅审批数量的下拉菜单](/assets/images/help/repository/number-of-required-review-approvals.png) {% endif %} - - (可选)若要在将代码修改提交推送到分支时关闭拉取请求审批审阅,选择“推送新提交时关闭旧拉取请求审批”。 - ![“推送新提交时关闭旧拉取请求审批”复选框](/assets/images/help/repository/PR-reviews-required-dismiss-stale.png) - - (可选)若要在拉取请求影响具有指定所有者的代码时要求代码所有者审阅,请选择“要求代码所有者审阅”。 有关详细信息,请参阅“[关于代码所有者](/github/creating-cloning-and-archiving-repositories/about-code-owners)”。 - ![要求代码所有者审阅](/assets/images/help/repository/PR-review-required-code-owner.png) {% ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5611 %} - - (可选)若要让特定参与者在需要时将代码推送到分支而不创建拉取请求,选择“允许指定参与者绕过所需的拉取请求”。 然后,搜索并选择应被允许跳过创建拉取请求的参与者。 - ![“允许特定参与者绕过拉取请求要求”复选框]{% ifversion integration-branch-protection-exceptions %}(/assets/images/help/repository/PR-bypass-requirements-with-apps.png){% else %}(/assets/images/help/repository/PR-bypass-requirements.png){% endif %} {% endif %} - - (可选)如果存储库是组织的一部分,选择“限制可以关闭拉取请求审阅的人员”。 然后,搜索并选择有权忽略拉取请求审查的参与者。 有关详细信息,请参阅“[关闭拉取请求审阅](/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/dismissing-a-pull-request-review)”。 - ![“限制可以关闭拉取请求审查的人员”复选框]{% ifversion integration-branch-protection-exceptions %}(/assets/images/help/repository/PR-review-required-dismissals-with-apps.png){% else %}(/assets/images/help/repository/PR-review-required-dismissals.png){% endif %} -1. (可选)启用必需状态检查。 有关详细信息,请参阅“[关于状态检查](/pull-requests/collaborating-with-pull-requests/collaborating-on-repositories-with-code-quality-features/about-status-checks)”。 - - 选择“合并前需要通过状态检查”。 - ![必需状态检查选项](/assets/images/help/repository/required-status-checks.png) - - (可选)若要确保使用受保护分支上的最新代码测试拉取请求,选择“要求分支在合并前保持最新”。 - ![宽松或严格的必需状态复选框](/assets/images/help/repository/protecting-branch-loose-status.png) - - 搜索状态检查,选择您想要求的检查。 - ![可用状态检查的搜索界面,以及所需检查的列表](/assets/images/help/repository/required-statuses-list.png) -1. (可选)选择“合并前需要对话解决”。 - ![“合并前需要对话解决”选项](/assets/images/help/repository/require-conversation-resolution.png) -1. (可选)选择“需要签名提交”。 - ![需要签名提交选项](/assets/images/help/repository/require-signed-commits.png) -1. (可选)选择“需要线性历史记录”。 - ![需要线性历史记录选项](/assets/images/help/repository/required-linear-history.png) {%- ifversion fpt or ghec %} -1. (可选)若要使用合并队列合并拉取请求,选择“需要合并队列”。 {% data reusables.pull_requests.merge-queue-references %} ![需要合并队列选项](/assets/images/help/repository/require-merge-queue.png) {% tip %} +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.sidebar-settings %} +{% data reusables.repositories.repository-branches %} +{% data reusables.repositories.add-branch-protection-rules %} +{% ifversion fpt or ghec or ghes > 3.3 or ghae > 3.3 %} +1. Optionally, enable required pull requests. + - Under "Protect matching branches", select **Require a pull request before merging**. + ![Pull request review restriction checkbox](/assets/images/help/repository/PR-reviews-required-updated.png) + - Optionally, to require approvals before a pull request can be merged, select **Require approvals**, click the **Required number of approvals before merging** drop-down menu, then select the number of approving reviews you would like to require on the branch. + ![Drop-down menu to select number of required review approvals](/assets/images/help/repository/number-of-required-review-approvals-updated.png) +{% else %} +1. Optionally, enable required pull request reviews. + - Under "Protect matching branches", select **Require pull request reviews before merging**. + ![Pull request review restriction checkbox](/assets/images/help/repository/PR-reviews-required.png) + - Click the **Required approving reviews** drop-down menu, then select the number of approving reviews you would like to require on the branch. + ![Drop-down menu to select number of required review approvals](/assets/images/help/repository/number-of-required-review-approvals.png) +{% endif %} + - Optionally, to dismiss a pull request approval review when a code-modifying commit is pushed to the branch, select **Dismiss stale pull request approvals when new commits are pushed**. + ![Dismiss stale pull request approvals when new commits are pushed checkbox](/assets/images/help/repository/PR-reviews-required-dismiss-stale.png) + - Optionally, to require review from a code owner when the pull request affects code that has a designated owner, select **Require review from Code Owners**. For more information, see "[About code owners](/github/creating-cloning-and-archiving-repositories/about-code-owners)." + ![Require review from code owners](/assets/images/help/repository/PR-review-required-code-owner.png) +{% ifversion fpt or ghec or ghes > 3.3 or ghae > 3.3 %} + - Optionally, to allow specific actors to push code to the branch without creating pull requests when they're required, select **Allow specified actors to bypass required pull requests**. Then, search for and select the actors who should be allowed to skip creating a pull request. + ![Allow specific actors to bypass pull request requirements checkbox]{% ifversion integration-branch-protection-exceptions %}(/assets/images/help/repository/PR-bypass-requirements-with-apps.png){% else %}(/assets/images/help/repository/PR-bypass-requirements.png){% endif %} +{% endif %} + - Optionally, if the repository is part of an organization, select **Restrict who can dismiss pull request reviews**. Then, search for and select the actors who are allowed to dismiss pull request reviews. For more information, see "[Dismissing a pull request review](/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/dismissing-a-pull-request-review)." + ![Restrict who can dismiss pull request reviews checkbox]{% ifversion integration-branch-protection-exceptions %}(/assets/images/help/repository/PR-review-required-dismissals-with-apps.png){% else %}(/assets/images/help/repository/PR-review-required-dismissals.png){% endif %} +1. Optionally, enable required status checks. For more information, see "[About status checks](/pull-requests/collaborating-with-pull-requests/collaborating-on-repositories-with-code-quality-features/about-status-checks)." + - Select **Require status checks to pass before merging**. + ![Required status checks option](/assets/images/help/repository/required-status-checks.png) + - Optionally, to ensure that pull requests are tested with the latest code on the protected branch, select **Require branches to be up to date before merging**. + ![Loose or strict required status checkbox](/assets/images/help/repository/protecting-branch-loose-status.png) + - Search for status checks, selecting the checks you want to require. + ![Search interface for available status checks, with list of required checks](/assets/images/help/repository/required-statuses-list.png) +1. Optionally, select **Require conversation resolution before merging**. + ![Require conversation resolution before merging option](/assets/images/help/repository/require-conversation-resolution.png) +1. Optionally, select **Require signed commits**. + ![Require signed commits option](/assets/images/help/repository/require-signed-commits.png) +1. Optionally, select **Require linear history**. + ![Required linear history option](/assets/images/help/repository/required-linear-history.png) +{%- ifversion fpt or ghec %} +1. Optionally, to merge pull requests using a merge queue, select **Require merge queue**. {% data reusables.pull_requests.merge-queue-references %} + ![Require merge queue option](/assets/images/help/repository/require-merge-queue.png) + {% tip %} - **提示:** 拉取请求合并队列功能目前为有限的公开 beta 版本,可能会发生更改。 组织所有者可以通过加入[候补名单](https://github.com/features/merge-queue/signup)来申请提前访问 beta 版。 + **Tip:** The pull request merge queue feature is currently in limited public beta and subject to change. Organizations owners can request early access to the beta by joining the [waitlist](https://github.com/features/merge-queue/signup). - {% endtip %} {%- endif %} {%- ifversion required-deployments %} -1. (可选)若要选择在合并之前必须将更改成功部署到哪些环境,选择“需要在合并之前部署成功”,然后选择环境。 - ![需要成功部署选项](/assets/images/help/repository/require-successful-deployment.png) {%- endif %} -1. (可选)选择“{% ifversion bypass-branch-protections %}不允许绕过上述设置”。 -![“不允许绕过上述设置”复选框](/assets/images/help/repository/do-not-allow-bypassing-the-above-settings.png){% else %}**会将上述规则应用于管理员**。 -![“将上述规则应用于管理员”复选框](/assets/images/help/repository/include-admins-protected-branches.png){% endif %} -1. (可选){% ifversion fpt or ghec %}如果你的存储库为使用 {% data variables.product.prodname_team %} 或 {% data variables.product.prodname_ghe_cloud %} 的组织所有,{% endif %}请启用分支限制。 - - 选择“限制可推送到匹配分支的人员”。 - ![“分支限制”复选框](/assets/images/help/repository/restrict-branch.png){% ifversion restrict-pushes-create-branch %} - - (可选)若要限制匹配分支的创建,请选择“限制创建匹配分支的推送”。 - ![“分支创建限制”复选框](/assets/images/help/repository/restrict-branch-create.png){% endif %} - - 搜索并选择有权限推送到受保护分支或创建匹配分支的人员、团队或应用。 - ![分支限制搜索]{% ifversion restrict-pushes-create-branch %}(/assets/images/help/repository/restrict-branch-search-with-create.png){% else %}(/assets/images/help/repository/restrict-branch-search.png){% endif %} -1. (可选)在“适用于包括管理员在内的所有人的规则”下,选择“允许强制推送”。 - ![允许强制推送选项](/assets/images/help/repository/allow-force-pushes.png) {% ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5624 %} 然后,选择可以强制推送到分支的人员。 - - 选择“所有人”,允许至少具有存储库写入权限的人强制推送到分支,包括具有管理员权限的人员。 - - 选择“指定可以强制推送的人员”,仅允许特定参与者强制推送到分支。 然后,搜索并选择这些参与者。 - ![用于指定可以强制推送的人员的选项的屏幕截图]{% ifversion integration-branch-protection-exceptions %}(/assets/images/help/repository/allow-force-pushes-specify-who-with-apps.png){% else %}(/assets/images/help/repository/allow-force-pushes-specify-who.png){% endif %} {% endif %} + {% endtip %} +{%- endif %} +{%- ifversion required-deployments %} +1. Optionally, to choose which environments the changes must be successfully deployed to before merging, select **Require deployments to succeed before merging**, then select the environments. + ![Require successful deployment option](/assets/images/help/repository/require-successful-deployment.png) +{%- endif %} +1. Optionally, select {% ifversion bypass-branch-protections %}**Do not allow bypassing the above settings**. +![Do not allow bypassing the above settings checkbox](/assets/images/help/repository/do-not-allow-bypassing-the-above-settings.png){% else %}**Apply the rules above to administrators**. +![Apply the rules above to administrators checkbox](/assets/images/help/repository/include-admins-protected-branches.png){% endif %} +1. Optionally,{% ifversion fpt or ghec %} if your repository is owned by an organization using {% data variables.product.prodname_team %} or {% data variables.product.prodname_ghe_cloud %},{% endif %} enable branch restrictions. + - Select **Restrict who can push to matching branches**. + ![Branch restriction checkbox](/assets/images/help/repository/restrict-branch.png){% ifversion restrict-pushes-create-branch %} + - Optionally, to also restrict the creation of matching branches, select **Restrict pushes that create matching branches**. + ![Branch creation restriction checkbox](/assets/images/help/repository/restrict-branch-create.png){% endif %} + - Search for and select the people, teams, or apps who will have permission to push to the protected branch or create a matching branch. + ![Branch restriction search]{% ifversion restrict-pushes-create-branch %}(/assets/images/help/repository/restrict-branch-search-with-create.png){% else %}(/assets/images/help/repository/restrict-branch-search.png){% endif %} +1. Optionally, under "Rules applied to everyone including administrators", select **Allow force pushes**. + ![Allow force pushes option](/assets/images/help/repository/allow-force-pushes.png) +{% ifversion fpt or ghec or ghes > 3.3 or ghae > 3.3 %} + Then, choose who can force push to the branch. + - Select **Everyone** to allow everyone with at least write permissions to the repository to force push to the branch, including those with admin permissions. + - Select **Specify who can force push** to allow only specific actors to force push to the branch. Then, search for and select those actors. + ![Screenshot of the options to specify who can force push]{% ifversion integration-branch-protection-exceptions %}(/assets/images/help/repository/allow-force-pushes-specify-who-with-apps.png){% else %}(/assets/images/help/repository/allow-force-pushes-specify-who.png){% endif %} +{% endif %} - 有关强制推送的详细信息,请参阅“[允许强制推送](/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/about-protected-branches/#allow-force-pushes)”。 -1. (可选)选择“允许删除”。 - ![允许分支删除选项](/assets/images/help/repository/allow-branch-deletions.png) -1. 单击“创建”。 + For more information about force pushes, see "[Allow force pushes](/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/about-protected-branches/#allow-force-pushes)." +1. Optionally, select **Allow deletions**. + ![Allow branch deletions option](/assets/images/help/repository/allow-branch-deletions.png) +1. Click **Create**. -## 编辑分支保护规则 +## Editing a branch protection rule -{% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-settings %} {% data reusables.repositories.repository-branches %} -1. 在要编辑的分支保护规则的右侧,单击“编辑”。 - ![“编辑”按钮](/assets/images/help/repository/edit-branch-protection-rule.png) -1. 对分支保护规则进行所需的更改。 -1. 单击“保存更改”。 - ![“保存更改”按钮](/assets/images/help/repository/save-branch-protection-rule.png) +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.sidebar-settings %} +{% data reusables.repositories.repository-branches %} +1. To the right of the branch protection rule you want to edit, click **Edit**. + ![Edit button](/assets/images/help/repository/edit-branch-protection-rule.png) +1. Make your desired changes to the branch protection rule. +1. Click **Save changes**. + ![Save changes button](/assets/images/help/repository/save-branch-protection-rule.png) -## 删除分支保护规则 +## Deleting a branch protection rule -{% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-settings %} {% data reusables.repositories.repository-branches %} -1. 在要删除的分支保护规则的右侧,单击“删除”。 - ![“删除”按钮](/assets/images/help/repository/delete-branch-protection-rule.png) +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.sidebar-settings %} +{% data reusables.repositories.repository-branches %} +1. To the right of the branch protection rule you want to delete, click **Delete**. + ![Delete button](/assets/images/help/repository/delete-branch-protection-rule.png) diff --git a/translations/zh-CN/content/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/troubleshooting-required-status-checks.md b/translations/zh-CN/content/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/troubleshooting-required-status-checks.md index 3d5cb4277b..9a2ca2a765 100644 --- a/translations/zh-CN/content/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/troubleshooting-required-status-checks.md +++ b/translations/zh-CN/content/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/troubleshooting-required-status-checks.md @@ -1,6 +1,6 @@ --- -title: 必需状态检查故障排除 -intro: 您可以检查必需状态检查的常见错误并解决问题, +title: Troubleshooting required status checks +intro: You can check for common errors and resolve issues with required status checks. product: '{% data reusables.gated-features.protected-branches %}' versions: fpt: '*' @@ -13,24 +13,18 @@ redirect_from: - /github/administering-a-repository/troubleshooting-required-status-checks - /github/administering-a-repository/defining-the-mergeability-of-pull-requests/troubleshooting-required-status-checks shortTitle: Required status checks -ms.openlocfilehash: 89752b777160df26cc6f650964aac56727f90223 -ms.sourcegitcommit: 47bd0e48c7dba1dde49baff60bc1eddc91ab10c5 -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/05/2022 -ms.locfileid: '145129404' --- -如果您有名称相同的检查和状态,并且选择该名称作为必需状态检查,则检查和状态都是必需的。 有关详细信息,请参阅“[检查](/rest/reference/checks)”。 +If you have a check and a status with the same name, and you select that name as a required status check, both the check and the status are required. For more information, see "[Checks](/rest/reference/checks)." -在启用必需状态检查后,您的分支在合并之前可能需要使用基础分支更新。 这可确保您的分支已经使用基本分支的最新代码做过测试。 如果您的分支过期,则需要将基本分支合并到您的分支。 有关详细信息,请参阅“[关于受保护的分支](/github/administering-a-repository/about-protected-branches#require-status-checks-before-merging)”。 +After you enable required status checks, your branch may need to be up-to-date with the base branch before merging. This ensures that your branch has been tested with the latest code from the base branch. If your branch is out of date, you'll need to merge the base branch into your branch. For more information, see "[About protected branches](/github/administering-a-repository/about-protected-branches#require-status-checks-before-merging)." {% note %} -注意:也可以使用 Git 变基以基础分支更新分支。 有关详细信息,请参阅“[关于 Git 变基](/github/getting-started-with-github/about-git-rebase)”。 +**Note:** You can also bring your branch up to date with the base branch using Git rebase. For more information, see "[About Git rebase](/github/getting-started-with-github/about-git-rebase)." {% endnote %} -在通过所有必需状态检查之前,无法向受保护分支推送本地更改。 反而会收到类似如下的错误消息。 +You won't be able to push local changes to a protected branch until all required status checks pass. Instead, you'll receive an error message similar to the following. ```shell remote: error: GH006: Protected branch update failed for refs/heads/main. @@ -38,29 +32,29 @@ remote: error: Required status check "ci-build" is failing ``` {% note %} -注意:最新且通过所需状态检查的拉取请求可以在本地合并,并推送到受保护的分支。 此操作无需对合并提交本身运行状态检查。 +**Note:** Pull requests that are up-to-date and pass required status checks can be merged locally and pushed to the protected branch. This can be done without status checks running on the merge commit itself. {% endnote %} -## 头部提交与测试合并提交之间的冲突 +## Conflicts between head commit and test merge commit -有时,测试合并提交与头部提交的状态检查结果存在冲突。 如果测试合并提交具有状态,则测试合并提交必须通过。 否则,必须传递头部提交的状态后才可合并该分支。 有关测试合并提交的详细信息,请参阅“[拉取](/rest/reference/pulls#get-a-pull-request)”。 +Sometimes, the results of the status checks for the test merge commit and head commit will conflict. If the test merge commit has a status, the test merge commit must pass. Otherwise, the status of the head commit must pass before you can merge the branch. For more information about test merge commits, see "[Pulls](/rest/reference/pulls#get-a-pull-request)." -![具有冲突的合并提交的分支](/assets/images/help/repository/req-status-check-conflicting-merge-commits.png) +![Branch with conflicting merge commits](/assets/images/help/repository/req-status-check-conflicting-merge-commits.png) -## 处理已跳过但需要检查 +## Handling skipped but required checks {% note %} -注意:如果因[路径筛选](/actions/using-workflows/workflow-syntax-for-github-actions#onpushpull_requestpull_request_targetpathspaths-ignore)、[分支筛选](/actions/using-workflows/workflow-syntax-for-github-actions#onpull_requestpull_request_targetbranchesbranches-ignore)或[提交消息](/actions/managing-workflow-runs/skipping-workflow-runs)而跳过某工作流,则与该工作流关联的检查将保持为“挂起”状态。 要求这些检查成功的拉取请求将被阻止合并。 +**Note:** If a workflow is skipped due to [path filtering](/actions/using-workflows/workflow-syntax-for-github-actions#onpushpull_requestpull_request_targetpathspaths-ignore), [branch filtering](/actions/using-workflows/workflow-syntax-for-github-actions#onpull_requestpull_request_targetbranchesbranches-ignore) or a [commit message](/actions/managing-workflow-runs/skipping-workflow-runs), then checks associated with that workflow will remain in a "Pending" state. A pull request that requires those checks to be successful will be blocked from merging. -如果由于某条件而跳过工作流中的作业,该作业状态将报告为“成功”。 有关详细信息,请参阅[跳过工作流运行](/actions/managing-workflow-runs/skipping-workflow-runs)和[使用条件控制作业执行](/actions/using-jobs/using-conditions-to-control-job-execution)。 +If a job in a workflow is skipped due to a conditional, it will report its status as "Success". For more information see [Skipping workflow runs](/actions/managing-workflow-runs/skipping-workflow-runs) and [Using conditions to control job execution](/actions/using-jobs/using-conditions-to-control-job-execution). {% endnote %} -### 示例 +### Example -以下示例显示了要求 `build` 作业为“成功”完成状态的工作流,但如果拉取请求未更改 `scripts` 目录中的任何文件,则将跳过该工作流。 +The following example shows a workflow that requires a "Successful" completion status for the `build` job, but the workflow will be skipped if the pull request does not change any files in the `scripts` directory. ```yaml name: ci @@ -86,11 +80,11 @@ jobs: - run: npm test ``` -由于[路径筛选](/actions/using-workflows/workflow-syntax-for-github-actions#onpushpull_requestpull_request_targetpathspaths-ignore),仅更改存储库根目录中文件的拉取请求不会触发此工作流,并且将被阻止合并。 您将在拉取请求上看到以下状态: +Due to [path filtering](/actions/using-workflows/workflow-syntax-for-github-actions#onpushpull_requestpull_request_targetpathspaths-ignore), a pull request that only changes a file in the root of the repository will not trigger this workflow and is blocked from merging. You would see the following status on the pull request: -![必需的检查已跳过,但显示为挂起](/assets/images/help/repository/PR-required-check-skipped.png) +![Required check skipped but shown as pending](/assets/images/help/repository/PR-required-check-skipped.png) -您可以通过创建具有相同名称的通用工作流程来解决此问题,该工作流程在任何情况下都将返回 true,类似于下面的工作流程: +You can fix this by creating a generic workflow, with the same name, that will return true in any case similar to the workflow below : ```yaml name: ci @@ -105,19 +99,19 @@ jobs: steps: - run: 'echo "No build required" ' ``` -现在,只要有人发送不会更改第一个工作流中 `paths` 下列出的文件的拉取请求,检查将始终通过。 +Now the checks will always pass whenever someone sends a pull request that doesn't change the files listed under `paths` in the first workflow. -![检查已跳过,但由于通用工作流程而通过](/assets/images/help/repository/PR-required-check-passed-using-generic.png) +![Check skipped but passes due to generic workflow](/assets/images/help/repository/PR-required-check-passed-using-generic.png) {% note %} -**注意:** -* 请确保两个工作流文件中 `name` 键和所需的作业名称相同。 有关详细信息,请参阅“[{% data variables.product.prodname_actions %} 的工作流语法”](/actions/reference/workflow-syntax-for-github-actions)。 -* 上面的示例使用 {% data variables.product.prodname_actions %} 但此解决方法也适用于与 {% data variables.product.company_short %} 集成的其他 CI/CD 提供程序。 +**Notes:** +* Make sure that the `name` key and required job name in both the workflow files are the same. For more information, see "[Workflow syntax for {% data variables.product.prodname_actions %}](/actions/reference/workflow-syntax-for-github-actions)". +* The example above uses {% data variables.product.prodname_actions %} but this workaround is also applicable to other CI/CD providers that integrate with {% data variables.product.company_short %}. {% endnote %} -{% ifversion fpt or ghes > 3.3 or ghae-issue-5379 or ghec %}受保护的分支也可能要求从特定的 {% data variables.product.prodname_github_app %} 进行状态检查。 如果看到类似于以下内容的消息,则应验证合并框中列出的检查项是否由预期的应用设置。 +{% ifversion fpt or ghes > 3.3 or ghae > 3.3 or ghec %}It's also possible for a protected branch to require a status check from a specific {% data variables.product.prodname_github_app %}. If you see a message similar to the following, then you should verify that the check listed in the merge box was set by the expected app. ``` Required status check "build" was not set by the expected {% data variables.product.prodname_github_app %}. diff --git a/translations/zh-CN/content/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository.md b/translations/zh-CN/content/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository.md index 1fd256db9d..ac0814041c 100644 --- a/translations/zh-CN/content/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository.md +++ b/translations/zh-CN/content/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository.md @@ -1,6 +1,6 @@ --- -title: 管理存储库的 GitHub Actions 设置 -intro: '您可以对特定仓库禁用或配置 {% data variables.product.prodname_actions %}。' +title: Managing GitHub Actions settings for a repository +intro: 'You can disable or configure {% data variables.product.prodname_actions %} for a specific repository.' redirect_from: - /github/administering-a-repository/configuring-the-retention-period-for-github-actions-artifacts-and-logs-in-your-repository - /github/administering-a-repository/managing-repository-settings/configuring-the-retention-period-for-github-actions-artifacts-and-logs-in-your-repository @@ -18,150 +18,175 @@ topics: - Pull requests shortTitle: Manage GitHub Actions settings miniTocMaxHeadingLevel: 3 -ms.openlocfilehash: 80bce0a3f43ccac75215bd738922dc5d79868793 -ms.sourcegitcommit: 47bd0e48c7dba1dde49baff60bc1eddc91ab10c5 -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/05/2022 -ms.locfileid: '147061126' --- -{% data reusables.actions.enterprise-beta %} {% data reusables.actions.enterprise-github-hosted-runners %} -## 关于仓库的 {% data variables.product.prodname_actions %} 权限 +{% data reusables.actions.enterprise-beta %} +{% data reusables.actions.enterprise-github-hosted-runners %} -{% data reusables.actions.disabling-github-actions %} 有关 {% data variables.product.prodname_actions %} 的详细信息,请参阅“[关于 {% data variables.product.prodname_actions %}](/actions/getting-started-with-github-actions/about-github-actions)”。 +## About {% data variables.product.prodname_actions %} permissions for your repository -您可以对您的仓库启用 {% data variables.product.prodname_actions %}。 {% data reusables.actions.enabled-actions-description %} 你可以对存储库完全禁用 {% data variables.product.prodname_actions %}。 {% data reusables.actions.disabled-actions-description %} +{% data reusables.actions.disabling-github-actions %} For more information about {% data variables.product.prodname_actions %}, see "[About {% data variables.product.prodname_actions %}](/actions/getting-started-with-github-actions/about-github-actions)." -或者,可以启用存储库中的 {% data variables.product.prodname_actions %},但限制工作流可以运行的操作{% ifversion actions-workflow-policy %}和可重用工作流{% endif %}。 +You can enable {% data variables.product.prodname_actions %} for your repository. {% data reusables.actions.enabled-actions-description %} You can disable {% data variables.product.prodname_actions %} for your repository altogether. {% data reusables.actions.disabled-actions-description %} -## 管理仓库的 {% data variables.product.prodname_actions %} 权限 +Alternatively, you can enable {% data variables.product.prodname_actions %} in your repository but limit the actions {% ifversion actions-workflow-policy %}and reusable workflows{% endif %} a workflow can run. -可以为存储库禁用 {% data variables.product.prodname_actions %},或者设置一个策略,用于配置可在存储库中使用哪些操作{% ifversion actions-workflow-policy %}和可重用工作流{% endif %}。 +## Managing {% data variables.product.prodname_actions %} permissions for your repository + +You can disable {% data variables.product.prodname_actions %} for a repository, or set a policy that configures which actions{% ifversion actions-workflow-policy %} and reusable workflows{% endif %} can be used in the repository. {% note %} -注意:如果你的组织有覆盖策略或由具有覆盖策略的企业帐户管理,则可能无法管理这些设置。 有关详细信息,请参阅“[为组织禁用或限制 {% data variables.product.prodname_actions %}](/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization)”或“[在企业中对 {% data variables.product.prodname_actions %} 强制实施策略](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-github-actions-policies-for-your-enterprise)”。 +**Note:** You might not be able to manage these settings if your organization has an overriding policy or is managed by an enterprise that has overriding policy. For more information, see "[Disabling or limiting {% data variables.product.prodname_actions %} for your organization](/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization)" or "[Enforcing policies for {% data variables.product.prodname_actions %} in your enterprise](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-github-actions-policies-for-your-enterprise)." {% endnote %} -{% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-settings %} {% data reusables.repositories.settings-sidebar-actions-general %} -1. 在“Actions permissions(操作权限)”下,选择一个选项。 +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.sidebar-settings %} +{% data reusables.repositories.settings-sidebar-actions-general %} +1. Under "Actions permissions", select an option. {% indented_data_reference reusables.actions.actions-use-policy-settings spaces=3 %} - {% ifversion actions-workflow-policy %} ![为此存储库设置操作策略](/assets/images/help/repository/actions-policy-with-workflows.png) {%- else %} ![为此存储库设置操作策略](/assets/images/help/repository/actions-policy.png) {%- endif %} -1. 单击“ **保存**”。 + {% ifversion actions-workflow-policy %} + ![Set actions policy for this repository](/assets/images/help/repository/actions-policy-with-workflows.png) + {%- else %} + ![Set actions policy for this repository](/assets/images/help/repository/actions-policy.png) + {%- endif %} +1. Click **Save**. {% data reusables.actions.allow-specific-actions-intro %} -{% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-settings %} {% data reusables.repositories.settings-sidebar-actions-general %} -1. 在“操作权限”下,选择 {% data reusables.actions.policy-label-for-select-actions-workflows %} 并将所需的操作添加到列表中。 +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.sidebar-settings %} +{% data reusables.repositories.settings-sidebar-actions-general %} +1. Under "Actions permissions", select {% data reusables.actions.policy-label-for-select-actions-workflows %} and add your required actions to the list. - {% ifversion actions-workflow-policy%} ![将操作和可重用工作流添加到允许列表](/assets/images/help/repository/actions-policy-allow-list-with-workflows.png) {%- elsif ghes %} ![将操作添加到允许列表](/assets/images/help/repository/actions-policy-allow-list.png) {%- else %} ![将操作添加到允许列表](/assets/images/enterprise/github-ae/repository/actions-policy-allow-list.png) {%- endif %} -1. 单击“ **保存**”。 + {% ifversion actions-workflow-policy%} + ![Add actions and reusable workflows to the allow list](/assets/images/help/repository/actions-policy-allow-list-with-workflows.png) + {%- elsif ghes %} + ![Add actions to the allow list](/assets/images/help/repository/actions-policy-allow-list.png) + {%- else %} + ![Add actions to the allow list](/assets/images/enterprise/github-ae/repository/actions-policy-allow-list.png) + {%- endif %} +1. Click **Save**. {% ifversion fpt or ghec %} -## 在公共存储库中控制从分支到工作流的更改 +## Controlling changes from forks to workflows in public repositories {% data reusables.actions.workflow-run-approve-public-fork %} -您可以使用以下过程为存储库配置此行为。 修改此设置会覆盖组织或企业级别的配置集。 +You can configure this behavior for a repository using the procedure below. Modifying this setting overrides the configuration set at the organization or enterprise level. -{% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-settings %} {% data reusables.repositories.settings-sidebar-actions-general %} {% data reusables.actions.workflows-from-public-fork-setting %} +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.sidebar-settings %} +{% data reusables.repositories.settings-sidebar-actions-general %} +{% data reusables.actions.workflows-from-public-fork-setting %} -{% data reusables.actions.workflow-run-approve-link %} {% endif %} +{% data reusables.actions.workflow-run-approve-link %} +{% endif %} -## 为专用存储库的分支启用工作流 +## Enabling workflows for forks of private repositories {% data reusables.actions.private-repository-forks-overview %} -如果为 {% ifversion ghec or ghae or ghes %}企业或{% endif %} 组织禁用了某个策略,则无法为存储库启用该策略。 +If a policy is disabled for an {% ifversion ghec or ghae or ghes %}enterprise or{% endif %} organization, it cannot be enabled for a repository. {% data reusables.actions.private-repository-forks-options %} -### 为专用存储库配置分支策略 +### Configuring the fork policy for a private repository -{% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-settings %} {% data reusables.repositories.settings-sidebar-actions-general %} {% data reusables.actions.private-repository-forks-configure %} +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.sidebar-settings %} +{% data reusables.repositories.settings-sidebar-actions-general %} +{% data reusables.actions.private-repository-forks-configure %} -## 为存储库设置 `GITHUB_TOKEN` 的权限 +## Setting the permissions of the `GITHUB_TOKEN` for your repository {% data reusables.actions.workflow-permissions-intro %} -默认权限也可以在组织设置中配置。 如果你的存储库属于某个组织并且在组织设置中选择了更严格的默认值,则会在存储库设置中自动选择相同的选项,并禁用许可选项。 +The default permissions can also be configured in the organization settings. If your repository belongs to an organization and a more restrictive default has been selected in the organization settings, the same option is selected in your repository settings and the permissive option is disabled. {% data reusables.actions.workflow-permissions-modifying %} -### 配置默认 `GITHUB_TOKEN` 权限 - -{% ifversion allow-actions-to-approve-pr-with-ent-repo %} 默认情况下,当你在个人帐户中创建新存储库时,`GITHUB_TOKEN` 仅对 `contents` 范围具有读取权限。 如果在组织中创建新存储库,则设置继承自组织设置中配置的内容。 -{% endif %} - -{% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-settings %} {% data reusables.repositories.settings-sidebar-actions-general %} -1. 在“工作流权限”下,选择是要让 `GITHUB_TOKEN` 对所有范围具有读写访问权限,还是仅对 `contents` 范围具有读取访问。 - - ![为此仓库设置 GITHUB_TOKENN 权限](/assets/images/help/settings/actions-workflow-permissions-repository{% ifversion allow-actions-to-approve-pr-with-ent-repo %}-with-pr-approval{% endif %}.png) - -1. 单击“保存”以应用设置。 +### Configuring the default `GITHUB_TOKEN` permissions {% ifversion allow-actions-to-approve-pr-with-ent-repo %} -### 阻止 {% data variables.product.prodname_actions %} 创建或批准拉取请求 +By default, when you create a new repository in your personal account, `GITHUB_TOKEN` only has read access for the `contents` scope. If you create a new repository in an organization, the setting is inherited from what is configured in the organization settings. +{% endif %} + +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.sidebar-settings %} +{% data reusables.repositories.settings-sidebar-actions-general %} +1. Under "Workflow permissions", choose whether you want the `GITHUB_TOKEN` to have read and write access for all scopes, or just read access for the `contents` scope. + + ![Set GITHUB_TOKEN permissions for this repository](/assets/images/help/settings/actions-workflow-permissions-repository{% ifversion allow-actions-to-approve-pr-with-ent-repo %}-with-pr-approval{% endif %}.png) + +1. Click **Save** to apply the settings. + +{% ifversion allow-actions-to-approve-pr-with-ent-repo %} +### Preventing {% data variables.product.prodname_actions %} from creating or approving pull requests {% data reusables.actions.workflow-pr-approval-permissions-intro %} -默认情况下,在个人帐户中创建新存储库时,不允许工作流创建或批准拉取请求。 如果在组织中创建新存储库,则设置继承自组织设置中配置的内容。 +By default, when you create a new repository in your personal account, workflows are not allowed to create or approve pull requests. If you create a new repository in an organization, the setting is inherited from what is configured in the organization settings. -{% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-settings %} {% data reusables.repositories.settings-sidebar-actions-general %} -1. 在“工作流权限”下,使用“允许 GitHub Actions 创建和批准拉取请求”设置配置 `GITHUB_TOKEN` 是否可以创建和批准拉取请求。 - - ![为此仓库设置 GITHUB_TOKENN 权限](/assets/images/help/settings/actions-workflow-permissions-repository-with-pr-approval.png) -1. 单击“保存”以应用设置。 -{% endif %} - -{% ifversion ghes > 3.3 or ghae-issue-4757 or ghec %} -## 允许访问内部存储库中的组件 - -企业成员可以使用内部存储库来处理项目,而无需公开共享信息。 有关信息,请参阅[关于存储库](/repositories/creating-and-managing-repositories/about-repositories#about-internal-repositories)。 - -你可以使用以下步骤配置是否可以从存储库外部访问内部存储库中的{% ifversion internal-actions%}操作和{% endif %}工作流。{% ifversion internal-actions %}有关详细信息,请参阅“[与企业共享操作和工作流](/actions/creating-actions/sharing-actions-and-workflows-with-your-enterprise)”。 或者,您可以使用 REST API 来设置或获取访问级别的详细信息。 有关详细信息,请参阅“[获取存储库外部工作流的访问级别](/rest/reference/actions#get-the-level-of-access-for-workflows-outside-of-the-repository#get-the-level-of-access-for-workflows-outside-of-the-repository)”和“[设置存储库外部工作流的访问级别](/rest/reference/actions#get-the-level-of-access-for-workflows-outside-of-the-repository#set-the-level-of-access-for-workflows-outside-of-the-repository)”。{% endif %} - -1. 在 {% data variables.product.prodname_dotcom %} 上,导航到内部仓库的主页面。 -1. 在存储库名称下,单击 {% octicon "gear" aria-label="The gear icon" %}“设置”。 +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.sidebar-settings %} {% data reusables.repositories.settings-sidebar-actions-general %} -1. 在“访问”下,选择其中一个访问设置: +1. Under "Workflow permissions", use the **Allow GitHub Actions to create and approve pull requests** setting to configure whether `GITHUB_TOKEN` can create and approve pull requests. - {% ifversion ghes > 3.4 or ghae-issue-6090 or ghec %}![设置对操作组件的访问](/assets/images/help/settings/actions-access-settings.png){% else %}![设置对操作组件的访问](/assets/images/enterprise/3.4/actions-access-settings.png){% endif %} - - * 无法访问- 其他存储库中的工作流无法访问此存储库。 - * 可从 'ORGANIZATION NAME' 组织中的存储库访问 - {% ifversion ghes > 3.4 or ghae-issue-6090 or ghec %}属于 'ORGANIZATION NAME' 组织的其他存储库中的工作流可以访问此存储库中的操作和工作流。 仅允许从私有或内部存储库进行访问。{% else %}如果其他存储库中的工作流程属于同一组织,并且其可见性是私有或内部,则可以使用此存储库中的工作流程。{% endif %} - * 可从 'ENTERPRISE NAME' 企业中的存储库访问 - {% ifversion ghes > 3.4 or ghae-issue-6090 or ghec %}属于 'ENTERPRISE NAME' 企业的其他存储库中的工作流可以访问此存储库中的操作和工作流。 仅允许从私有或内部存储库进行访问。{% else %}如果其他存储库中的工作流程属于同一企业,并且其可见性是私有或内部,则可以使用此存储库中的工作流程。{% endif %} -1. 单击“保存”以应用设置。 + ![Set GITHUB_TOKEN permissions for this repository](/assets/images/help/settings/actions-workflow-permissions-repository-with-pr-approval.png) +1. Click **Save** to apply the settings. {% endif %} -## 为仓库中构件和日志的 {% data variables.product.prodname_actions %} 配置保留期 +{% ifversion ghes > 3.3 or ghae > 3.3 or ghec %} +## Allowing access to components in an internal repository -您可以为仓库中的 {% data variables.product.prodname_actions %} 构件和日志配置保留期。 +Members of your enterprise can use internal repositories to work on projects without sharing information publicly. For information, see "[About repositories](/repositories/creating-and-managing-repositories/about-repositories#about-internal-repositories)." + +You can use the steps below to configure whether {% ifversion internal-actions%}actions and {% endif %}workflows in an internal repository can be accessed from outside the repository.{% ifversion internal-actions %} For more information, see "[Sharing actions and workflows with your enterprise](/actions/creating-actions/sharing-actions-and-workflows-with-your-enterprise)." Alternatively, you can use the REST API to set, or get details of, the level of access. For more information, see "[Get the level of access for workflows outside of the repository](/rest/reference/actions#get-the-level-of-access-for-workflows-outside-of-the-repository#get-the-level-of-access-for-workflows-outside-of-the-repository)" and "[Set the level of access for workflows outside of the repository](/rest/reference/actions#get-the-level-of-access-for-workflows-outside-of-the-repository#set-the-level-of-access-for-workflows-outside-of-the-repository)."{% endif %} + +1. On {% data variables.product.prodname_dotcom %}, navigate to the main page of the internal repository. +1. Under your repository name, click {% octicon "gear" aria-label="The gear icon" %} **Settings**. +{% data reusables.repositories.settings-sidebar-actions-general %} +1. Under **Access**, choose one of the access settings: + + {% ifversion ghes > 3.4 or ghae > 3.4 or ghec %}![Set the access to Actions components](/assets/images/help/settings/actions-access-settings.png){% else %}![Set the access to Actions components](/assets/images/enterprise/3.4/actions-access-settings.png){% endif %} + + * **Not accessible** - Workflows in other repositories cannot access this repository. + * **Accessible from repositories in the 'ORGANIZATION NAME' organization** - {% ifversion ghes > 3.4 or ghae > 3.4 or ghec %}Workflows in other repositories that are part of the 'ORGANIZATION NAME' organization can access the actions and workflows in this repository. Access is allowed only from private or internal repositories.{% else %}Workflows in other repositories can use workflows in this repository if they are part of the same organization and their visibility is private or internal.{% endif %} + * **Accessible from repositories in the 'ENTERPRISE NAME' enterprise** - {% ifversion ghes > 3.4 or ghae > 3.4 or ghec %}Workflows in other repositories that are part of the 'ENTERPRISE NAME' enterprise can access the actions and workflows in this repository. Access is allowed only from private or internal repositories.{% else %}Workflows in other repositories can use workflows in this repository if they are part of the same enterprise and their visibility is private or internal.{% endif %} +1. Click **Save** to apply the settings. +{% endif %} + +## Configuring the retention period for {% data variables.product.prodname_actions %} artifacts and logs in your repository + +You can configure the retention period for {% data variables.product.prodname_actions %} artifacts and logs in your repository. {% data reusables.actions.about-artifact-log-retention %} -您还可以为工作流程创建的特定构件自定义保留期。 有关详细信息,请参阅“[设置项目的保持期](/actions/managing-workflow-runs/removing-workflow-artifacts#setting-the-retention-period-for-an-artifact)”。 +You can also define a custom retention period for a specific artifact created by a workflow. For more information, see "[Setting the retention period for an artifact](/actions/managing-workflow-runs/removing-workflow-artifacts#setting-the-retention-period-for-an-artifact)." -## 设置仓库的保留期 +## Setting the retention period for a repository -{% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-settings %} {% data reusables.repositories.settings-sidebar-actions-general %} {% data reusables.actions.change-retention-period-for-artifacts-logs %} +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.sidebar-settings %} +{% data reusables.repositories.settings-sidebar-actions-general %} +{% data reusables.actions.change-retention-period-for-artifacts-logs %} {% ifversion actions-cache-policy-apis %} -## 为存储库配置缓存存储 +## Configuring cache storage for a repository -{% data reusables.actions.cache-default-size %}但是,如果企业所有者更改了这些默认大小,则这些默认大小可能有所不同。 {% data reusables.actions.cache-eviction-process %} +{% data reusables.actions.cache-default-size %} However, these default sizes might be different if an enterprise owner has changed them. {% data reusables.actions.cache-eviction-process %} -可以将存储库的总缓存存储大小设置为企业策略设置允许的最大大小。 +You can set a total cache storage size for your repository up to the maximum size allowed by the enterprise policy setting. -{% data variables.product.prodname_actions %} 缓存存储的策略设置目前只能使用 REST API 进行修改: +The repository settings for {% data variables.product.prodname_actions %} cache storage can currently only be modified using the REST API: -* 若要查看存储库的当前缓存存储限制,请参阅“[获取存储库的 GitHub Actions 缓存使用策略](/rest/actions/cache#get-github-actions-cache-usage-policy-for-a-repository)”。 -* 若要更改存储库的缓存存储限制,请参阅“[设置存储库的 GitHub Actions 缓存使用策略](/rest/actions/cache#set-github-actions-cache-usage-policy-for-a-repository)”。 +* To view the current cache storage limit for a repository, see "[Get GitHub Actions cache usage policy for a repository](/rest/actions/cache#get-github-actions-cache-usage-policy-for-a-repository)." +* To change the cache storage limit for a repository, see "[Set GitHub Actions cache usage policy for a repository](/rest/actions/cache#set-github-actions-cache-usage-policy-for-a-repository)." {% data reusables.actions.cache-no-org-policy %} diff --git a/translations/zh-CN/content/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository.md b/translations/zh-CN/content/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository.md index 54db5d53db..3bc55f4486 100644 --- a/translations/zh-CN/content/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository.md +++ b/translations/zh-CN/content/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository.md @@ -1,6 +1,6 @@ --- -title: 管理存储库的安全和分析设置 -intro: '您可以控制功能以保护 {% data variables.product.prodname_dotcom %} 上项目的安全并分析其中的代码。' +title: Managing security and analysis settings for your repository +intro: 'You can control features that secure and analyze the code in your project on {% data variables.product.prodname_dotcom %}.' permissions: People with admin permissions to a repository can manage security and analysis settings for the repository. redirect_from: - /articles/managing-alerts-for-vulnerable-dependencies-in-your-organization-s-repositories @@ -23,69 +23,103 @@ topics: - Secret scanning - Repositories shortTitle: Security & analysis -ms.openlocfilehash: 95e0b3c0c8e03c8a903dad8220542502ce73bf5c -ms.sourcegitcommit: 47bd0e48c7dba1dde49baff60bc1eddc91ab10c5 -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/05/2022 -ms.locfileid: '147060336' --- {% ifversion fpt or ghec %} -## 为公共仓库启用或禁用安全和分析功能 +## Enabling or disabling security and analysis features for public repositories -您可以管理公共仓库的一部分安全和分析功能。 其他功能是永久启用的,包括依赖项图和密码扫描。 +You can manage a subset of security and analysis features for public repositories. Other features are permanently enabled, including dependency graph and secret scanning. -{% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-settings %} {% data reusables.repositories.navigate-to-code-security-and-analysis %} -4. 在“代码安全和分析”下,单击该功能右侧的“禁用”或“启用” 。 - ![公共存储库中“配置安全和分析”功能的“启用”或“禁用”按钮](/assets/images/help/repository/security-and-analysis-disable-or-enable-public.png) {% endif %} +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.sidebar-settings %} +{% data reusables.repositories.navigate-to-code-security-and-analysis %} +4. Under "Code security and analysis", to the right of the feature, click **Disable** or **Enable**. + !["Enable" or "Disable" button for "Configure security and analysis" features in a public repository](/assets/images/help/repository/security-and-analysis-disable-or-enable-public.png) +{% endif %} -## 为专用存储库启用或禁用安全和分析功能{% ifversion fpt or ghec %}{% endif %} +## Enabling or disabling security and analysis features{% ifversion fpt or ghec %} for private repositories{% endif %} -您可以管理{% ifversion fpt or ghec %}私有或内部 {% endif %}仓库的安全性和分析功能。{% ifversion ghes or ghec %} 如果您的组织属于拥有 {% data variables.product.prodname_GH_advanced_security %} 许可证的企业,则额外选项可用。 {% data reusables.advanced-security.more-info-ghas %} {% elsif fpt %} 结合使用 {% data variables.product.prodname_ghe_cloud %} 与 {% data variables.product.prodname_advanced_security %} 的组织有额外选项可用。 有关详细信息,请参阅 [{% data variables.product.prodname_ghe_cloud %} 文档](/enterprise-cloud@latest//repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository#enabling-or-disabling-security-and-analysis-features-for-private-repositories)。 +You can manage the security and analysis features for your {% ifversion fpt or ghec %}private or internal {% endif %}repository.{% ifversion ghes or ghec %} If your organization belongs to an enterprise with a license for {% data variables.product.prodname_GH_advanced_security %} then extra options are available. {% data reusables.advanced-security.more-info-ghas %} +{% elsif fpt %} Organizations that use {% data variables.product.prodname_ghe_cloud %} with {% data variables.product.prodname_advanced_security %} have extra options available. For more information, see the [{% data variables.product.prodname_ghe_cloud %} documentation](/enterprise-cloud@latest//repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository#enabling-or-disabling-security-and-analysis-features-for-private-repositories). {% endif %} {% data reusables.security.security-and-analysis-features-enable-read-only %} -{% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-settings %} {% data reusables.repositories.navigate-to-code-security-and-analysis %} {% ifversion fpt or ghes or ghec %} -4. 在“代码安全和分析”下,单击该功能右侧的“禁用”或“启用” 。 {% ifversion not fpt %}如果你的企业没有 {% data variables.product.prodname_advanced_security %} 的可用许可证,“{% data variables.product.prodname_GH_advanced_security %}”的控件将处于禁用状态。{% endif %}{% ifversion fpt %}![“配置安全和分析”功能的“启用”或“禁用”按钮的屏幕截图](/assets/images/help/repository/security-and-analysis-disable-or-enable-fpt-private.png){% elsif ghec %}![“配置安全和分析”功能的“启用”或“禁用”按钮的屏幕截图](/assets/images/help/repository/security-and-analysis-disable-or-enable-ghec-private.png){% elsif ghes > 3.6 or ghae-issue-7044 %}{% elsif ghes = 3.2 %}![“配置安全和分析”功能的“启用”或“禁用”按钮的屏幕截图](/assets/images/enterprise/3.1/help/repository/security-and-analysis-disable-or-enable-ghes.png){% else %}![“配置安全和分析”功能的“启用”或“禁用”按钮的屏幕截图](/assets/images/enterprise/3.3/repository/security-and-analysis-disable-or-enable-ghes.png){% endif %} +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.sidebar-settings %} +{% data reusables.repositories.navigate-to-code-security-and-analysis %} +{% ifversion fpt or ghes or ghec %} +4. Under "Code security and analysis", to the right of the feature, click **Disable** or **Enable**. {% ifversion not fpt %}The control for "{% data variables.product.prodname_GH_advanced_security %}" is disabled if your enterprise has no available licenses for {% data variables.product.prodname_advanced_security %}.{% endif %}{% ifversion fpt %} + ![Screenshot of "Enable" or "Disable" button for "Configure security and analysis" features](/assets/images/help/repository/security-and-analysis-disable-or-enable-fpt-private.png){% elsif ghec %} + ![Screenshot of "Enable" or "Disable" button for "Configure security and analysis" features](/assets/images/help/repository/security-and-analysis-disable-or-enable-ghec-private.png){% elsif ghes > 3.6 or ghae > 3.6 %}{% elsif ghes = 3.2 %} + ![Screenshot of "Enable" or "Disable" button for "Configure security and analysis" features](/assets/images/enterprise/3.1/help/repository/security-and-analysis-disable-or-enable-ghes.png){% else %} + ![Screenshot of "Enable" or "Disable" button for "Configure security and analysis" features](/assets/images/enterprise/3.3/repository/security-and-analysis-disable-or-enable-ghes.png){% endif %} - {% ifversion not fpt %} {% note %} + {% ifversion not fpt %} + {% note %} - 注意:如果你禁用 {% data variables.product.prodname_GH_advanced_security %},{% ifversion ghec %}依赖项审核、{% endif %}{% data variables.product.prodname_secret_scanning %} 和 {% data variables.product.prodname_code_scanning %} 都将处于禁用状态。 任何工作流程、SARIF上传或 {% data variables.product.prodname_code_scanning %} 的 API 调用都将失败。 + **Note:** If you disable {% data variables.product.prodname_GH_advanced_security %}, {% ifversion ghec %}dependency review, {% endif %}{% data variables.product.prodname_secret_scanning %} and {% data variables.product.prodname_code_scanning %} are disabled. Any workflows, SARIF uploads, or API calls for {% data variables.product.prodname_code_scanning %} will fail. {% endnote %}{% endif %} {% endif %} {% ifversion ghae %} -4. 在“代码安全和分析”下,单击该功能右侧的“禁用”或“启用” 。 在启用“{% data variables.product.prodname_secret_scanning %}”之前,您可能需要先启用 {% data variables.product.prodname_GH_advanced_security %}。 - ![为你的存储库启用或禁用 {% data variables.product.prodname_GH_advanced_security %} 或 {% data variables.product.prodname_secret_scanning %}](/assets/images/enterprise/github-ae/repository/enable-ghas-secret-scanning-ghae.png) {% endif %} +4. Under "Code security and analysis", to the right of the feature, click **Disable** or **Enable**. Before you can enable "{% data variables.product.prodname_secret_scanning %}" for your repository, you may need to enable {% data variables.product.prodname_GH_advanced_security %}. + ![Enable or disable {% data variables.product.prodname_GH_advanced_security %} or {% data variables.product.prodname_secret_scanning %} for your repository](/assets/images/enterprise/github-ae/repository/enable-ghas-secret-scanning-ghae.png) + {% endif %} -## 授予对安全警报的访问权限 +## Granting access to security alerts -对存储库具有管理员访问权限的人员可以看到存储库的安全警报,如果存储库归组织所有,则组织所有者也可见。 您可以授予其他团队和人员访问警报。 +Security alerts for a repository are visible to people with admin access to the repository and, when the repository is owned by an organization, organization owners. You can give additional teams and people access to the alerts. {% note %} -组织所有者和仓库管理员只能向具有仓库写入权限的人员授予安全警报的查看权限,如 {% data variables.product.prodname_secret_scanning %} 警报。 +Organization owners and repository administrators can only grant access to view security alerts, such as {% data variables.product.prodname_secret_scanning %} alerts, to people or teams who have write access to the repo. {% endnote %} -{% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-settings %} {% data reusables.repositories.navigate-to-code-security-and-analysis %} -4. 在“Access to alerts(访问警报)”下,在搜索字段中开始键入您要查找的个人或团队的名称,然后单击匹配列表中的名称。 - {% ifversion fpt or ghec or ghes > 3.2 %} ![用于授予人员或团队安全警报访问权限的搜索字段](/assets/images/help/repository/security-and-analysis-security-alerts-person-or-team-search.png) {% endif %} {% ifversion ghes < 3.3 %} ![用于授予人员或团队安全警报访问权限的搜索字段](/assets/images/enterprise/3.2/repository/security-and-analysis-security-alerts-person-or-team-search.png) {% endif %} {% ifversion ghae %} ![用于授予人员或团队安全警报访问权限的搜索字段](/assets/images/enterprise/github-ae/repository/security-and-analysis-security-alerts-person-or-team-search-ghae.png) {% endif %} +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.sidebar-settings %} +{% data reusables.repositories.navigate-to-code-security-and-analysis %} +4. Under "Access to alerts", in the search field, start typing the name of the person or team you'd like to find, then click a name in the list of matches. + {% ifversion fpt or ghec or ghes > 3.2 %} + ![Search field for granting people or teams access to security alerts](/assets/images/help/repository/security-and-analysis-security-alerts-person-or-team-search.png) + {% endif %} + {% ifversion ghes < 3.3 %} + ![Search field for granting people or teams access to security alerts](/assets/images/enterprise/3.2/repository/security-and-analysis-security-alerts-person-or-team-search.png) + {% endif %} + {% ifversion ghae %} + ![Search field for granting people or teams access to security alerts](/assets/images/enterprise/github-ae/repository/security-and-analysis-security-alerts-person-or-team-search-ghae.png) + {% endif %} -5. 单击“保存更改”。 - {% ifversion fpt or ghes > 3.2 or ghec %} ![用于更改安全警报设置的“保存更改”按钮](/assets/images/help/repository/security-and-analysis-security-alerts-save-changes.png) {% endif %} {% ifversion ghes < 3.3 %} ![用于更改安全警报设置的“保存更改”按钮](/assets/images/enterprise/3.2/repository/security-and-analysis-security-alerts-save-changes.png) {% endif %} {% ifversion ghae %} ![用于更改安全警报设置的“保存更改”按钮](/assets/images/enterprise/github-ae/repository/security-and-analysis-security-alerts-save-changes-ghae.png) {% endif %} +5. Click **Save changes**. + {% ifversion fpt or ghes > 3.2 or ghec %} + !["Save changes" button for changes to security alert settings](/assets/images/help/repository/security-and-analysis-security-alerts-save-changes.png) + {% endif %} + {% ifversion ghes < 3.3 %} + !["Save changes" button for changes to security alert settings](/assets/images/enterprise/3.2/repository/security-and-analysis-security-alerts-save-changes.png) + {% endif %} + {% ifversion ghae %} + !["Save changes" button for changes to security alert settings](/assets/images/enterprise/github-ae/repository/security-and-analysis-security-alerts-save-changes-ghae.png) + {% endif %} -## 删除对安全警报的访问权限 +## Removing access to security alerts -{% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-settings %} {% data reusables.repositories.navigate-to-code-security-and-analysis %} -4. 在“Access to alerts(访问警报)”下,在要删除其访问权限的个人或团队的右侧,单击 {% octicon "x" aria-label="X symbol" %}。 +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.sidebar-settings %} +{% data reusables.repositories.navigate-to-code-security-and-analysis %} +4. Under "Access to alerts", to the right of the person or team whose access you'd like to remove, click {% octicon "x" aria-label="X symbol" %}. {% ifversion fpt or ghec or ghes > 3.2 %} - ![“x”按钮,用于删除某人对你的存储库安全警报的访问权限](/assets/images/help/repository/security-and-analysis-security-alerts-username-x.png) {% endif %} {% ifversion ghes < 3.3 %} ![“x”按钮,用于删除某人对你的存储库安全警报的访问权限](/assets/images/enterprise/3.2/repository/security-and-analysis-security-alerts-username-x.png) {% endif %} {% ifversion ghae %} ![“x”按钮,用于删除某人对你的存储库安全警报的访问权限](/assets/images/enterprise/github-ae/repository/security-and-analysis-security-alerts-username-x-ghae.png) {% endif %} - 5. 单击“保存更改”。 + !["x" button to remove someone's access to security alerts for your repository](/assets/images/help/repository/security-and-analysis-security-alerts-username-x.png) + {% endif %} + {% ifversion ghes < 3.3 %} + !["x" button to remove someone's access to security alerts for your repository](/assets/images/enterprise/3.2/repository/security-and-analysis-security-alerts-username-x.png) + {% endif %} + {% ifversion ghae %} + !["x" button to remove someone's access to security alerts for your repository](/assets/images/enterprise/github-ae/repository/security-and-analysis-security-alerts-username-x-ghae.png) + {% endif %} + 5. Click **Save changes**. -## 延伸阅读 +## Further reading -- [保护存储库](/code-security/getting-started/securing-your-repository) -- [管理组织的安全和分析设置](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization) +- "[Securing your repository](/code-security/getting-started/securing-your-repository)" +- "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization)" diff --git a/translations/zh-CN/content/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/configuring-autolinks-to-reference-external-resources.md b/translations/zh-CN/content/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/configuring-autolinks-to-reference-external-resources.md index 04196b22bc..6018fec5c6 100644 --- a/translations/zh-CN/content/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/configuring-autolinks-to-reference-external-resources.md +++ b/translations/zh-CN/content/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/configuring-autolinks-to-reference-external-resources.md @@ -34,7 +34,7 @@ This procedure demonstrates how to configure autolinks to reference external res {% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-settings %} -{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5658 %} +{% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %} 1. In the "Integrations" section of the sidebar, click **{% octicon "cross-reference" aria-label="The cross-reference icon" %} Autolink references**. {% else %} 1. In the left sidebar, click **Autolink references**. diff --git a/translations/zh-CN/content/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/configuring-tag-protection-rules.md b/translations/zh-CN/content/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/configuring-tag-protection-rules.md index a8beaaa786..86ccbfb5cd 100644 --- a/translations/zh-CN/content/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/configuring-tag-protection-rules.md +++ b/translations/zh-CN/content/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/configuring-tag-protection-rules.md @@ -5,7 +5,7 @@ intro: 可以为存储库配置标记保护规则,防止参与者创建或删 product: '{% data reusables.gated-features.tag-protection-rules %}' versions: fpt: '*' - ghae: issue-6337 + ghae: '>= 3.5' ghec: '*' ghes: '>3.4' ms.openlocfilehash: 3b7b84cb26d8994c89222b2e4f642592fd45b72f diff --git a/translations/zh-CN/content/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/managing-teams-and-people-with-access-to-your-repository.md b/translations/zh-CN/content/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/managing-teams-and-people-with-access-to-your-repository.md index d7e1dc3473..ba8f824816 100644 --- a/translations/zh-CN/content/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/managing-teams-and-people-with-access-to-your-repository.md +++ b/translations/zh-CN/content/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/managing-teams-and-people-with-access-to-your-repository.md @@ -1,6 +1,6 @@ --- -title: 管理有权访问存储库的团队和人员 -intro: 您可以查看有权访问仓库的每个人并调整权限。 +title: Managing teams and people with access to your repository +intro: You can see everyone who has access to your repository and adjust permissions. permissions: People with admin access to a repository can manage teams and people with access to a repository. redirect_from: - /github/administering-a-repository/managing-people-and-teams-with-access-to-your-repository @@ -10,56 +10,76 @@ versions: fpt: '*' ghec: '*' ghes: '>3.3' - ghae: issue-5974 + ghae: '>= 3.4' topics: - Repositories shortTitle: Teams & people -ms.openlocfilehash: e378332dda56fad39b18fd10da4ee9bf799a9fe3 -ms.sourcegitcommit: 47bd0e48c7dba1dde49baff60bc1eddc91ab10c5 -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/05/2022 -ms.locfileid: '145129309' --- -## 关于存储库的访问管理 -对于您在 {% data variables.product.prodname_dotcom %} 上管理的每个仓库,您可以查看有权访问仓库的每个团队或人员的概览。 在概述中,您还可以邀请新的团队或人员,更改存储库的每个团队或人员的角色,或删除对存储库的访问权限。 +## About access management for repositories -此概览可帮助您审核对仓库、内部或外部承包商或员工的访问权限,并有效响应安全事件。 +For each repository that you administer on {% data variables.product.prodname_dotcom %}, you can see an overview of every team or person with access to the repository. From the overview, you can also invite new teams or people, change each team or person's role for the repository, or remove access to the repository. + +This overview can help you audit access to your repository, onboard or off-board contractors or employees, and effectively respond to security incidents. {% data reusables.organizations.mixed-roles-warning %} -有关存储库角色的详细信息,请参阅“[个人帐户存储库的权限级别](/github/setting-up-and-managing-your-github-user-account/permission-levels-for-a-user-account-repository)”和“[组织的存储库角色](/organizations/managing-access-to-your-organizations-repositories/repository-roles-for-an-organization)”。 +For more information about repository roles, see "[Permission levels for a personal account repository](/github/setting-up-and-managing-your-github-user-account/permission-levels-for-a-user-account-repository)" and "[Repository roles for an organization](/organizations/managing-access-to-your-organizations-repositories/repository-roles-for-an-organization)." -![访问权限管理概览](/assets/images/help/repository/manage-access-overview.png) +![Access management overview](/assets/images/help/repository/manage-access-overview.png) -## 过滤团队和人员列表 +## Filtering the list of teams and people -{% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-settings %} {% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5658 %} {% data reusables.repositories.click-collaborators-teams %} {% else %} {% data reusables.repositories.navigate-to-manage-access %} {% endif %} -1. 在“Manage access(管理访问权限)”下的搜索字段中,开始输入您要查找的团队或人员的名称。 (可选)使用下拉菜单筛选搜索。 - ![用于筛选具有访问权限的团队或人员列表的搜索字段](/assets/images/help/repository/manage-access-filter.png) +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.sidebar-settings %} +{% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %} +{% data reusables.repositories.click-collaborators-teams %} +{% else %} +{% data reusables.repositories.navigate-to-manage-access %} +{% endif %} +1. Under "Manage access", in the search field, start typing the name of the team or person you'd like to find. Optionally, use the dropdown menus to filter your search. + ![Search field for filtering list of teams or people with access](/assets/images/help/repository/manage-access-filter.png) -## 更改团队或人员的权限 +## Changing permissions for a team or person -{% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-settings %} {% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5658 %} {% data reusables.repositories.click-collaborators-teams %} {% else %} {% data reusables.repositories.navigate-to-manage-access %} {% endif %} -4. 在“Manage access(管理访问)”下,找到您要更改其角色的团队或人员,然后选择 Role(角色)下拉菜单并点击新角色。 - ![使用“角色”下拉列表为团队或人员选择新权限](/assets/images/help/repository/manage-access-role-drop-down.png) +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.sidebar-settings %} +{% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %} +{% data reusables.repositories.click-collaborators-teams %} +{% else %} +{% data reusables.repositories.navigate-to-manage-access %} +{% endif %} +4. Under "Manage access", find the team or person whose role you'd like to change, then select the Role drop-down and click a new role. + ![Using the "Role" drop-down to select new permissions for a team or person](/assets/images/help/repository/manage-access-role-drop-down.png) -## 邀请团队或人员 +## Inviting a team or person -{% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-settings %} {% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5658 %} {% data reusables.repositories.click-collaborators-teams %} {% else %} {% data reusables.repositories.navigate-to-manage-access %} {% endif %} {% data reusables.organizations.invite-teams-or-people %} -5. 在搜索字段中,开始输入要邀请的团队或人员的名称,然后单击匹配列表中的名称。 - ![用于输入要邀请加入存储库的团队或人员名称的搜索字段](/assets/images/help/repository/manage-access-invite-search-field.png) -6. 在“选择角色”下,选择要授予团队或人员的存储库角色,然后单击“将名称添加到存储库”。 - ![为团队或人员选择权限](/assets/images/help/repository/manage-access-invite-choose-role-add.png) +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.sidebar-settings %} +{% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %} +{% data reusables.repositories.click-collaborators-teams %} +{% else %} +{% data reusables.repositories.navigate-to-manage-access %} +{% endif %} +{% data reusables.organizations.invite-teams-or-people %} +5. In the search field, start typing the name of the team or person to invite, then click a name in the list of matches. + ![Search field for typing the name of a team or person to invite to the repository](/assets/images/help/repository/manage-access-invite-search-field.png) +6. Under "Choose a role", select the repository role to grant to the team or person, then click **Add NAME to REPOSITORY**. + ![Selecting permissions for the team or person](/assets/images/help/repository/manage-access-invite-choose-role-add.png) -## 删除团队或人员的访问权限 +## Removing access for a team or person -{% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-settings %} {% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5658 %} {% data reusables.repositories.click-collaborators-teams %} {% else %} {% data reusables.repositories.navigate-to-manage-access %} {% endif %} -4. 在“管理访问权限”下,找到要删除其访问权限的团队或人员,然后单击 {% octicon "trash" aria-label="The trash icon" %}。 - ![用于删除访问权限的回收站图标](/assets/images/help/repository/manage-access-remove.png) +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.sidebar-settings %} +{% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %} +{% data reusables.repositories.click-collaborators-teams %} +{% else %} +{% data reusables.repositories.navigate-to-manage-access %} +{% endif %} +4. Under "Manage access", find the team or person whose access you'd like to remove, then click {% octicon "trash" aria-label="The trash icon" %}. + ![trash icon for removing access](/assets/images/help/repository/manage-access-remove.png) -## 延伸阅读 +## Further reading -- [设置存储库可见性](/github/administering-a-repository/setting-repository-visibility) -- [为组织设置基本权限](/organizations/managing-access-to-your-organizations-repositories/setting-base-permissions-for-an-organization) +- "[Setting repository visibility](/github/administering-a-repository/setting-repository-visibility)" +- "[Setting base permissions for an organization](/organizations/managing-access-to-your-organizations-repositories/setting-base-permissions-for-an-organization)" diff --git a/translations/zh-CN/content/repositories/releasing-projects-on-github/about-releases.md b/translations/zh-CN/content/repositories/releasing-projects-on-github/about-releases.md index 18866df020..c3edbf5ec0 100644 --- a/translations/zh-CN/content/repositories/releasing-projects-on-github/about-releases.md +++ b/translations/zh-CN/content/repositories/releasing-projects-on-github/about-releases.md @@ -1,6 +1,6 @@ --- -title: 关于发行版 -intro: 您可以创建包软件的发行版,以及发行说明和二进制文件链接,以供其他人使用。 +title: About releases +intro: 'You can create a release to package software, along with release notes and links to binary files, for other people to use.' redirect_from: - /articles/downloading-files-from-the-command-line - /articles/downloading-files-with-curl @@ -16,43 +16,44 @@ versions: ghec: '*' topics: - Repositories -ms.openlocfilehash: f0435993e244d470fc5f58afe8b8b2f264d9f95c -ms.sourcegitcommit: fb047f9450b41b24afc43d9512a5db2a2b750a2a -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/11/2022 -ms.locfileid: '147881503' --- -## 关于发行版 +## About releases -{% ifversion fpt or ghec or ghes > 3.3 or ghae-issue-4974 %} ![发行版概述](/assets/images/help/releases/refreshed-releases-overview-with-contributors.png) {% elsif ghae-issue-4972 %} ![发行版概述](/assets/images/help/releases/releases-overview-with-contributors.png) {% else %} ![发行版概述](/assets/images/help/releases/releases-overview.png) {% endif %} - -发行版是可部署的软件迭代,您可以打包并提供给更广泛的受众下载和使用。 - -发行版基于用于标记存储库历史记录中的特定点的 [Git 标记](https://git-scm.com/book/en/Git-Basics-Tagging)。 标记日期可能与发行日期不同,因为它们可在不同的时间创建。 有关查看现有标记的详细信息,请参阅“[查看存储库的发行版和标记](/github/administering-a-repository/viewing-your-repositorys-releases-and-tags)”。 - -当仓库中发布新发行版时您可以接收通知,但不会接受有关仓库其他更新的通知。 有关详细信息,请参阅“[查看订阅](/github/managing-subscriptions-and-notifications-on-github/viewing-your-subscriptions)”。 - -对仓库具有读取访问权限的任何人都可以查看和比较发行版,但只有对仓库具有写入权限的人员才能管理发行版。 有关详细信息,请参阅“[管理存储库中的发行版](/github/administering-a-repository/managing-releases-in-a-repository)”。 - -{% ifversion fpt or ghec or ghes > 3.3 or ghae-issue-4974 %} 管理发行版时,可以手动创建发行说明。 或者,您可以从默认模板自动生成发行说明,或自定义您自己的发行说明模板。 有关详细信息,请参阅“[自动生成的发行说明](/repositories/releasing-projects-on-github/automatically-generated-release-notes)”。 +{% ifversion fpt or ghec or ghes > 3.3 or ghae > 3.3 %} +![An overview of releases](/assets/images/help/releases/refreshed-releases-overview-with-contributors.png) +{% else %} +![An overview of releases](/assets/images/help/releases/releases-overview.png) {% endif %} -{% ifversion fpt or ghec or ghes > 3.5 or ghae-issue-7054 %} 在查看发布的详细信息时,每个发布资产的创建日期会显示在发布资产旁边。 +Releases are deployable software iterations you can package and make available for a wider audience to download and use. + +Releases are based on [Git tags](https://git-scm.com/book/en/Git-Basics-Tagging), which mark a specific point in your repository's history. A tag date may be different than a release date since they can be created at different times. For more information about viewing your existing tags, see "[Viewing your repository's releases and tags](/github/administering-a-repository/viewing-your-repositorys-releases-and-tags)." + +You can receive notifications when new releases are published in a repository without receiving notifications about other updates to the repository. For more information, see "[Viewing your subscriptions](/github/managing-subscriptions-and-notifications-on-github/viewing-your-subscriptions)." + +Anyone with read access to a repository can view and compare releases, but only people with write permissions to a repository can manage releases. For more information, see "[Managing releases in a repository](/github/administering-a-repository/managing-releases-in-a-repository)." + +{% ifversion fpt or ghec or ghes > 3.3 or ghae > 3.3 %} +You can manually create release notes while managing a release. Alternatively, you can automatically generate release notes from a default template, or customize your own release notes template. For more information, see "[Automatically generated release notes](/repositories/releasing-projects-on-github/automatically-generated-release-notes)." {% endif %} -{% ifversion fpt or ghec %} 对存储库具有管理员权限的人可以选择是否将 {% data variables.large_files.product_name_long %} ({% data variables.large_files.product_name_short %}) 对象包含在 {% data variables.product.product_name %} 为每个发行版创建的 ZIP 文件和 tarball 中。 有关详细信息,请参阅“[管理存储库存档中的 {% data variables.large_files.product_name_short %} 对象](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/managing-git-lfs-objects-in-archives-of-your-repository)”。 - -如果发行版修复了安全漏洞,您应该在仓库中发布安全通告。 {% data variables.product.prodname_dotcom %} 审查每个发布的安全通告,并且可能使用它向受影响的仓库发送 {% data variables.product.prodname_dependabot_alerts %}。 有关详细信息,请参阅“[关于 GitHub 安全公告](/github/managing-security-vulnerabilities/about-github-security-advisories)”。 - -可以查看依赖项关系图的“依赖项”选项卡,了解哪些存储库和包依赖于存储库中的代码,并因此可能受到新发行版的影响。 有关详细信息,请参阅“[关于依赖项关系图](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph)”。 +{% ifversion fpt or ghec or ghes > 3.5 or ghae > 3.6 %} +When viewing the details for a release, the creation date for each release asset is shown next to the release asset. {% endif %} -您也可以使用发行版 API 来收集信息,例如人们下载发行版资产的次数。 有关详细信息,请参阅“[发行版](/rest/reference/releases)”。 - {% ifversion fpt or ghec %} -## 存储和带宽配额 +People with admin permissions to a repository can choose whether {% data variables.large_files.product_name_long %} ({% data variables.large_files.product_name_short %}) objects are included in the ZIP files and tarballs that {% data variables.product.product_name %} creates for each release. For more information, see "[Managing {% data variables.large_files.product_name_short %} objects in archives of your repository](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/managing-git-lfs-objects-in-archives-of-your-repository)." - 发行版中包含的每个文件都必须在 {% data variables.large_files.max_file_size %} 下。 发行版的总大小和带宽使用没有限制。 +If a release fixes a security vulnerability, you should publish a security advisory in your repository. {% data variables.product.prodname_dotcom %} reviews each published security advisory and may use it to send {% data variables.product.prodname_dependabot_alerts %} to affected repositories. For more information, see "[About GitHub Security Advisories](/github/managing-security-vulnerabilities/about-github-security-advisories)." + +You can view the **Dependents** tab of the dependency graph to see which repositories and packages depend on code in your repository, and may therefore be affected by a new release. For more information, see "[About the dependency graph](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph)." +{% endif %} + +You can also use the Releases API to gather information, such as the number of times people download a release asset. For more information, see "[Releases](/rest/reference/releases)." + +{% ifversion fpt or ghec %} +## Storage and bandwidth quotas + + Each file included in a release must be under {% data variables.large_files.max_file_size %}. There is no limit on the total size of a release, nor bandwidth usage. {% endif %} diff --git a/translations/zh-CN/content/repositories/releasing-projects-on-github/automatically-generated-release-notes.md b/translations/zh-CN/content/repositories/releasing-projects-on-github/automatically-generated-release-notes.md index d8132061ba..4843361966 100644 --- a/translations/zh-CN/content/repositories/releasing-projects-on-github/automatically-generated-release-notes.md +++ b/translations/zh-CN/content/repositories/releasing-projects-on-github/automatically-generated-release-notes.md @@ -6,7 +6,7 @@ versions: fpt: '*' ghec: '*' ghes: '>3.3' - ghae: issue-4974 + ghae: '>= 3.4' topics: - Repositories shortTitle: Automated release notes diff --git a/translations/zh-CN/content/repositories/releasing-projects-on-github/comparing-releases.md b/translations/zh-CN/content/repositories/releasing-projects-on-github/comparing-releases.md index 766c438f0f..c5d73399f6 100644 --- a/translations/zh-CN/content/repositories/releasing-projects-on-github/comparing-releases.md +++ b/translations/zh-CN/content/repositories/releasing-projects-on-github/comparing-releases.md @@ -1,6 +1,6 @@ --- -title: 比较发行版 -intro: 您可以比较发行版标记以查看不同发行版之间的仓库变化。 +title: Comparing releases +intro: You can compare release tags to see changes to your repository between different releases. permissions: People with read access to a repository can view and compare releases. versions: fpt: '*' @@ -12,15 +12,18 @@ topics: redirect_from: - /github/administering-a-repository/comparing-releases - /github/administering-a-repository/releasing-projects-on-github/comparing-releases -ms.openlocfilehash: 12ec28717e8de8575a58487b02d5665044f471eb -ms.sourcegitcommit: fcf3546b7cc208155fb8acdf68b81be28afc3d2d -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/10/2022 -ms.locfileid: '145129303' --- -{% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.releases %} -3. 在要用作基础映像的版本旁边,单击“比较”。 - {% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-4974 %}![“比较”版本标记菜单](/assets/images/help/releases/refreshed-compare-tags.png) {% else %}![“比较”版本标记菜单](/assets/images/help/releases/compare-tags-menu.png) {% endif %} -4. 使用“Compare(比较)”下拉菜单并选择要比较的标记。 - {% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-4974 %}![“比较”版本标记菜单](/assets/images/help/releases/refreshed-compare-tags-menu-options.png) {% else %}![“比较”版本标记菜单选项](/assets/images/help/releases/compare-tags-menu-options.png) {% endif %} +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.releases %} +3. Next to the release you want to use as your base, click **Compare**. + {% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.3 %} + ![Compare release tags menu](/assets/images/help/releases/refreshed-compare-tags.png) + {% else %} + ![Compare release tags menu](/assets/images/help/releases/compare-tags-menu.png) + {% endif %} +4. Use the "Compare" drop-down menu and select the tags you want to compare. + {% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.3 %} + ![Compare release tags menu](/assets/images/help/releases/refreshed-compare-tags-menu-options.png) + {% else %} + ![Compare release tags menu options](/assets/images/help/releases/compare-tags-menu-options.png) + {% endif %} diff --git a/translations/zh-CN/content/repositories/releasing-projects-on-github/linking-to-releases.md b/translations/zh-CN/content/repositories/releasing-projects-on-github/linking-to-releases.md index c31f76999d..f2c870b63b 100644 --- a/translations/zh-CN/content/repositories/releasing-projects-on-github/linking-to-releases.md +++ b/translations/zh-CN/content/repositories/releasing-projects-on-github/linking-to-releases.md @@ -1,6 +1,6 @@ --- -title: 链接到发行版 -intro: 您可以使用唯一 URL 共享在 GitHub 上创建的每个发行版。 +title: Linking to releases +intro: You can share every release you create on GitHub with a unique URL. redirect_from: - /articles/linking-to-releases - /github/administering-a-repository/linking-to-releases @@ -12,15 +12,19 @@ versions: ghec: '*' topics: - Repositories -ms.openlocfilehash: 9b07e71c6e6d35839d485e5e37c795ac3c663d0b -ms.sourcegitcommit: fcf3546b7cc208155fb8acdf68b81be28afc3d2d -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/10/2022 -ms.locfileid: '145129301' --- -{% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.releases %} -3. 要将唯一 URL 复制到剪贴板,请找到要链接到的版本,右键单击标题,然后复制 URL。 -{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-4974 %}![版本标题](/assets/images/help/releases/release-title.png){% else %}![版本标题](/assets/images/help/releases/release-title-old.png){% endif %} -1. 或者,右键单击“最新版本”并复制 URL 以共享它。 此 URL 的后缀始终是 `/releases/latest`。 - {% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-4974 %}![比较版本标记菜单](/assets/images/help/releases/refreshed-release-latest.png){% else %}![最新版本标记](/assets/images/help/releases/release_latest_release_tag.png){% endif %}要直接链接到手动上传的最新版本资产的下载,请链接到 `/owner/name/releases/latest/download/asset-name.zip`。 +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.releases %} +3. To copy a unique URL to your clipboard, find the release you want to link to, right click the title, and copy the URL. +{% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.3 %} + ![Release title](/assets/images/help/releases/release-title.png) +{% else %} + ![Release title](/assets/images/help/releases/release-title-old.png) +{% endif %} +1. Alternatively, right click **Latest Release** and copy the URL to share it. The suffix of this URL is always `/releases/latest`. + {% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.3 %} + ![Compare release tags menu](/assets/images/help/releases/refreshed-release-latest.png) + {% else %} + ![Latest release tag](/assets/images/help/releases/release_latest_release_tag.png) + {% endif %} +To link directly to a download of your latest release asset that was manually uploaded, link to `/owner/name/releases/latest/download/asset-name.zip`. diff --git a/translations/zh-CN/content/repositories/releasing-projects-on-github/managing-releases-in-a-repository.md b/translations/zh-CN/content/repositories/releasing-projects-on-github/managing-releases-in-a-repository.md index 3f028af912..75f9b96723 100644 --- a/translations/zh-CN/content/repositories/releasing-projects-on-github/managing-releases-in-a-repository.md +++ b/translations/zh-CN/content/repositories/releasing-projects-on-github/managing-releases-in-a-repository.md @@ -38,7 +38,7 @@ You can choose whether {% data variables.large_files.product_name_long %} ({% da {% data reusables.repositories.releases %} 3. Click **Draft a new release**. - {% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-4974 %}![Releases draft button](/assets/images/help/releases/draft-release-button-with-search.png){% else %}![Releases draft button](/assets/images/help/releases/draft_release_button.png){% endif %} + {% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %}![Releases draft button](/assets/images/help/releases/draft-release-button-with-search.png){% else %}![Releases draft button](/assets/images/help/releases/draft_release_button.png){% endif %} 4. {% ifversion fpt or ghec or ghes > 3.2 or ghae %}Click **Choose a tag**, type{% else %}Type{% endif %} a version number for your release{% ifversion fpt or ghec or ghes > 3.2 or ghae %}, and press **Enter**{% endif %}. Alternatively, select an existing tag. {% ifversion fpt or ghec or ghes > 3.2 or ghae %}![Enter a tag](/assets/images/help/releases/releases-tag-create.png) @@ -54,8 +54,8 @@ You can choose whether {% data variables.large_files.product_name_long %} ({% da {% else %}![Releases tagged branch](/assets/images/enterprise/releases/releases-tag-branch.png){% endif %} {%- data reusables.releases.previous-release-tag %} 6. Type a title and description for your release. - {%- ifversion fpt or ghec or ghes > 3.3 or ghae-issue-4972 %} - If you @mention any {% data variables.product.product_name %} users in the description, the published release will include a **Contributors** section with an avatar list of all the mentioned users. + {%- ifversion fpt or ghec or ghes > 3.3 or ghae > 3.3 %} + If you @mention anyone in the description, the published release will include a **Contributors** section with an avatar list of all the mentioned users. {%- endif %} {% ifversion fpt or ghec or ghes > 3.3 %} Alternatively, you can automatically generate your release notes by clicking {% ifversion previous-release-tag %}**Generate release notes**{% else %}**Auto-generate release notes**{% endif %}.{% endif %}{% ifversion previous-release-tag %} ![Releases description](/assets/images/help/releases/releases_description_auto.png){% else %} @@ -71,10 +71,10 @@ You can choose whether {% data variables.large_files.product_name_long %} ({% da 9. If you're ready to publicize your release, click **Publish release**. To work on the release later, click **Save draft**. ![Publish release and Draft release buttons](/assets/images/help/releases/release_buttons.png) - {%- ifversion fpt or ghec or ghes > 3.2 or ghae-issue-4972 or ghae-issue-4974 %} + {%- ifversion fpt or ghec or ghes > 3.2 or ghae > 3.3 %} You can then view your published or draft releases in the releases feed for your repository. For more information, see "[Viewing your repository's releases and tags](/github/administering-a-repository/releasing-projects-on-github/viewing-your-repositorys-releases-and-tags)." - {% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-4974 %} + {% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.3 %} ![Published release with @mentioned contributors](/assets/images/help/releases/refreshed-releases-overview-with-contributors.png) {% else %} ![Published release with @mentioned contributors](/assets/images/help/releases/releases-overview-with-contributors.png) @@ -98,7 +98,7 @@ You can choose whether {% data variables.large_files.product_name_long %} ({% da ```shell gh release create v1.3.2 --title "v1.3.2 (beta)" --notes "this is a beta release" --prerelease ``` -{% ifversion fpt or ghes > 3.3 or ghae-issue-4972 or ghec %} +{% ifversion fpt or ghes > 3.3 or ghae > 3.3 or ghec %} If you @mention any {% data variables.product.product_name %} users in the notes, the published release on {% data variables.product.prodname_dotcom_the_website %} will include a **Contributors** section with an avatar list of all the mentioned users. {% endif %} @@ -110,14 +110,14 @@ If you @mention any {% data variables.product.product_name %} users in the notes {% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.releases %} -{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-4974 %} +{% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.3 %} 3. On the right side of the page, next to the release you want to edit, click {% octicon "pencil" aria-label="The edit icon" %}. ![Edit a release](/assets/images/help/releases/edit-release-pencil.png) {% else %} 3. On the right side of the page, next to the release you want to edit, click **Edit release**. ![Edit a release](/assets/images/help/releases/edit-release.png) {% endif %} -4. Edit the details for the release in the form, then click **Update release**.{% ifversion fpt or ghec or ghes > 3.3 or ghae-issue-4972 %} If you add or remove any @mentions of GitHub users in the description, those users will be added or removed from the avatar list in the **Contributors** section of the release.{% endif %} +4. Edit the details for the release in the form, then click **Update release**.{% ifversion fpt or ghec or ghes > 3.3 or ghae > 3.3 %} If you add or remove any @mentions of GitHub users in the description, those users will be added or removed from the avatar list in the **Contributors** section of the release.{% endif %} ![Update a release](/assets/images/help/releases/update-release.png) {% endwebui %} @@ -134,7 +134,7 @@ Releases cannot currently be edited with {% data variables.product.prodname_cli {% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.releases %} -{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-4974 %} +{% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.3 %} 3. On the right side of the page, next to the release you want to delete, click {% octicon "trash" aria-label="The trash icon" %}. ![Delete a release](/assets/images/help/releases/delete-release-trash.png) {% else %} diff --git a/translations/zh-CN/content/repositories/releasing-projects-on-github/searching-a-repositorys-releases.md b/translations/zh-CN/content/repositories/releasing-projects-on-github/searching-a-repositorys-releases.md index 3c22c34488..8c3af76159 100644 --- a/translations/zh-CN/content/repositories/releasing-projects-on-github/searching-a-repositorys-releases.md +++ b/translations/zh-CN/content/repositories/releasing-projects-on-github/searching-a-repositorys-releases.md @@ -7,7 +7,7 @@ versions: fpt: '*' ghec: '*' ghes: '>3.2' - ghae: issue-4974 + ghae: '>= 3.4' topics: - Repositories ms.openlocfilehash: 193363cc5762db6cb030906a64dacb7bab6f5b7a diff --git a/translations/zh-CN/content/rest/dependabot/index.md b/translations/zh-CN/content/rest/dependabot/index.md index 89b8869e56..815cdfc355 100644 --- a/translations/zh-CN/content/rest/dependabot/index.md +++ b/translations/zh-CN/content/rest/dependabot/index.md @@ -1,6 +1,6 @@ --- title: Dependabot -intro: 使用 Dependabot 机密 API,可以管理和控制组织或存储库的 Dependabot 机密。 +intro: 'With the {% data variables.product.prodname_dependabot %} API, you can manage {% data variables.product.prodname_dependabot %} alerts and secrets for an organization or repository.' allowTitleToDifferFromFilename: true versions: fpt: '*' @@ -10,14 +10,9 @@ topics: - API miniTocMaxHeadingLevel: 3 children: + - /alerts - /secrets redirect_from: - /rest/reference/dependabot -ms.openlocfilehash: 9e858b635ddec2772b2c298459b7cfda023cd694 -ms.sourcegitcommit: 47bd0e48c7dba1dde49baff60bc1eddc91ab10c5 -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/05/2022 -ms.locfileid: '147061360' --- diff --git a/translations/zh-CN/content/rest/dependency-graph/dependency-review.md b/translations/zh-CN/content/rest/dependency-graph/dependency-review.md index a9e0ed9096..5c77e4633d 100644 --- a/translations/zh-CN/content/rest/dependency-graph/dependency-review.md +++ b/translations/zh-CN/content/rest/dependency-graph/dependency-review.md @@ -5,7 +5,7 @@ versions: fpt: '*' ghes: '>=3.6' ghec: '*' - ghae: issue-6396 + ghae: '>= 3.6' topics: - API miniTocMaxHeadingLevel: 3 diff --git a/translations/zh-CN/content/rest/dependency-graph/index.md b/translations/zh-CN/content/rest/dependency-graph/index.md index 8236202af3..378f0801b0 100644 --- a/translations/zh-CN/content/rest/dependency-graph/index.md +++ b/translations/zh-CN/content/rest/dependency-graph/index.md @@ -5,7 +5,7 @@ versions: fpt: '*' ghes: '>=3.6' ghec: '*' - ghae: issue-6396 + ghae: '>= 3.6' topics: - API miniTocMaxHeadingLevel: 3 diff --git a/translations/zh-CN/content/rest/guides/getting-started-with-the-rest-api.md b/translations/zh-CN/content/rest/guides/getting-started-with-the-rest-api.md index 8c54d89f60..083950084d 100644 --- a/translations/zh-CN/content/rest/guides/getting-started-with-the-rest-api.md +++ b/translations/zh-CN/content/rest/guides/getting-started-with-the-rest-api.md @@ -20,6 +20,8 @@ When you make a request to the REST API, you will specify an HTTP method and a p The REST API reference documentation describes the HTTP method, path, and parameters for every operation. It also displays example requests and responses for each operation. For more information, see the [REST reference documentation](/rest). +For more information about {% data variables.product.company_short %}'s APIs, see "[About {% data variables.product.company_short %}'s APIs](/developers/overview/about-githubs-apis)." + ## Making a request To make a request, first find the HTTP method and the path for the operation that you want to use. For example, the "Get Octocat" operation uses the `GET` method and the `/octocat` path. For the full reference documentation for this operation, see "[Get Octocat](/rest/meta#get-octocat)." diff --git a/translations/zh-CN/content/rest/orgs/security-managers.md b/translations/zh-CN/content/rest/orgs/security-managers.md index 19cd18969c..5822bf1fd9 100644 --- a/translations/zh-CN/content/rest/orgs/security-managers.md +++ b/translations/zh-CN/content/rest/orgs/security-managers.md @@ -4,7 +4,7 @@ intro: '' versions: fpt: '*' ghes: '>=3.7' - ghae: issue-7691 + ghae: '>= 3.7' ghec: '*' topics: - API diff --git a/translations/zh-CN/content/rest/overview/permissions-required-for-github-apps.md b/translations/zh-CN/content/rest/overview/permissions-required-for-github-apps.md index 8e6a108742..44ed7ae6d1 100644 --- a/translations/zh-CN/content/rest/overview/permissions-required-for-github-apps.md +++ b/translations/zh-CN/content/rest/overview/permissions-required-for-github-apps.md @@ -1,6 +1,6 @@ --- -title: GitHub 应用程序所需的权限 -intro: '您可以找到每个 {% data variables.product.prodname_github_app %} 兼容端点所需的权限。' +title: Permissions required for GitHub Apps +intro: 'You can find the required permissions for each {% data variables.product.prodname_github_app %}-compatible endpoint.' redirect_from: - /v3/apps/permissions - /rest/reference/permissions-required-for-github-apps @@ -13,20 +13,15 @@ topics: - API miniTocMaxHeadingLevel: 3 shortTitle: GitHub App permissions -ms.openlocfilehash: 9b0344213069be96e86029adef157dba032f9de6 -ms.sourcegitcommit: 47bd0e48c7dba1dde49baff60bc1eddc91ab10c5 -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/05/2022 -ms.locfileid: '147560784' --- -### 关于 {% data variables.product.prodname_github_app %} 权限 -{% data variables.product.prodname_github_apps %} 是用一组权限创建的。 权限定义了 {% data variables.product.prodname_github_app %} 可以通过 API 访问哪些资源。 有关详细信息,请参阅“[设置 GitHub 应用程序的权限](/apps/building-github-apps/setting-permissions-for-github-apps/)”。 +## About {% data variables.product.prodname_github_app %} permissions -### 元数据权限 +{% data variables.product.prodname_github_apps %} are created with a set of permissions. Permissions define what resources the {% data variables.product.prodname_github_app %} can access via the API. For more information, see "[Setting permissions for GitHub Apps](/apps/building-github-apps/setting-permissions-for-github-apps/)." -默认情况下,GitHub 应用程序具有 `Read-only` 元数据权限。 元数据权限允许访问带有各种资源元数据的只读端点集合。 这些端点不会泄露敏感的私有仓库信息。 +## Metadata permissions + +GitHub Apps have the `Read-only` metadata permission by default. The metadata permission provides access to a collection of read-only endpoints with metadata for various resources. These endpoints do not leak sensitive private repository information. {% data reusables.apps.metadata-permissions %} @@ -45,8 +40,10 @@ ms.locfileid: '147560784' - [`GET /orgs/:org/projects`](/rest/reference/projects#list-organization-projects) - [`GET /orgs/:org/repos`](/rest/reference/repos#list-organization-repositories) - [`GET /rate_limit`](/rest/reference/rate-limit#get-rate-limit-status-for-the-authenticated-user) -- [`GET /repos/:owner/:repo`](/rest/reference/repos#get-a-repository) {% ifversion fpt or ghec -%} -- [`GET /repos/:owner/:repo/community/profile`](/rest/reference/repository-metrics#get-community-profile-metrics) {% endif -%} +- [`GET /repos/:owner/:repo`](/rest/reference/repos#get-a-repository) +{% ifversion fpt or ghec -%} +- [`GET /repos/:owner/:repo/community/profile`](/rest/reference/repository-metrics#get-community-profile-metrics) +{% endif -%} - [`GET /repos/:owner/:repo/contributors`](/rest/reference/repos#list-repository-contributors) - [`GET /repos/:owner/:repo/forks`](/rest/reference/repos#list-forks) - [`GET /repos/:owner/:repo/languages`](/rest/reference/repos#list-repository-languages) @@ -76,17 +73,17 @@ ms.locfileid: '147560784' - [`GET /users/:username/repos`](/rest/reference/repos#list-repositories-for-a-user) - [`GET /users/:username/subscriptions`](/rest/reference/activity#list-repositories-watched-by-a-user) -_协作者_ +### Collaborators - [`GET /repos/:owner/:repo/collaborators`](/rest/reference/collaborators#list-repository-collaborators) - [`GET /repos/:owner/:repo/collaborators/:username`](/rest/reference/collaborators#check-if-a-user-is-a-repository-collaborator) -提交注释 +### Commit comments - [`GET /repos/:owner/:repo/comments`](/rest/reference/commits#list-commit-comments-for-a-repository) - [`GET /repos/:owner/:repo/comments/:comment_id`](/rest/reference/commits#get-a-commit-comment) - [`GET /repos/:owner/:repo/comments/:comment_id/reactions`](/rest/reference/reactions#list-reactions-for-a-commit-comment) - [`GET /repos/:owner/:repo/commits/:sha/comments`](/rest/reference/commits#list-commit-comments) -_事件_ +### Events - [`GET /events`](/rest/reference/activity#list-public-events) - [`GET /networks/:owner/:repo/events`](/rest/reference/activity#list-public-events-for-a-network-of-repositories) - [`GET /orgs/:org/events`](/rest/reference/activity#list-public-organization-events) @@ -95,20 +92,20 @@ _事件_ - [`GET /users/:username/events`](/rest/reference/activity#list-events-for-the-authenticated-user) - [`GET /users/:username/events/public`](/rest/reference/activity#list-public-events-for-a-user) -_Git_ +### Git - [`GET /gitignore/templates`](/rest/reference/gitignore#get-all-gitignore-templates) - [`GET /gitignore/templates/:key`](/rest/reference/gitignore#get-a-gitignore-template) -_“键”_ +### Keys - [`GET /users/:username/keys`](/rest/reference/users#list-public-keys-for-a-user) -组织成员 +### Organization members - [`GET /orgs/:org/members`](/rest/reference/orgs#list-organization-members) - [`GET /orgs/:org/members/:username`](/rest/reference/orgs#check-organization-membership-for-a-user) - [`GET /orgs/:org/public_members`](/rest/reference/orgs#list-public-organization-members) - [`GET /orgs/:org/public_members/:username`](/rest/reference/orgs#check-public-organization-membership-for-a-user) -_搜索_ +### Search - [`GET /search/code`](/rest/reference/search#search-code) - [`GET /search/commits`](/rest/reference/search#search-commits) - [`GET /search/issues`](/rest/reference/search#search-issues-and-pull-requests) @@ -118,18 +115,22 @@ _搜索_ - [`GET /search/users`](/rest/reference/search#search-users) {% ifversion fpt or ghes or ghec %} -### 有关“操作”的权限 +## Permission on "actions" - [`GET /repos/:owner/:repo/actions/artifacts`](/rest/reference/actions#list-artifacts-for-a-repository) (:read) - [`GET /repos/:owner/:repo/actions/artifacts/:artifact_id`](/rest/reference/actions#get-an-artifact) (:read) - [`DELETE /repos/:owner/:repo/actions/artifacts/:artifact_id`](/rest/reference/actions#delete-an-artifact) (:write) -- [`GET /repos/:owner/:repo/actions/artifacts/:artifact_id/zip`](/rest/reference/actions#download-an-artifact) (:read) {% ifversion actions-cache-management -%} -- [`GET /repos/:owner/:repo/actions/cache/usage`](/rest/reference/actions#get-github-actions-cache-usage-for-a-repository) (:read) {% endif -%} +- [`GET /repos/:owner/:repo/actions/artifacts/:artifact_id/zip`](/rest/reference/actions#download-an-artifact) (:read) +{% ifversion actions-cache-management -%} +- [`GET /repos/:owner/:repo/actions/cache/usage`](/rest/reference/actions#get-github-actions-cache-usage-for-a-repository) (:read) +{% endif -%} - [`GET /repos/:owner/:repo/actions/jobs/:job_id`](/rest/reference/actions#get-a-job-for-a-workflow-run) (:read) - [`GET /repos/:owner/:repo/actions/jobs/:job_id/logs`](/rest/reference/actions#download-job-logs-for-a-workflow-run) (:read) - [`GET /repos/:owner/:repo/actions/runs`](/rest/reference/actions#list-workflow-runs-for-a-repository) (:read) -- [`GET /repos/:owner/:repo/actions/runs/:run_id`](/rest/reference/actions#get-a-workflow-run) (:read) {% ifversion fpt or ghec -%} -- [`POST /repos/:owner/:repo/actions/runs/:run_id/approve`](/rest/reference/actions#approve-a-workflow-run-for-a-fork-pull-request) (:write) {% endif -%} +- [`GET /repos/:owner/:repo/actions/runs/:run_id`](/rest/reference/actions#get-a-workflow-run) (:read) +{% ifversion fpt or ghec -%} +- [`POST /repos/:owner/:repo/actions/runs/:run_id/approve`](/rest/reference/actions#approve-a-workflow-run-for-a-fork-pull-request) (:write) +{% endif -%} - [`GET /repos/:owner/:repo/actions/runs/:run_id/artifacts`](/rest/reference/actions#list-workflow-run-artifacts) (:read) - [`POST /repos/:owner/:repo/actions/runs/:run_id/cancel`](/rest/reference/actions#cancel-a-workflow-run) (:write) - [`GET /repos/:owner/:repo/actions/runs/:run_id/jobs`](/rest/reference/actions#list-jobs-for-a-workflow-run) (:read) @@ -138,9 +139,10 @@ _搜索_ - [`POST /repos/:owner/:repo/actions/runs/:run_id/rerun`](/rest/reference/actions#re-run-a-workflow) (:write) - [`GET /repos/:owner/:repo/actions/workflows`](/rest/reference/actions#list-repository-workflows) (:read) - [`GET /repos/:owner/:repo/actions/workflows/:workflow_id`](/rest/reference/actions#get-a-workflow) (:read) -- [`GET /repos/:owner/:repo/actions/workflows/:workflow_id/runs`](/rest/reference/actions#list-workflow-runs) (:read) {% endif %} +- [`GET /repos/:owner/:repo/actions/workflows/:workflow_id/runs`](/rest/reference/actions#list-workflow-runs) (:read) +{% endif %} -### 有关“管理”的权限 +## Permission on "administration" - [`POST /orgs/:org/repos`](/rest/reference/repos#create-an-organization-repository) (:write) - [`PATCH /repos/:owner/:repo`](/rest/reference/repos#update-a-repository) (:write) @@ -153,26 +155,48 @@ _搜索_ - [`POST /repos/:owner/:repo/actions/runners/:runner_id/labels`](/rest/reference/actions#add-custom-labels-to-a-self-hosted-runner-for-a-repository) (:write) - [`PUT /repos/:owner/:repo/actions/runners/:runner_id/labels`](/rest/reference/actions#set-custom-labels-for-a-self-hosted-runner-for-a-repository) (:write) - [`DELETE /repos/:owner/:repo/actions/runners/:runner_id/labels`](/rest/reference/actions#remove-all-custom-labels-from-a-self-hosted-runner-for-a-repository) (:write) -- [`DELETE /repos/:owner/:repo/actions/runners/:runner_id/labels/:name`](/rest/reference/actions#remove-a-custom-label-from-a-self-hosted-runner-for-a-repository) (:write) {% ifversion fpt or ghec or ghes -%} +- [`DELETE /repos/:owner/:repo/actions/runners/:runner_id/labels/:name`](/rest/reference/actions#remove-a-custom-label-from-a-self-hosted-runner-for-a-repository) (:write) +{% ifversion fpt or ghec or ghes -%} - [`POST /repos/:owner/:repo/actions/runners/registration-token`](/rest/reference/actions#create-a-registration-token-for-a-repository) (:write) -- [`POST /repos/:owner/:repo/actions/runners/remove-token`](/rest/reference/actions#create-a-remove-token-for-a-repository) (:write) {% endif -%} {% ifversion fpt or ghec -%} -- [`PUT /repos/:owner/:repo/automated-security-fixes`](/rest/reference/repos#enable-automated-security-fixes) (:write) {% endif -%} {% ifversion fpt or ghec -%} -- [`DELETE /repos/:owner/:repo/automated-security-fixes`](/rest/reference/repos#disable-automated-security-fixes) (:write) {% endif -%} -- [`POST /repos/:owner/:repo/forks`](/rest/reference/repos#create-a-fork) (:write) {% ifversion fpt or ghec -%} -- [`GET /repos/:owner/:repo/interaction-limits`](/rest/reference/interactions#get-interaction-restrictions-for-a-repository) (:read) {% endif -%} {% ifversion fpt or ghec -%} -- [`PUT /repos/:owner/:repo/interaction-limits`](/rest/reference/interactions#set-interaction-restrictions-for-a-repository) (:write) {% endif -%} {% ifversion fpt or ghec -%} -- [`DELETE /repos/:owner/:repo/interaction-limits`](/rest/reference/interactions#remove-interaction-restrictions-for-a-repository) (:write) {% endif -%} {% ifversion fpt or ghec -%} -- [`GET /repos/:owner/:repo/pages/health`](/rest/reference/pages#get-a-dns-health-check-for-github-pages) (:write) {% endif -%} {% ifversion ghes > 3.3 -%} -- [`GET /repos/:owner/:repo/replicas/caches`](/rest/reference/repos#list-repository-cache-replication-status) (:read) {% endif -%} +- [`POST /repos/:owner/:repo/actions/runners/remove-token`](/rest/reference/actions#create-a-remove-token-for-a-repository) (:write) +{% endif -%} +{% ifversion fpt or ghec -%} +- [`PUT /repos/:owner/:repo/automated-security-fixes`](/rest/reference/repos#enable-automated-security-fixes) (:write) +{% endif -%} +{% ifversion fpt or ghec -%} +- [`DELETE /repos/:owner/:repo/automated-security-fixes`](/rest/reference/repos#disable-automated-security-fixes) (:write) +{% endif -%} +- [`POST /repos/:owner/:repo/forks`](/rest/reference/repos#create-a-fork) (:write) +{% ifversion fpt or ghec -%} +- [`GET /repos/:owner/:repo/interaction-limits`](/rest/reference/interactions#get-interaction-restrictions-for-a-repository) (:read) +{% endif -%} +{% ifversion fpt or ghec -%} +- [`PUT /repos/:owner/:repo/interaction-limits`](/rest/reference/interactions#set-interaction-restrictions-for-a-repository) (:write) +{% endif -%} +{% ifversion fpt or ghec -%} +- [`DELETE /repos/:owner/:repo/interaction-limits`](/rest/reference/interactions#remove-interaction-restrictions-for-a-repository) (:write) +{% endif -%} +{% ifversion fpt or ghec -%} +- [`GET /repos/:owner/:repo/pages/health`](/rest/reference/pages#get-a-dns-health-check-for-github-pages) (:write) +{% endif -%} +{% ifversion ghes > 3.3 -%} +- [`GET /repos/:owner/:repo/replicas/caches`](/rest/reference/repos#list-repository-cache-replication-status) (:read) +{% endif -%} - [`PUT /repos/:owner/:repo/topics`](/rest/reference/repos#replace-all-repository-topics) (:write) -- [`POST /repos/:owner/:repo/transfer`](/rest/reference/repos#transfer-a-repository) (:write) {% ifversion fpt or ghec -%} -- [`GET /repos/:owner/:repo/vulnerability-alerts`](/rest/reference/repos#enable-vulnerability-alerts) (:read) {% endif -%} {% ifversion fpt or ghec -%} -- [`PUT /repos/:owner/:repo/vulnerability-alerts`](/rest/reference/repos#enable-vulnerability-alerts) (:write) {% endif -%} {% ifversion fpt or ghec -%} -- [`DELETE /repos/:owner/:repo/vulnerability-alerts`](/rest/reference/repos#disable-vulnerability-alerts) (:write) {% endif -%} +- [`POST /repos/:owner/:repo/transfer`](/rest/reference/repos#transfer-a-repository) (:write) +{% ifversion fpt or ghec -%} +- [`GET /repos/:owner/:repo/vulnerability-alerts`](/rest/reference/repos#enable-vulnerability-alerts) (:read) +{% endif -%} +{% ifversion fpt or ghec -%} +- [`PUT /repos/:owner/:repo/vulnerability-alerts`](/rest/reference/repos#enable-vulnerability-alerts) (:write) +{% endif -%} +{% ifversion fpt or ghec -%} +- [`DELETE /repos/:owner/:repo/vulnerability-alerts`](/rest/reference/repos#disable-vulnerability-alerts) (:write) +{% endif -%} - [`PATCH /user/repository_invitations/:invitation_id`](/rest/reference/collaborators#accept-a-repository-invitation) (:write) - [`DELETE /user/repository_invitations/:invitation_id`](/rest/reference/collaborators#decline-a-repository-invitation) (:write) -_分支_ +### Branches - [`GET /repos/:owner/:repo/branches/:branch/protection`](/rest/reference/branches#get-branch-protection) (:read) - [`PUT /repos/:owner/:repo/branches/:branch/protection`](/rest/reference/branches#update-branch-protection) (:write) - [`DELETE /repos/:owner/:repo/branches/:branch/protection`](/rest/reference/branches#delete-branch-protection) (:write) @@ -204,41 +228,44 @@ _分支_ - [`DELETE /repos/:owner/:repo/branches/:branch/protection/restrictions/users`](/rest/reference/branches#remove-user-access-restrictions) (:write) - [`POST /repos/:owner/:repo/branches/:branch/rename`](/rest/reference/branches#rename-a-branch) (:write) -_协作者_ +### Collaborators - [`PUT /repos/:owner/:repo/collaborators/:username`](/rest/reference/collaborators#add-a-repository-collaborator) (:write) - [`DELETE /repos/:owner/:repo/collaborators/:username`](/rest/reference/collaborators#remove-a-repository-collaborator) (:write) -_邀请_ +### Invitations - [`GET /repos/:owner/:repo/invitations`](/rest/reference/collaborators#list-repository-invitations) (:read) - [`PATCH /repos/:owner/:repo/invitations/:invitation_id`](/rest/reference/collaborators#update-a-repository-invitation) (:write) - [`DELETE /repos/:owner/:repo/invitations/:invitation_id`](/rest/reference/collaborators#delete-a-repository-invitation) (:write) -_“键”_ +### Keys - [`GET /repos/:owner/:repo/keys`](/rest/reference/deployments#list-deploy-keys) (:read) - [`POST /repos/:owner/:repo/keys`](/rest/reference/deployments#create-a-deploy-key) (:write) - [`GET /repos/:owner/:repo/keys/:key_id`](/rest/reference/deployments#get-a-deploy-key) (:read) - [`DELETE /repos/:owner/:repo/keys/:key_id`](/rest/reference/deployments#delete-a-deploy-key) (:write) -_Teams_ +### Teams - [`GET /repos/:owner/:repo/teams`](/rest/reference/repos#list-repository-teams) (:read) - [`PUT /teams/:team_id/repos/:owner/:repo`](/rest/reference/teams#add-or-update-team-repository-permissions) (:write) - [`DELETE /teams/:team_id/repos/:owner/:repo`](/rest/reference/teams#remove-a-repository-from-a-team) (:write) -{% ifversion fpt or ghec %} 流量 +{% ifversion fpt or ghec %} +### Traffic - [`GET /repos/:owner/:repo/traffic/clones`](/rest/reference/repository-metrics#get-repository-clones) (:read) - [`GET /repos/:owner/:repo/traffic/popular/paths`](/rest/reference/repository-metrics#get-top-referral-paths) (:read) - [`GET /repos/:owner/:repo/traffic/popular/referrers`](/rest/reference/repository-metrics#get-top-referral-sources) (:read) -- [`GET /repos/:owner/:repo/traffic/views`](/rest/reference/repository-metrics#get-page-views) (:read) {% endif %} +- [`GET /repos/:owner/:repo/traffic/views`](/rest/reference/repository-metrics#get-page-views) (:read) +{% endif %} {% ifversion fpt or ghec %} -### 有关“阻止”的权限 +## Permission on "blocking" - [`GET /user/blocks`](/rest/reference/users#list-users-blocked-by-the-authenticated-user) (:read) - [`GET /user/blocks/:username`](/rest/reference/users#check-if-a-user-is-blocked-by-the-authenticated-user) (:read) - [`PUT /user/blocks/:username`](/rest/reference/users#block-a-user) (:write) -- [`DELETE /user/blocks/:username`](/rest/reference/users#unblock-a-user) (:write) {% endif %} +- [`DELETE /user/blocks/:username`](/rest/reference/users#unblock-a-user) (:write) +{% endif %} -### 有关“检查”的权限 +## Permission on "checks" - [`POST /repos/:owner/:repo/check-runs`](/rest/reference/checks#create-a-check-run) (:write) - [`GET /repos/:owner/:repo/check-runs/:check_run_id`](/rest/reference/checks#get-a-check-run) (:read) @@ -253,39 +280,84 @@ _Teams_ - [`GET /repos/:owner/:repo/commits/:sha/check-suites`](/rest/reference/checks#list-check-suites-for-a-git-reference) (:read) {% ifversion fpt or ghec %} -### 对“codespace”的权限 +## Permission on "codespaces" -- [`GET /repos/:owner/:repo/codespaces/machines`](/rest/reference/codespaces#list-available-machine-types-for-a-repository) {% endif %} -### 有关“内容”的权限 +- [`GET /repos/:owner/:repo/codespaces/machines`](/rest/reference/codespaces#list-available-machine-types-for-a-repository) +{% endif %} +## Permission on "contents" -- [`GET /repos/:owner/:repo/:archive_format/:ref`](/rest/reference/repos#download-a-repository-archive) (:read) {% ifversion fpt or ghec -%} -- [`GET /repos/:owner/:repo/actions/artifacts/:artifact_id`](/rest/reference/actions#get-an-artifact) (:read) {% endif -%} {% ifversion fpt or ghec -%} -- [`DELETE /repos/:owner/:repo/actions/artifacts/:artifact_id`](/rest/reference/actions#delete-an-artifact) (:write) {% endif -%} {% ifversion fpt or ghec -%} -- [`GET /repos/:owner/:repo/actions/artifacts/:artifact_id/zip`](/rest/reference/actions#download-an-artifact) (:read) {% endif -%} {% ifversion fpt or ghec -%} -- [`GET /repos/:owner/:repo/actions/jobs/:job_id`](/rest/reference/actions#get-a-job-for-a-workflow-run) (:read) {% endif -%} {% ifversion fpt or ghec -%} -- [`GET /repos/:owner/:repo/actions/jobs/:job_id/logs`](/rest/reference/actions#download-job-logs-for-a-workflow-run) (:read) {% endif -%} {% ifversion fpt or ghec -%} -- [`GET /repos/:owner/:repo/actions/runs`](/rest/reference/actions#list-workflow-runs-for-a-repository) (:read) {% endif -%} {% ifversion fpt or ghec -%} -- [`GET /repos/:owner/:repo/actions/runs/:run_id`](/rest/reference/actions#get-a-workflow-run) (:read) {% endif -%} {% ifversion fpt or ghec -%} -- [`GET /repos/:owner/:repo/actions/runs/:run_id/artifacts`](/rest/reference/actions#list-workflow-run-artifacts) (:read) {% endif -%} {% ifversion fpt -%} -- [`POST /repos/:owner/:repo/actions/runs/:run_id/cancel`](/rest/reference/actions#cancel-a-workflow-run) (:write) {% endif -%} {% ifversion fpt or ghec -%} -- [`GET /repos/:owner/:repo/actions/runs/:run_id/jobs`](/rest/reference/actions#list-jobs-for-a-workflow-run) (:read) {% endif -%} {% ifversion fpt or ghec -%} -- [`GET /repos/:owner/:repo/actions/runs/:run_id/logs`](/rest/reference/actions#download-workflow-run-logs) (:read) {% endif -%} {% ifversion fpt or ghec -%} -- [`DELETE /repos/:owner/:repo/actions/runs/:run_id/logs`](/rest/reference/actions#delete-workflow-run-logs) (:write) {% endif -%} {% ifversion fpt -%} -- [`POST /repos/:owner/:repo/actions/runs/:run_id/rerun`](/rest/reference/actions#re-run-a-workflow) (:write) {% endif -%} {% ifversion fpt or ghec -%} -- [`GET /repos/:owner/:repo/actions/secrets`](/rest/reference/actions#list-repository-secrets) (:write) {% endif -%} {% ifversion fpt or ghec -%} -- [`GET /repos/:owner/:repo/actions/secrets/:name`](/rest/reference/actions#get-a-repository-secret) (:write) {% endif -%} {% ifversion fpt or ghec -%} -- [`PUT /repos/:owner/:repo/actions/secrets/:name`](/rest/reference/actions#create-or-update-a-repository-secret) (:write) {% endif -%} {% ifversion fpt or ghec -%} -- [`DELETE /repos/:owner/:repo/actions/secrets/:name`](/rest/reference/actions#delete-a-repository-secret) (:write) {% endif -%} {% ifversion fpt or ghec -%} -- [`GET /repos/:owner/:repo/actions/secrets/public-key`](/rest/reference/actions#get-a-repository-public-key) (:write) {% endif -%} {% ifversion fpt or ghec -%} -- [`GET /repos/:owner/:repo/actions/workflows`](/rest/reference/actions#list-repository-workflows) (:read) {% endif -%} {% ifversion fpt or ghec -%} -- [`GET /repos/:owner/:repo/actions/workflows/:workflow_id`](/rest/reference/actions#get-a-workflow) (:read) {% endif -%} {% ifversion fpt or ghec -%} -- [`GET /repos/:owner/:repo/actions/workflows/:workflow_id/runs`](/rest/reference/actions#list-workflow-runs) (:read) {% endif -%} +- [`GET /repos/:owner/:repo/:archive_format/:ref`](/rest/reference/repos#download-a-repository-archive) (:read) +{% ifversion fpt or ghec -%} +- [`GET /repos/:owner/:repo/actions/artifacts/:artifact_id`](/rest/reference/actions#get-an-artifact) (:read) +{% endif -%} +{% ifversion fpt or ghec -%} +- [`DELETE /repos/:owner/:repo/actions/artifacts/:artifact_id`](/rest/reference/actions#delete-an-artifact) (:write) +{% endif -%} +{% ifversion fpt or ghec -%} +- [`GET /repos/:owner/:repo/actions/artifacts/:artifact_id/zip`](/rest/reference/actions#download-an-artifact) (:read) +{% endif -%} +{% ifversion fpt or ghec -%} +- [`GET /repos/:owner/:repo/actions/jobs/:job_id`](/rest/reference/actions#get-a-job-for-a-workflow-run) (:read) +{% endif -%} +{% ifversion fpt or ghec -%} +- [`GET /repos/:owner/:repo/actions/jobs/:job_id/logs`](/rest/reference/actions#download-job-logs-for-a-workflow-run) (:read) +{% endif -%} +{% ifversion fpt or ghec -%} +- [`GET /repos/:owner/:repo/actions/runs`](/rest/reference/actions#list-workflow-runs-for-a-repository) (:read) +{% endif -%} +{% ifversion fpt or ghec -%} +- [`GET /repos/:owner/:repo/actions/runs/:run_id`](/rest/reference/actions#get-a-workflow-run) (:read) +{% endif -%} +{% ifversion fpt or ghec -%} +- [`GET /repos/:owner/:repo/actions/runs/:run_id/artifacts`](/rest/reference/actions#list-workflow-run-artifacts) (:read) +{% endif -%} +{% ifversion fpt -%} +- [`POST /repos/:owner/:repo/actions/runs/:run_id/cancel`](/rest/reference/actions#cancel-a-workflow-run) (:write) +{% endif -%} +{% ifversion fpt or ghec -%} +- [`GET /repos/:owner/:repo/actions/runs/:run_id/jobs`](/rest/reference/actions#list-jobs-for-a-workflow-run) (:read) +{% endif -%} +{% ifversion fpt or ghec -%} +- [`GET /repos/:owner/:repo/actions/runs/:run_id/logs`](/rest/reference/actions#download-workflow-run-logs) (:read) +{% endif -%} +{% ifversion fpt or ghec -%} +- [`DELETE /repos/:owner/:repo/actions/runs/:run_id/logs`](/rest/reference/actions#delete-workflow-run-logs) (:write) +{% endif -%} +{% ifversion fpt -%} +- [`POST /repos/:owner/:repo/actions/runs/:run_id/rerun`](/rest/reference/actions#re-run-a-workflow) (:write) +{% endif -%} +{% ifversion fpt or ghec -%} +- [`GET /repos/:owner/:repo/actions/secrets`](/rest/reference/actions#list-repository-secrets) (:write) +{% endif -%} +{% ifversion fpt or ghec -%} +- [`GET /repos/:owner/:repo/actions/secrets/:name`](/rest/reference/actions#get-a-repository-secret) (:write) +{% endif -%} +{% ifversion fpt or ghec -%} +- [`PUT /repos/:owner/:repo/actions/secrets/:name`](/rest/reference/actions#create-or-update-a-repository-secret) (:write) +{% endif -%} +{% ifversion fpt or ghec -%} +- [`DELETE /repos/:owner/:repo/actions/secrets/:name`](/rest/reference/actions#delete-a-repository-secret) (:write) +{% endif -%} +{% ifversion fpt or ghec -%} +- [`GET /repos/:owner/:repo/actions/secrets/public-key`](/rest/reference/actions#get-a-repository-public-key) (:write) +{% endif -%} +{% ifversion fpt or ghec -%} +- [`GET /repos/:owner/:repo/actions/workflows`](/rest/reference/actions#list-repository-workflows) (:read) +{% endif -%} +{% ifversion fpt or ghec -%} +- [`GET /repos/:owner/:repo/actions/workflows/:workflow_id`](/rest/reference/actions#get-a-workflow) (:read) +{% endif -%} +{% ifversion fpt or ghec -%} +- [`GET /repos/:owner/:repo/actions/workflows/:workflow_id/runs`](/rest/reference/actions#list-workflow-runs) (:read) +{% endif -%} - [`GET /repos/:owner/:repo/check-runs/:check_run_id`](/rest/reference/checks#get-a-check-run) (:read) - [`GET /repos/:owner/:repo/check-runs/:check_run_id/annotations`](/rest/reference/checks#list-check-run-annotations) (:read) - [`GET /repos/:owner/:repo/check-suites/:check_suite_id`](/rest/reference/checks#get-a-check-suite) (:read) - [`GET /repos/:owner/:repo/check-suites/:check_suite_id/check-runs`](/rest/reference/checks#list-check-runs-in-a-check-suite) (:read) -- [`POST /repos/:owner/:repo/check-suites/:check_suite_id/rerequest`](/rest/reference/checks#rerequest-a-check-suite) (:write) {% ifversion codeowners-errors %} -- [`GET /repos/:owner/:repo/codeowners/errors`](/rest/reference/repos#list-codeowners-errors) (:read) {% endif %} +- [`POST /repos/:owner/:repo/check-suites/:check_suite_id/rerequest`](/rest/reference/checks#rerequest-a-check-suite) (:write) +{% ifversion codeowners-errors %} +- [`GET /repos/:owner/:repo/codeowners/errors`](/rest/reference/repos#list-codeowners-errors) (:read) +{% endif %} - [`GET /repos/:owner/:repo/commits`](/rest/reference/commits#list-commits) (:read) - [`GET /repos/:owner/:repo/commits/:sha`](/rest/reference/commits#get-a-commit) (:read) - [`GET /repos/:owner/:repo/commits/:sha/check-runs`](/rest/reference/checks#list-check-runs-for-a-git-reference) (:read) @@ -299,7 +371,7 @@ _Teams_ - [`PUT /repos/:owner/:repo/pulls/:pull_number/merge`](/rest/reference/pulls#merge-a-pull-request) (:write) - [`GET /repos/:owner/:repo/readme(?:/(.*))?`](/rest/reference/repos#get-a-repository-readme) (:read) -_分支_ +### Branches - [`GET /repos/:owner/:repo/branches`](/rest/reference/branches#list-branches) (:read) - [`GET /repos/:owner/:repo/branches/:branch`](/rest/reference/branches#get-a-branch) (:read) - [`GET /repos/:owner/:repo/branches/:branch/protection/restrictions/apps`](/rest/reference/repos#list-apps-with-access-to-the-protected-branch) (:write) @@ -308,13 +380,13 @@ _分支_ - [`DELETE /repos/:owner/:repo/branches/:branch/protection/restrictions/apps`](/rest/reference/branches#remove-user-access-restrictions) (:write) - [`POST /repos/:owner/:repo/branches/:branch/rename`](/rest/reference/branches#rename-a-branch) (:write) -提交注释 +### Commit comments - [`PATCH /repos/:owner/:repo/comments/:comment_id`](/rest/reference/commits#update-a-commit-comment) (:write) - [`DELETE /repos/:owner/:repo/comments/:comment_id`](/rest/reference/commits#delete-a-commit-comment) (:write) - [`POST /repos/:owner/:repo/comments/:comment_id/reactions`](/rest/reference/reactions#create-reaction-for-a-commit-comment) (:write) - [`POST /repos/:owner/:repo/commits/:sha/comments`](/rest/reference/commits#create-a-commit-comment) (:write) -_Git_ +### Git - [`POST /repos/:owner/:repo/git/blobs`](/rest/reference/git#create-a-blob) (:write) - [`GET /repos/:owner/:repo/git/blobs/:sha`](/rest/reference/git#get-a-blob) (:read) - [`POST /repos/:owner/:repo/git/commits`](/rest/reference/git#create-a-commit) (:write) @@ -329,7 +401,8 @@ _Git_ - [`POST /repos/:owner/:repo/git/trees`](/rest/reference/git#create-a-tree) (:write) - [`GET /repos/:owner/:repo/git/trees/:sha`](/rest/reference/git#get-a-tree) (:read) -{% ifversion fpt or ghec %} 导入 +{% ifversion fpt or ghec %} +### Import - [`GET /repos/:owner/:repo/import`](/rest/reference/migrations#get-an-import-status) (:read) - [`PUT /repos/:owner/:repo/import`](/rest/reference/migrations#start-an-import) (:write) - [`PATCH /repos/:owner/:repo/import`](/rest/reference/migrations#update-an-import) (:write) @@ -337,9 +410,10 @@ _Git_ - [`GET /repos/:owner/:repo/import/authors`](/rest/reference/migrations#get-commit-authors) (:read) - [`PATCH /repos/:owner/:repo/import/authors/:author_id`](/rest/reference/migrations#map-a-commit-author) (:write) - [`GET /repos/:owner/:repo/import/large_files`](/rest/reference/migrations#get-large-files) (:read) -- [`PATCH /repos/:owner/:repo/import/lfs`](/rest/reference/migrations#update-git-lfs-preference) (:write) {% endif %} +- [`PATCH /repos/:owner/:repo/import/lfs`](/rest/reference/migrations#update-git-lfs-preference) (:write) +{% endif %} -_反应_ +### Reactions - [`DELETE /reactions/:reaction_id`](/rest/reference/reactions#delete-a-reaction-legacy) (:write) - [`DELETE /repos/:owner/:repo/comments/:comment_id/reactions/:reaction_id`](/rest/reference/reactions#delete-a-commit-comment-reaction) (:write) @@ -349,7 +423,7 @@ _反应_ - [`DELETE /orgs/:org/teams/:team_slug/discussions/:discussion_number/reactions/:reaction_id`](/rest/reference/reactions#delete-team-discussion-reaction) (:write) - [`DELETE /orgs/:org/teams/:team_slug/discussions/:discussion_number/comments/:comment_number/reactions/:reaction_id`](/rest/reference/reactions#delete-team-discussion-comment-reaction) (:write) -_发行版本_ +### Releases - [`GET /repos/:owner/:repo/releases`](/rest/reference/repos/#list-releases) (:read) - [`POST /repos/:owner/:repo/releases`](/rest/reference/repos/#create-a-release) (:write) - [`GET /repos/:owner/:repo/releases/:release_id`](/rest/reference/repos/#get-a-release) (:read) @@ -362,7 +436,7 @@ _发行版本_ - [`GET /repos/:owner/:repo/releases/latest`](/rest/reference/repos/#get-the-latest-release) (:read) - [`GET /repos/:owner/:repo/releases/tags/:tag`](/rest/reference/repos/#get-a-release-by-tag-name) (:read) -### 有关“部署”的权限 +## Permission on "deployments" - [`GET /repos/:owner/:repo/deployments`](/rest/reference/deployments#list-deployments) (:read) - [`POST /repos/:owner/:repo/deployments`](/rest/reference/deployments#create-a-deployment) (:write) @@ -373,16 +447,18 @@ _发行版本_ - [`GET /repos/:owner/:repo/deployments/:deployment_id/statuses/:status_id`](/rest/reference/deployments#get-a-deployment-status) (:read) {% ifversion fpt or ghes or ghec %} -### 有关“电子邮件”的权限 +## Permission on "emails" {% ifversion fpt or ghec -%} -- [`PATCH /user/email/visibility`](/rest/reference/users#set-primary-email-visibility-for-the-authenticated-user) (:write) {% endif -%} +- [`PATCH /user/email/visibility`](/rest/reference/users#set-primary-email-visibility-for-the-authenticated-user) (:write) +{% endif -%} - [`GET /user/emails`](/rest/reference/users#list-email-addresses-for-the-authenticated-user) (:read) - [`POST /user/emails`](/rest/reference/users#add-an-email-address-for-the-authenticated-user) (:write) - [`DELETE /user/emails`](/rest/reference/users#delete-an-email-address-for-the-authenticated-user) (:write) -- [`GET /user/public_emails`](/rest/reference/users#list-public-email-addresses-for-the-authenticated-user) (:read) {% endif %} +- [`GET /user/public_emails`](/rest/reference/users#list-public-email-addresses-for-the-authenticated-user) (:read) +{% endif %} -### 有关“关注者”的权限 +## Permission on "followers" - [`GET /user/followers`](/rest/reference/users#list-followers-of-a-user) (:read) - [`GET /user/following`](/rest/reference/users#list-the-people-a-user-follows) (:read) @@ -390,7 +466,7 @@ _发行版本_ - [`PUT /user/following/:username`](/rest/reference/users#follow-a-user) (:write) - [`DELETE /user/following/:username`](/rest/reference/users#unfollow-a-user) (:write) -### 有关“gpg 密钥”的权限 +## Permission on "gpg keys" - [`GET /user/gpg_keys`](/rest/reference/users#list-gpg-keys-for-the-authenticated-user) (:read) - [`POST /user/gpg_keys`](/rest/reference/users#create-a-gpg-key-for-the-authenticated-user) (:write) @@ -398,15 +474,16 @@ _发行版本_ - [`DELETE /user/gpg_keys/:gpg_key_id`](/rest/reference/users#delete-a-gpg-key-for-the-authenticated-user) (:write) {% ifversion fpt or ghec %} -### “交互限制”的权限 +## Permission on "interaction limits" - [`GET /user/interaction-limits`](/rest/reference/interactions#get-interaction-restrictions-for-your-public-repositories) (:read) - [`PUT /user/interaction-limits`](/rest/reference/interactions#set-interaction-restrictions-for-your-public-repositories) (:write) -- [`DELETE /user/interaction-limits`](/rest/reference/interactions#remove-interaction-restrictions-from-your-public-repositories) (:write) {% endif %} +- [`DELETE /user/interaction-limits`](/rest/reference/interactions#remove-interaction-restrictions-from-your-public-repositories) (:write) +{% endif %} -### 有关“议题”的权限 +## Permission on "issues" -议题和拉取请求密切相关。 有关详细信息,请参阅“[列出分配给已通过身份验证的用户的问题](/rest/reference/issues#list-issues-assigned-to-the-authenticated-user)”。 如果您的 GitHub 应用程序拥有处理议题的权限但没有处理拉取请求的权限,则这些端点将仅限于处理议题。 既返回议题又返回拉取请求的端点将被过滤。 允许对议题和拉取请求进行操作的端点将被限制为仅处理议题。 +Issues and pull requests are closely related. For more information, see "[List issues assigned to the authenticated user](/rest/reference/issues#list-issues-assigned-to-the-authenticated-user)." If your GitHub App has permissions on issues but not on pull requests, these endpoints will be limited to issues. Endpoints that return both issues and pull requests will be filtered. Endpoints that allow operations on both issues and pull requests will be restricted to issues. - [`GET /repos/:owner/:repo/issues`](/rest/reference/issues#list-repository-issues) (:read) - [`POST /repos/:owner/:repo/issues`](/rest/reference/issues#create-an-issue) (:write) @@ -426,17 +503,17 @@ _发行版本_ - [`GET /repos/:owner/:repo/issues/comments/:comment_id/reactions`](/rest/reference/reactions#list-reactions-for-an-issue-comment) (:read) - [`POST /repos/:owner/:repo/issues/comments/:comment_id/reactions`](/rest/reference/reactions#create-reaction-for-an-issue-comment) (:write) -_受理人_ +### Assignees - [`GET /repos/:owner/:repo/assignees`](/rest/reference/issues#list-assignees) (:read) - [`GET /repos/:owner/:repo/assignees/:username`](/rest/reference/issues#check-if-a-user-can-be-assigned) (:read) - [`POST /repos/:owner/:repo/issues/:issue_number/assignees`](/rest/reference/issues#add-assignees-to-an-issue) (:write) - [`DELETE /repos/:owner/:repo/issues/:issue_number/assignees`](/rest/reference/issues#remove-assignees-from-an-issue) (:write) -_事件_ +### Events - [`GET /repos/:owner/:repo/issues/:issue_number/events`](/rest/reference/issues#list-issue-events) (:read) - [`GET /repos/:owner/:repo/issues/events/:event_id`](/rest/reference/issues#get-an-issue-event) (:read) -_标签_ +### Labels - [`GET /repos/:owner/:repo/issues/:issue_number/labels`](/rest/reference/issues#list-labels-for-an-issue) (:read) - [`POST /repos/:owner/:repo/issues/:issue_number/labels`](/rest/reference/issues#add-labels-to-an-issue) (:write) - [`PUT /repos/:owner/:repo/issues/:issue_number/labels`](/rest/reference/issues#set-labels-for-an-issue) (:write) @@ -448,7 +525,7 @@ _标签_ - [`PATCH /repos/:owner/:repo/labels/:name`](/rest/reference/issues#update-a-label) (:write) - [`DELETE /repos/:owner/:repo/labels/:name`](/rest/reference/issues#delete-a-label) (:write) -_里程碑_ +### Milestones - [`GET /repos/:owner/:repo/milestones`](/rest/reference/issues#list-milestones) (:read) - [`POST /repos/:owner/:repo/milestones`](/rest/reference/issues#create-a-milestone) (:write) - [`GET /repos/:owner/:repo/milestones/:milestone_number`](/rest/reference/issues#get-a-milestone) (:read) @@ -456,7 +533,7 @@ _里程碑_ - [`DELETE /repos/:owner/:repo/milestones/:milestone_number`](/rest/reference/issues#delete-a-milestone) (:write) - [`GET /repos/:owner/:repo/milestones/:milestone_number/labels`](/rest/reference/issues#list-labels-for-issues-in-a-milestone) (:read) -_反应_ +### Reactions - [`GET /repos/:owner/:repo/issues/comments/:comment_id/reactions`](/rest/reference/reactions#list-reactions-for-an-issue-comment) (:read) - [`POST /repos/:owner/:repo/issues/comments/:comment_id/reactions`](/rest/reference/reactions#create-reaction-for-an-issue-comment) (:write) - [`GET /repos/:owner/:repo/issues/:issue_number/reactions`](/rest/reference/reactions#list-reactions-for-an-issue) (:read) @@ -469,38 +546,57 @@ _反应_ - [`DELETE /orgs/:org/teams/:team_slug/discussions/:discussion_number/reactions/:reaction_id`](/rest/reference/reactions#delete-team-discussion-reaction) (:write) - [`DELETE /orgs/:org/teams/:team_slug/discussions/:discussion_number/comments/:comment_number/reactions/:reaction_id`](/rest/reference/reactions#delete-team-discussion-comment-reaction) (:write) -### 有关“键”的权限 +## Permission on "keys" -_“键”_ +### Keys - [`GET /user/keys`](/rest/reference/users#list-public-ssh-keys-for-the-authenticated-user) (:read) - [`POST /user/keys`](/rest/reference/users#create-a-public-ssh-key-for-the-authenticated-user) (:write) - [`GET /user/keys/:key_id`](/rest/reference/users#get-a-public-ssh-key-for-the-authenticated-user) (:read) - [`DELETE /user/keys/:key_id`](/rest/reference/users#delete-a-public-ssh-key-for-the-authenticated-user) (:write) -### 有关“成员”的权限 +## Permission on "members" {% ifversion fpt or ghec -%} -- [`GET /organizations/:org_id/team/:team_id/team-sync/group-mappings`](/rest/reference/teams#list-idp-groups-for-a-team) (:write) {% endif -%} {% ifversion fpt or ghec -%} -- [`PATCH /organizations/:org_id/team/:team_id/team-sync/group-mappings`](/rest/reference/teams#create-or-update-idp-group-connections) (:write) {% endif -%} +- [`GET /organizations/:org_id/team/:team_id/team-sync/group-mappings`](/rest/reference/teams#list-idp-groups-for-a-team) (:write) +{% endif -%} +{% ifversion fpt or ghec -%} +- [`PATCH /organizations/:org_id/team/:team_id/team-sync/group-mappings`](/rest/reference/teams#create-or-update-idp-group-connections) (:write) +{% endif -%} - [`GET /orgs/:org/outside_collaborators`](/rest/reference/orgs#list-outside-collaborators-for-an-organization) (:read) - [`PUT /orgs/:org/outside_collaborators/:username`](/rest/reference/orgs#convert-an-organization-member-to-outside-collaborator) (:write) -- [`DELETE /orgs/:org/outside_collaborators/:username`](/rest/reference/orgs#remove-outside-collaborator-from-an-organization) (:write) {% ifversion fpt or ghec -%} -- [`GET /orgs/:org/team-sync/groups`](/rest/teams/team-sync#list-idp-groups-for-an-organization) (:write) {% endif -%} -- [`GET /orgs/:org/team/:team_id`](/rest/teams/teams#get-a-team-by-name) (:read) {% ifversion fpt or ghec -%} -- [`GET /scim/v2/orgs/:org/Users`](/rest/reference/scim#list-scim-provisioned-identities) (:write) {% endif -%} {% ifversion fpt or ghec -%} -- [`POST /scim/v2/orgs/:org/Users`](/rest/reference/scim#provision-and-invite-a-scim-user) (:write) {% endif -%} {% ifversion fpt or ghec -%} -- [`GET /scim/v2/orgs/:org/Users/:external_identity_guid`](/rest/reference/scim#get-scim-provisioning-information-for-a-user) (:write) {% endif -%} {% ifversion fpt or ghec -%} -- [`PUT /scim/v2/orgs/:org/Users/:external_identity_guid`](/rest/reference/scim#set-scim-information-for-a-provisioned-user) (:write) {% endif -%} {% ifversion fpt or ghec -%} -- [`PATCH /scim/v2/orgs/:org/Users/:external_identity_guid`](/rest/reference/scim#update-an-attribute-for-a-scim-user) (:write) {% endif -%} {% ifversion fpt or ghec -%} -- [`DELETE /scim/v2/orgs/:org/Users/:external_identity_guid`](/rest/reference/scim#delete-a-scim-user-from-an-organization) (:write) {% endif %} +- [`DELETE /orgs/:org/outside_collaborators/:username`](/rest/reference/orgs#remove-outside-collaborator-from-an-organization) (:write) +{% ifversion fpt or ghec -%} +- [`GET /orgs/:org/team-sync/groups`](/rest/teams/team-sync#list-idp-groups-for-an-organization) (:write) +{% endif -%} +- [`GET /orgs/:org/team/:team_id`](/rest/teams/teams#get-a-team-by-name) (:read) +{% ifversion fpt or ghec -%} +- [`GET /scim/v2/orgs/:org/Users`](/rest/reference/scim#list-scim-provisioned-identities) (:write) +{% endif -%} +{% ifversion fpt or ghec -%} +- [`POST /scim/v2/orgs/:org/Users`](/rest/reference/scim#provision-and-invite-a-scim-user) (:write) +{% endif -%} +{% ifversion fpt or ghec -%} +- [`GET /scim/v2/orgs/:org/Users/:external_identity_guid`](/rest/reference/scim#get-scim-provisioning-information-for-a-user) (:write) +{% endif -%} +{% ifversion fpt or ghec -%} +- [`PUT /scim/v2/orgs/:org/Users/:external_identity_guid`](/rest/reference/scim#set-scim-information-for-a-provisioned-user) (:write) +{% endif -%} +{% ifversion fpt or ghec -%} +- [`PATCH /scim/v2/orgs/:org/Users/:external_identity_guid`](/rest/reference/scim#update-an-attribute-for-a-scim-user) (:write) +{% endif -%} +{% ifversion fpt or ghec -%} +- [`DELETE /scim/v2/orgs/:org/Users/:external_identity_guid`](/rest/reference/scim#delete-a-scim-user-from-an-organization) (:write) +{% endif %} -{% ifversion fpt or ghec %} 邀请 +{% ifversion fpt or ghec %} +### Invitations - [`GET /orgs/:org/invitations`](/rest/reference/orgs#list-pending-organization-invitations) (:read) - [`POST /orgs/:org/invitations`](/rest/reference/orgs#create-an-organization-invitation) (:write) - [`GET /orgs/:org/invitations/:invitation_id/teams`](/rest/reference/orgs#list-organization-invitation-teams) (:read) -- [`GET /teams/:team_id/invitations`](/rest/reference/teams#list-pending-team-invitations) (:read) {% endif %} +- [`GET /teams/:team_id/invitations`](/rest/reference/teams#list-pending-team-invitations) (:read) +{% endif %} -组织成员 +### Organization members - [`DELETE /orgs/:org/members/:username`](/rest/reference/orgs#remove-an-organization-member) (:write) - [`GET /orgs/:org/memberships/:username`](/rest/reference/orgs#get-organization-membership-for-a-user) (:read) - [`PUT /orgs/:org/memberships/:username`](/rest/reference/orgs#set-organization-membership-for-a-user) (:write) @@ -511,13 +607,13 @@ _“键”_ - [`GET /user/memberships/orgs/:org`](/rest/reference/orgs#get-an-organization-membership-for-the-authenticated-user) (:read) - [`PATCH /user/memberships/orgs/:org`](/rest/reference/orgs#update-an-organization-membership-for-the-authenticated-user) (:write) -团队成员 +### Team members - [`GET /teams/:team_id/members`](/rest/reference/teams#list-team-members) (:read) - [`GET /teams/:team_id/memberships/:username`](/rest/reference/teams#get-team-membership-for-a-user) (:read) - [`PUT /teams/:team_id/memberships/:username`](/rest/reference/teams#add-or-update-team-membership-for-a-user) (:write) - [`DELETE /teams/:team_id/memberships/:username`](/rest/reference/teams#remove-team-membership-for-a-user) (:write) -_Teams_ +### Teams - [`GET /orgs/:org/teams`](/rest/reference/teams#list-teams) (:read) - [`POST /orgs/:org/teams`](/rest/reference/teams#create-a-team) (:write) - [`GET /orgs/:org/teams/:team_slug`](/rest/reference/teams#get-a-team-by-name) (:read) @@ -533,20 +629,28 @@ _Teams_ - [`DELETE /teams/:team_id/repos/:owner/:repo`](/rest/reference/teams#remove-a-repository-from-a-team) (:write) - [`GET /teams/:team_id/teams`](/rest/reference/teams#list-child-teams) (:read) -### 有关“组织管理”的权限 +## Permission on "organization administration" -- [`PATCH /orgs/:org`](/rest/reference/orgs#update-an-organization) (:write) {% ifversion actions-cache-management -%} +- [`PATCH /orgs/:org`](/rest/reference/orgs#update-an-organization) (:write) +{% ifversion actions-cache-management -%} - [`GET /orgs/:org/actions/cache/usage`](/rest/reference/actions#get-github-actions-cache-usage-for-an-organization) (:read) -- [`GET /orgs/:org/actions/cache/usage-by-repository`](/rest/reference/actions#list-repositories-with-github-actions-cache-usage-for-an-organization) (:read) {% endif -%} {% ifversion fpt or ghec -%} -- [`GET /orgs/:org/interaction-limits`](/rest/reference/interactions#get-interaction-restrictions-for-an-organization) (:read) {% endif -%} {% ifversion fpt or ghec -%} -- [`PUT /orgs/:org/interaction-limits`](/rest/reference/interactions#set-interaction-restrictions-for-an-organization) (:write) {% endif -%} {% ifversion fpt or ghec -%} -- [`DELETE /orgs/:org/interaction-limits`](/rest/reference/interactions#remove-interaction-restrictions-for-an-organization) (:write) {% endif %} +- [`GET /orgs/:org/actions/cache/usage-by-repository`](/rest/reference/actions#list-repositories-with-github-actions-cache-usage-for-an-organization) (:read) +{% endif -%} +{% ifversion fpt or ghec -%} +- [`GET /orgs/:org/interaction-limits`](/rest/reference/interactions#get-interaction-restrictions-for-an-organization) (:read) +{% endif -%} +{% ifversion fpt or ghec -%} +- [`PUT /orgs/:org/interaction-limits`](/rest/reference/interactions#set-interaction-restrictions-for-an-organization) (:write) +{% endif -%} +{% ifversion fpt or ghec -%} +- [`DELETE /orgs/:org/interaction-limits`](/rest/reference/interactions#remove-interaction-restrictions-for-an-organization) (:write) +{% endif %} -### 有关“组织事件”的权限 +## Permission on "organization events" - [`GET /users/:username/events/orgs/:org`](/rest/reference/activity#list-organization-events-for-the-authenticated-user) (:read) -### 有关“组织挂钩”的权限 +## Permission on "organization hooks" - [`GET /orgs/:org/hooks`](/rest/reference/orgs#webhooks/#list-organization-webhooks) (:read) - [`POST /orgs/:org/hooks`](/rest/reference/orgs#webhooks/#create-an-organization-webhook) (:write) @@ -555,18 +659,19 @@ _Teams_ - [`DELETE /orgs/:org/hooks/:hook_id`](/rest/reference/orgs#webhooks/#delete-an-organization-webhook) (:write) - [`POST /orgs/:org/hooks/:hook_id/pings`](/rest/reference/orgs#webhooks/#ping-an-organization-webhook) (:write) -_Teams_ +### Teams - [`DELETE /teams/:team_id/projects/:project_id`](/rest/reference/teams#remove-a-project-from-a-team) (:read) {% ifversion ghes %} -### 有关“组织预接收挂钩”的权限 +## Permission on "organization pre receive hooks" - [`GET /orgs/:org/pre-receive-hooks`](/enterprise/user/rest/reference/enterprise-admin#list-pre-receive-hooks-for-an-organization) (:read) - [`GET /orgs/:org/pre-receive-hooks/:pre_receive_hook_id`](/enterprise/user/rest/reference/enterprise-admin#get-a-pre-receive-hook-for-an-organization) (:read) - [`PATCH /orgs/:org/pre-receive-hooks/:pre_receive_hook_id`](/enterprise/user/rest/reference/enterprise-admin#update-pre-receive-hook-enforcement-for-an-organization) (:write) -- [`DELETE /orgs/:org/pre-receive-hooks/:pre_receive_hook_id`](/enterprise/user/rest/reference/enterprise-admin#remove-pre-receive-hook-enforcement-for-an-organization) (:write) {% endif %} +- [`DELETE /orgs/:org/pre-receive-hooks/:pre_receive_hook_id`](/enterprise/user/rest/reference/enterprise-admin#remove-pre-receive-hook-enforcement-for-an-organization) (:write) +{% endif %} -### 有关“组织项目”的权限 +## Permission on "organization projects" - [`POST /orgs/:org/projects`](/rest/reference/projects#create-an-organization-project) (:write) - [`GET /projects/:project_id`](/rest/reference/projects#get-a-project) (:read) @@ -587,14 +692,15 @@ _Teams_ - [`POST /projects/columns/cards/:card_id/moves`](/rest/reference/projects#move-a-project-card) (:write) {% ifversion fpt or ghec %} -### 有关"组织用户阻止"的权限 +## Permission on "organization user blocking" - [`GET /orgs/:org/blocks`](/rest/reference/orgs#list-users-blocked-by-an-organization) (:read) - [`GET /orgs/:org/blocks/:username`](/rest/reference/orgs#check-if-a-user-is-blocked-by-an-organization) (:read) - [`PUT /orgs/:org/blocks/:username`](/rest/reference/orgs#block-a-user-from-an-organization) (:write) -- [`DELETE /orgs/:org/blocks/:username`](/rest/reference/orgs#unblock-a-user-from-an-organization) (:write) {% endif %} +- [`DELETE /orgs/:org/blocks/:username`](/rest/reference/orgs#unblock-a-user-from-an-organization) (:write) +{% endif %} -### 有关“页面”的权限 +## Permission on "pages" - [`GET /repos/:owner/:repo/pages`](/rest/reference/pages#get-a-github-pages-site) (:read) - [`POST /repos/:owner/:repo/pages`](/rest/reference/pages#create-a-github-pages-site) (:write) @@ -603,13 +709,15 @@ _Teams_ - [`GET /repos/:owner/:repo/pages/builds`](/rest/reference/pages#list-github-pages-builds) (:read) - [`POST /repos/:owner/:repo/pages/builds`](/rest/reference/pages#request-a-github-pages-build) (:write) - [`GET /repos/:owner/:repo/pages/builds/:build_id`](/rest/reference/pages#get-github-pages-build) (:read) -- [`GET /repos/:owner/:repo/pages/builds/latest`](/rest/reference/pages#get-latest-pages-build) (:read) {% ifversion fpt or ghec -%} +- [`GET /repos/:owner/:repo/pages/builds/latest`](/rest/reference/pages#get-latest-pages-build) (:read) +{% ifversion fpt or ghec -%} - [`GET /repos/:owner/:repo/pages/health`](/rest/reference/pages#get-a-dns-health-check-for-github-pages) (:write) -- [`POST /repos/:owner/:repo/pages/deployment`](/rest/reference/repos#create-a-github-pages-deployment) (:write) {% endif %} +- [`POST /repos/:owner/:repo/pages/deployment`](/rest/reference/repos#create-a-github-pages-deployment) (:write) +{% endif %} -### 有关“拉取请求”的权限 +## Permission on "pull requests" -拉取请求和议题密切相关。 如果您的 GitHub 应用程序拥有处理拉取请求的权限但没有处理议题的权限,则这些端点将仅限于处理拉取请求。 既返回拉取请求又返回议题的端点将被过滤。 允许对拉取请求和议题进行操作的端点将被限制为仅处理拉取请求。 +Pull requests and issues are closely related. If your GitHub App has permissions on pull requests but not on issues, these endpoints will be limited to pull requests. Endpoints that return both pull requests and issues will be filtered. Endpoints that allow operations on both pull requests and issues will be restricted to pull requests. - [`PATCH /repos/:owner/:repo/issues/:issue_number`](/rest/reference/issues#update-an-issue) (:write) - [`GET /repos/:owner/:repo/issues/:issue_number/comments`](/rest/reference/issues#list-issue-comments) (:read) @@ -635,18 +743,18 @@ _Teams_ - [`PATCH /repos/:owner/:repo/pulls/comments/:comment_id`](/rest/reference/pulls#update-a-review-comment-for-a-pull-request) (:write) - [`DELETE /repos/:owner/:repo/pulls/comments/:comment_id`](/rest/reference/pulls#delete-a-review-comment-for-a-pull-request) (:write) -_受理人_ +### Assignees - [`GET /repos/:owner/:repo/assignees`](/rest/reference/issues#list-assignees) (:read) - [`GET /repos/:owner/:repo/assignees/:username`](/rest/reference/issues#check-if-a-user-can-be-assigned) (:read) - [`POST /repos/:owner/:repo/issues/:issue_number/assignees`](/rest/reference/issues#add-assignees-to-an-issue) (:write) - [`DELETE /repos/:owner/:repo/issues/:issue_number/assignees`](/rest/reference/issues#remove-assignees-from-an-issue) (:write) -_事件_ +### Events - [`GET /repos/:owner/:repo/issues/:issue_number/events`](/rest/reference/issues#list-issue-events) (:read) - [`GET /repos/:owner/:repo/issues/events/:event_id`](/rest/reference/issues#get-an-issue-event) (:read) - [`POST /repos/:owner/:repo/pulls/:pull_number/reviews/:review_id/events`](/rest/reference/pulls#submit-a-review-for-a-pull-request) (:write) -_标签_ +### Labels - [`GET /repos/:owner/:repo/issues/:issue_number/labels`](/rest/reference/issues#list-labels-for-an-issue) (:read) - [`POST /repos/:owner/:repo/issues/:issue_number/labels`](/rest/reference/issues#add-labels-to-an-issue) (:write) - [`PUT /repos/:owner/:repo/issues/:issue_number/labels`](/rest/reference/issues#set-labels-for-an-issue) (:write) @@ -658,7 +766,7 @@ _标签_ - [`PATCH /repos/:owner/:repo/labels/:name`](/rest/reference/issues#update-a-label) (:write) - [`DELETE /repos/:owner/:repo/labels/:name`](/rest/reference/issues#delete-a-label) (:write) -_里程碑_ +### Milestones - [`GET /repos/:owner/:repo/milestones`](/rest/reference/issues#list-milestones) (:read) - [`POST /repos/:owner/:repo/milestones`](/rest/reference/issues#create-a-milestone) (:write) - [`GET /repos/:owner/:repo/milestones/:milestone_number`](/rest/reference/issues#get-a-milestone) (:read) @@ -666,7 +774,7 @@ _里程碑_ - [`DELETE /repos/:owner/:repo/milestones/:milestone_number`](/rest/reference/issues#delete-a-milestone) (:write) - [`GET /repos/:owner/:repo/milestones/:milestone_number/labels`](/rest/reference/issues#list-labels-for-issues-in-a-milestone) (:read) -_反应_ +### Reactions - [`POST /repos/:owner/:repo/issues/:issue_number/reactions`](/rest/reference/reactions#create-reaction-for-an-issue) (:write) - [`GET /repos/:owner/:repo/issues/comments/:comment_id/reactions`](/rest/reference/reactions#list-reactions-for-an-issue-comment) (:read) - [`POST /repos/:owner/:repo/issues/comments/:comment_id/reactions`](/rest/reference/reactions#create-reaction-for-an-issue-comment) (:write) @@ -680,12 +788,12 @@ _反应_ - [`DELETE /orgs/:org/teams/:team_slug/discussions/:discussion_number/reactions/:reaction_id`](/rest/reference/reactions#delete-team-discussion-reaction) (:write) - [`DELETE /orgs/:org/teams/:team_slug/discussions/:discussion_number/comments/:comment_number/reactions/:reaction_id`](/rest/reference/reactions#delete-team-discussion-comment-reaction) (:write) -请求的审查者 +### Requested reviewers - [`GET /repos/:owner/:repo/pulls/:pull_number/requested_reviewers`](/rest/reference/pulls#list-requested-reviewers-for-a-pull-request) (:read) - [`POST /repos/:owner/:repo/pulls/:pull_number/requested_reviewers`](/rest/reference/pulls#request-reviewers-for-a-pull-request) (:write) - [`DELETE /repos/:owner/:repo/pulls/:pull_number/requested_reviewers`](/rest/reference/pulls#remove-requested-reviewers-from-a-pull-request) (:write) -_评审_ +### Reviews - [`GET /repos/:owner/:repo/pulls/:pull_number/reviews`](/rest/reference/pulls#list-reviews-for-a-pull-request) (:read) - [`POST /repos/:owner/:repo/pulls/:pull_number/reviews`](/rest/reference/pulls#create-a-review-for-a-pull-request) (:write) - [`GET /repos/:owner/:repo/pulls/:pull_number/reviews/:review_id`](/rest/reference/pulls#get-a-review-for-a-pull-request) (:read) @@ -694,11 +802,11 @@ _评审_ - [`GET /repos/:owner/:repo/pulls/:pull_number/reviews/:review_id/comments`](/rest/reference/pulls#list-comments-for-a-pull-request-review) (:read) - [`PUT /repos/:owner/:repo/pulls/:pull_number/reviews/:review_id/dismissals`](/rest/reference/pulls#dismiss-a-review-for-a-pull-request) (:write) -### 有关“个人资料”的权限 +## Permission on "profile" - [`PATCH /user`](/rest/reference/users#update-the-authenticated-user) (:write) -### 有关“仓库挂钩”的权限 +## Permission on "repository hooks" - [`GET /repos/:owner/:repo/hooks`](/rest/reference/webhooks#list-repository-webhooks) (:read) - [`POST /repos/:owner/:repo/hooks`](/rest/reference/webhooks#create-a-repository-webhook) (:write) @@ -709,14 +817,15 @@ _评审_ - [`POST /repos/:owner/:repo/hooks/:hook_id/tests`](/rest/reference/repos#test-the-push-repository-webhook) (:read) {% ifversion ghes %} -### 有关“仓库预接收挂钩”的权限 +## Permission on "repository pre receive hooks" - [`GET /repos/:owner/:repo/pre-receive-hooks`](/enterprise/user/rest/reference/enterprise-admin#list-pre-receive-hooks-for-a-repository) (:read) - [`GET /repos/:owner/:repo/pre-receive-hooks/:pre_receive_hook_id`](/enterprise/user/rest/reference/enterprise-admin#get-a-pre-receive-hook-for-a-repository) (:read) - [`PATCH /repos/:owner/:repo/pre-receive-hooks/:pre_receive_hook_id`](/enterprise/user/rest/reference/enterprise-admin#update-pre-receive-hook-enforcement-for-a-repository) (:write) -- [`DELETE /repos/:owner/:repo/pre-receive-hooks/:pre_receive_hook_id`](/enterprise/user/rest/reference/enterprise-admin#remove-pre-receive-hook-enforcement-for-a-repository) (:write) {% endif %} +- [`DELETE /repos/:owner/:repo/pre-receive-hooks/:pre_receive_hook_id`](/enterprise/user/rest/reference/enterprise-admin#remove-pre-receive-hook-enforcement-for-a-repository) (:write) +{% endif %} -### 有关“仓库项目”的权限 +## Permission on "repository projects" - [`GET /projects/:project_id`](/rest/reference/projects#get-a-project) (:read) - [`PATCH /projects/:project_id`](/rest/reference/projects#update-a-project) (:write) @@ -737,11 +846,11 @@ _评审_ - [`GET /repos/:owner/:repo/projects`](/rest/reference/projects#list-repository-projects) (:read) - [`POST /repos/:owner/:repo/projects`](/rest/reference/projects#create-a-repository-project) (:write) -_Teams_ +### Teams - [`DELETE /teams/:team_id/projects/:project_id`](/rest/reference/teams#remove-a-project-from-a-team) (:read) {% ifversion fpt or ghec %} -### 有关“密钥”的权限 +## Permission on "secrets" - [`GET /repos/:owner/:repo/actions/secrets/public-key`](/rest/reference/actions#get-a-repository-public-key) (:read) - [`GET /repos/:owner/:repo/actions/secrets`](/rest/reference/actions#list-repository-secrets) (:read) @@ -756,10 +865,11 @@ _Teams_ - [`PUT /orgs/:org/actions/secrets/:secret_name/repositories`](/rest/reference/actions#set-selected-repositories-for-an-organization-secret) (:write) - [`PUT /orgs/:org/actions/secrets/:secret_name/repositories/:repository_id`](/rest/reference/actions#add-selected-repository-to-an-organization-secret) (:write) - [`DELETE /orgs/:org/actions/secrets/:secret_name/repositories/:repository_id`](/rest/reference/actions#remove-selected-repository-from-an-organization-secret) (:write) -- [`DELETE /orgs/:org/actions/secrets/:secret_name`](/rest/reference/actions#delete-an-organization-secret) (:write) {% endif %} +- [`DELETE /orgs/:org/actions/secrets/:secret_name`](/rest/reference/actions#delete-an-organization-secret) (:write) +{% endif %} {% ifversion fpt or ghec or ghes > 3.3%} -### 对 "dependabot_secrets" 的权限 +## Permission on "dependabot_secrets" - [`GET /repos/:owner/:repo/dependabot/secrets/public-key`](/rest/reference/dependabot#get-a-repository-public-key) (:read) - [`GET /repos/:owner/:repo/dependabot/secrets`](/rest/reference/dependabot#list-repository-secrets) (:read) - [`GET /repos/:owner/:repo/dependabot/secrets/:secret_name`](/rest/reference/dependabot#get-a-repository-secret) (:read) @@ -773,31 +883,43 @@ _Teams_ - [`PUT /orgs/:org/dependabot/secrets/:secret_name/repositories`](/rest/reference/dependabot#set-selected-repositories-for-an-organization-secret) (:write) - [`PUT /orgs/:org/dependabot/secrets/:secret_name/repositories/:repository_id`](/rest/reference/dependabot#add-selected-repository-to-an-organization-secret) (:write) - [`DELETE /orgs/:org/dependabot/secrets/:secret_name/repositories/:repository_id`](/rest/reference/dependabot#remove-selected-repository-from-an-organization-secret) (:write) -- [`DELETE /orgs/:org/dependabot/secrets/:secret_name`](/rest/reference/dependabot#delete-an-organization-secret) (:write) {% endif %} +- [`DELETE /orgs/:org/dependabot/secrets/:secret_name`](/rest/reference/dependabot#delete-an-organization-secret) (:write) +{% endif %} {% ifversion ghes or ghec %} -### 对于“密码扫描警报”的权限 +## Permission on "secret scanning alerts" - [`GET /repos/:owner/:repo/secret-scanning/alerts`](/rest/reference/secret-scanning#list-secret-scanning-alerts-for-a-repository) (:read) - [`GET /repos/:owner/:repo/secret-scanning/alerts/:alert_number`](/rest/reference/secret-scanning#get-a-secret-scanning-alert) (:read) - [`PATCH /repos/:owner/:repo/secret-scanning/alerts/:alert_number`](/rest/reference/secret-scanning#update-a-secret-scanning-alert) (:write) -- [`GET /repos/:owner/:repo/secret-scanning/alerts/:alert_number/locations`](/rest/reference/secret-scanning#list-locations-for-a-secret-scanning-alert) (:read) {% endif %} +- [`GET /repos/:owner/:repo/secret-scanning/alerts/:alert_number/locations`](/rest/reference/secret-scanning#list-locations-for-a-secret-scanning-alert) (:read) +{% endif %} -### 有关“安全事件”的权限 +## Permission on "security events" - [`GET /repos/:owner/:repo/code-scanning/alerts`](/rest/reference/code-scanning#list-code-scanning-alerts-for-a-repository) (:read) - [`GET /repos/:owner/:repo/code-scanning/alerts/:alert_number`](/rest/reference/code-scanning#get-a-code-scanning-alert) (:read) -- [`PATCH /repos/:owner/:repo/code-scanning/alerts/:alert_number`](/rest/reference/code-scanning#update-a-code-scanning-alert) (:write) {% ifversion fpt or ghec or ghes or ghae -%} -- [`GET /repos/:owner/:repo/code-scanning/alerts/:alert_number/instances`](/rest/reference/code-scanning#list-instances-of-a-code-scanning-alert) (:read) {% endif -%} -- [`GET /repos/:owner/:repo/code-scanning/analyses`](/rest/reference/code-scanning#list-code-scanning-analyses-for-a-repository) (:read) {% ifversion fpt or ghec or ghes or ghae -%} -- [`GET /repos/:owner/:repo/code-scanning/analyses/:analysis_id`](/rest/reference/code-scanning#get-a-code-scanning-analysis-for-a-repository) (:read) {% endif -%} {% ifversion fpt or ghec or ghes -%} -- [`DELETE /repos/:owner/:repo/code-scanning/analyses/:analysis_id`](/rest/reference/code-scanning#delete-a-code-scanning-analysis-from-a-repository) (:write) {% endif -%} -- [`POST /repos/:owner/:repo/code-scanning/sarifs`](/rest/reference/code-scanning#upload-an-analysis-as-sarif-data) (:write) {% ifversion fpt or ghec or ghes or ghae -%} -- [`GET /repos/:owner/:repo/code-scanning/sarifs/:sarif_id`](/rest/reference/code-scanning#get-information-about-a-sarif-upload) (:read) {% endif -%} {% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5435 -%} -- [`GET /orgs/:org/code-scanning/alerts`](/rest/reference/code-scanning#list-code-scanning-alerts-by-organization) (:read) {% endif -%} +- [`PATCH /repos/:owner/:repo/code-scanning/alerts/:alert_number`](/rest/reference/code-scanning#update-a-code-scanning-alert) (:write) +{% ifversion fpt or ghec or ghes or ghae -%} +- [`GET /repos/:owner/:repo/code-scanning/alerts/:alert_number/instances`](/rest/reference/code-scanning#list-instances-of-a-code-scanning-alert) (:read) +{% endif -%} +- [`GET /repos/:owner/:repo/code-scanning/analyses`](/rest/reference/code-scanning#list-code-scanning-analyses-for-a-repository) (:read) +{% ifversion fpt or ghec or ghes or ghae -%} +- [`GET /repos/:owner/:repo/code-scanning/analyses/:analysis_id`](/rest/reference/code-scanning#get-a-code-scanning-analysis-for-a-repository) (:read) +{% endif -%} +{% ifversion fpt or ghec or ghes -%} +- [`DELETE /repos/:owner/:repo/code-scanning/analyses/:analysis_id`](/rest/reference/code-scanning#delete-a-code-scanning-analysis-from-a-repository) (:write) +{% endif -%} +- [`POST /repos/:owner/:repo/code-scanning/sarifs`](/rest/reference/code-scanning#upload-an-analysis-as-sarif-data) (:write) +{% ifversion fpt or ghec or ghes or ghae -%} +- [`GET /repos/:owner/:repo/code-scanning/sarifs/:sarif_id`](/rest/reference/code-scanning#get-information-about-a-sarif-upload) (:read) +{% endif -%} +{% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 -%} +- [`GET /orgs/:org/code-scanning/alerts`](/rest/reference/code-scanning#list-code-scanning-alerts-by-organization) (:read) +{% endif -%} {% ifversion fpt or ghes or ghec %} -### 有关“自托管运行器”的权限 +## Permission on "self-hosted runners" - [`GET /orgs/:org/actions/runners/downloads`](/rest/reference/actions#list-runner-applications-for-an-organization) (:read) - [`POST /orgs/:org/actions/runners/registration-token`](/rest/reference/actions#create-a-registration-token-for-an-organization) (:write) - [`GET /orgs/:org/actions/runners`](/rest/reference/actions#list-self-hosted-runners-for-an-organization) (:read) @@ -808,27 +930,28 @@ _Teams_ - [`POST /orgs/:org/actions/runners/:runner_id/labels`](/rest/reference/actions#add-custom-labels-to-a-self-hosted-runner-for-an-organization) (:write) - [`PUT /orgs/:org/actions/runners/:runner_id/labels`](/rest/reference/actions#set-custom-labels-for-a-self-hosted-runner-for-an-organization) (:write) - [`DELETE /orgs/:org/actions/runners/:runner_id/labels`](/rest/reference/actions#remove-all-custom-labels-from-a-self-hosted-runner-for-an-organization) (:write) -- [`DELETE /orgs/:org/actions/runners/:runner_id/labels/:name`](/rest/reference/actions#remove-a-custom-label-from-a-self-hosted-runner-for-an-organization) (:write) {% endif %} +- [`DELETE /orgs/:org/actions/runners/:runner_id/labels/:name`](/rest/reference/actions#remove-a-custom-label-from-a-self-hosted-runner-for-an-organization) (:write) +{% endif %} -### 有关“单个文件”的权限 +## Permission on "single file" - [`GET /repos/:owner/:repo/contents/:path`](/rest/reference/repos#get-repository-content) (:read) - [`PUT /repos/:owner/:repo/contents/:path`](/rest/reference/repos#create-or-update-file-contents) (:write) - [`DELETE /repos/:owner/:repo/contents/:path`](/rest/reference/repos#delete-a-file) (:write) -### 有关“星标”的权限 +## Permission on "starring" - [`GET /user/starred/:owner/:repo`](/rest/reference/activity#check-if-a-repository-is-starred-by-the-authenticated-user) (:read) - [`PUT /user/starred/:owner/:repo`](/rest/reference/activity#star-a-repository-for-the-authenticated-user) (:write) - [`DELETE /user/starred/:owner/:repo`](/rest/reference/activity#unstar-a-repository-for-the-authenticated-user) (:write) -### 有关“状态”的权限 +## Permission on "statuses" - [`GET /repos/:owner/:repo/commits/:ref/status`](/rest/reference/commits#get-the-combined-status-for-a-specific-reference) (:read) - [`GET /repos/:owner/:repo/commits/:ref/statuses`](/rest/reference/commits#list-commit-statuses-for-a-reference) (:read) - [`POST /repos/:owner/:repo/statuses/:sha`](/rest/reference/commits#create-a-commit-status) (:write) -### 有关“团队讨论”的权限 +## Permission on "team discussions" - [`GET /teams/:team_id/discussions`](/rest/reference/teams#list-discussions) (:read) - [`POST /teams/:team_id/discussions`](/rest/reference/teams#create-a-discussion) (:write) diff --git a/translations/zh-CN/data/features/GH-advisory-db-erlang-support.yml b/translations/zh-CN/data/features/GH-advisory-db-erlang-support.yml new file mode 100644 index 0000000000..2548be6c39 --- /dev/null +++ b/translations/zh-CN/data/features/GH-advisory-db-erlang-support.yml @@ -0,0 +1,7 @@ +# Reference: Issue #6207. +# We have added support for Elixir advisories to the Advisory Database. +versions: + fpt: '*' + ghec: '*' + ghes: '>=3.7' + ghae: 'issue-6207' diff --git a/translations/zh-CN/data/features/actions-cache-list-delete-apis.yml b/translations/zh-CN/data/features/actions-cache-list-delete-apis.yml new file mode 100644 index 0000000000..d023739f98 --- /dev/null +++ b/translations/zh-CN/data/features/actions-cache-list-delete-apis.yml @@ -0,0 +1,8 @@ +# Reference: #7340 +# Extends actions-cache-management.yml (Issue #6154) +# Documentation for Actions cache list and delete APIs +versions: + fpt: '*' + ghec: '*' + ghes: '> 3.6' + ghae: '问题-7340' diff --git a/translations/zh-CN/data/features/actions-hosted-runners.yml b/translations/zh-CN/data/features/actions-hosted-runners.yml new file mode 100644 index 0000000000..d7b08dee74 --- /dev/null +++ b/translations/zh-CN/data/features/actions-hosted-runners.yml @@ -0,0 +1,5 @@ +# Reference: #6458 +# Larger GitHub-hosted runners +versions: + fpt: '*' + ghec: '*' diff --git a/translations/zh-CN/data/features/actions-inherit-secrets-reusable-workflows.yml b/translations/zh-CN/data/features/actions-inherit-secrets-reusable-workflows.yml new file mode 100644 index 0000000000..86a874e132 --- /dev/null +++ b/translations/zh-CN/data/features/actions-inherit-secrets-reusable-workflows.yml @@ -0,0 +1,7 @@ +# Reference: #6920 +# Documentation for inheriting secrets from the calling workflow +versions: + fpt: '*' + ghec: '*' + ghes: '>= 3.6' + ghae: '问题-6920' diff --git a/translations/zh-CN/data/features/actions-job-summaries.yml b/translations/zh-CN/data/features/actions-job-summaries.yml new file mode 100644 index 0000000000..b1da5052e0 --- /dev/null +++ b/translations/zh-CN/data/features/actions-job-summaries.yml @@ -0,0 +1,7 @@ +# Reference: #6405 +# Documentation for job summaries for jobs on the workflow run summary page. +versions: + fpt: '*' + ghec: '*' + ghes: '>3.5' + ghae: 'issue-6405' diff --git a/translations/zh-CN/data/features/actions-oidc-hardening-config.yml b/translations/zh-CN/data/features/actions-oidc-hardening-config.yml new file mode 100644 index 0000000000..bd23498113 --- /dev/null +++ b/translations/zh-CN/data/features/actions-oidc-hardening-config.yml @@ -0,0 +1,6 @@ +# Reference: #7336 +# General versioning for oidc hardening options +versions: + fpt: '*' + ghec: '*' + ghes: '>=3.7' diff --git a/translations/zh-CN/data/features/actions-reusable-workflow-matrix.yml b/translations/zh-CN/data/features/actions-reusable-workflow-matrix.yml new file mode 100644 index 0000000000..f818dcaeac --- /dev/null +++ b/translations/zh-CN/data/features/actions-reusable-workflow-matrix.yml @@ -0,0 +1,7 @@ +# Reference: #7094 +# Documentation for allowing matrix jobs to call reusable workflows. +versions: + fpt: '*' + ghec: '*' + ghes: '>=3.7' + ghae: '问题-7094' diff --git a/translations/zh-CN/data/features/actions-stable-actor-ids.yml b/translations/zh-CN/data/features/actions-stable-actor-ids.yml new file mode 100644 index 0000000000..2078999e62 --- /dev/null +++ b/translations/zh-CN/data/features/actions-stable-actor-ids.yml @@ -0,0 +1,7 @@ +# Issue 7387 +# Differentiating triggering actor from executing actor +versions: + fpt: '*' + ghec: '*' + ghes: '>=3.7' + ghae: '问题-7387' diff --git a/translations/zh-CN/data/features/actions-starter-template-ui.yml b/translations/zh-CN/data/features/actions-starter-template-ui.yml new file mode 100644 index 0000000000..37e13246f1 --- /dev/null +++ b/translations/zh-CN/data/features/actions-starter-template-ui.yml @@ -0,0 +1,7 @@ +# Reference: #5169. +# Documentation for the Actions starter template UI updates +versions: + fpt: '*' + ghec: '*' + ghes: '>3.4' + ghae: 'issue-5169' diff --git a/translations/zh-CN/data/features/actions-unified-inputs.yml b/translations/zh-CN/data/features/actions-unified-inputs.yml new file mode 100644 index 0000000000..c7491a1ce4 --- /dev/null +++ b/translations/zh-CN/data/features/actions-unified-inputs.yml @@ -0,0 +1,6 @@ +# Issue 6921 +versions: + fpt: '*' + ghec: '*' + ghes: '>=3.6' + ghae: '问题-6921' diff --git a/translations/zh-CN/data/features/allow-actions-to-approve-pr.yml b/translations/zh-CN/data/features/allow-actions-to-approve-pr.yml new file mode 100644 index 0000000000..0f1c36ad0e --- /dev/null +++ b/translations/zh-CN/data/features/allow-actions-to-approve-pr.yml @@ -0,0 +1,7 @@ +# Reference: #6926. +# Versioning for org policy settings for workflow PR approval permission. This is only org setting! For the later separate ship for the enterprise and repo setting, see the allow-actions-to-approve-pr-with-ent-repo flag. +versions: + fpt: '*' + ghec: '*' + ghes: '>=3.5' + ghae: 'issue-6926' diff --git a/translations/zh-CN/data/features/audit-log-sso-response-events.yml b/translations/zh-CN/data/features/audit-log-sso-response-events.yml new file mode 100644 index 0000000000..00ac767fec --- /dev/null +++ b/translations/zh-CN/data/features/audit-log-sso-response-events.yml @@ -0,0 +1,6 @@ +# Documentation for adding business.sso_response and org.sso_repsonse + +versions: + ghec: '*' + ghes: '>=3.8' + ghae: '问题-7939' diff --git a/translations/zh-CN/data/features/autolink-reference-alphanumeric.yml b/translations/zh-CN/data/features/autolink-reference-alphanumeric.yml new file mode 100644 index 0000000000..26be828afa --- /dev/null +++ b/translations/zh-CN/data/features/autolink-reference-alphanumeric.yml @@ -0,0 +1,7 @@ +# Reference: #7370. +# Versioning for autolinks being able to accept alphanumeric chars. +versions: + fpt: '*' + ghec: '*' + ghes: '>=3.7' + ghae: '问题-7370' diff --git a/translations/zh-CN/data/features/build-pages-with-actions.yml b/translations/zh-CN/data/features/build-pages-with-actions.yml new file mode 100644 index 0000000000..458017e24d --- /dev/null +++ b/translations/zh-CN/data/features/build-pages-with-actions.yml @@ -0,0 +1,5 @@ +# Issue 7584 +# Building Pages sites with Actions [GA] +versions: + fpt: '*' + ghec: '*' diff --git a/translations/zh-CN/data/features/bypass-branch-protections.yml b/translations/zh-CN/data/features/bypass-branch-protections.yml new file mode 100644 index 0000000000..9f8d70de25 --- /dev/null +++ b/translations/zh-CN/data/features/bypass-branch-protections.yml @@ -0,0 +1,7 @@ +# Issue: 6667 +# Description: Allow merging pull requests without complying with branch protection rules. +versions: + fpt: '*' + ghec: '*' + ghes: '>=3.7' + ghae: '问题-6667' diff --git a/translations/zh-CN/data/features/classic-project-visibility-permissions-or-projects-v2.yml b/translations/zh-CN/data/features/classic-project-visibility-permissions-or-projects-v2.yml new file mode 100644 index 0000000000..26bf35a87d --- /dev/null +++ b/translations/zh-CN/data/features/classic-project-visibility-permissions-or-projects-v2.yml @@ -0,0 +1,7 @@ +# Issue 7720 +# Organization owners can restrict public classic projects /OR/ Projects V2 +versions: + fpt: '*' + ghec: '*' + ghes: '>3.6' + ghae: '问题-7720' diff --git a/translations/zh-CN/data/features/classic-project-visibility-permissions.yml b/translations/zh-CN/data/features/classic-project-visibility-permissions.yml new file mode 100644 index 0000000000..f02b674bcf --- /dev/null +++ b/translations/zh-CN/data/features/classic-project-visibility-permissions.yml @@ -0,0 +1,7 @@ +# Issue 7720 +# Organization owners can restrict public classic projects. +versions: + fpt: '*' + ghec: '*' + ghes: '>3.6' + ghae: '问题-7720' diff --git a/translations/zh-CN/data/features/code-scanning-exclude-queries-from-analysis.yml b/translations/zh-CN/data/features/code-scanning-exclude-queries-from-analysis.yml new file mode 100644 index 0000000000..d3924694c8 --- /dev/null +++ b/translations/zh-CN/data/features/code-scanning-exclude-queries-from-analysis.yml @@ -0,0 +1,7 @@ +# Issue 7617 +# Users can easily exclude CodeQL queries from code scanning analyses - [GA] +versions: + fpt: '*' + ghec: '*' + ghes: '>3.6' + ghae: '问题-7617' diff --git a/translations/zh-CN/data/features/code-scanning-task-lists.yml b/translations/zh-CN/data/features/code-scanning-task-lists.yml new file mode 100644 index 0000000000..7026a87ed6 --- /dev/null +++ b/translations/zh-CN/data/features/code-scanning-task-lists.yml @@ -0,0 +1,4 @@ +versions: + fpt: '*' + ghec: '*' + ghae: '问题-5036' diff --git a/translations/zh-CN/data/features/codeql-action-debug-logging.yml b/translations/zh-CN/data/features/codeql-action-debug-logging.yml new file mode 100644 index 0000000000..76008d8e4c --- /dev/null +++ b/translations/zh-CN/data/features/codeql-action-debug-logging.yml @@ -0,0 +1,7 @@ +# Reference: Issue #2499 in the codeql-core repository, and issue #7626 in the docs-content repository +# We have added one-click re-running in debug mode for code scanning CodeQL. +versions: + fpt: '*' + ghec: '*' + ghes: '>3.6' + ghae: 'issue-7626' diff --git a/translations/zh-CN/data/features/codeql-runner-supported.yml b/translations/zh-CN/data/features/codeql-runner-supported.yml new file mode 100644 index 0000000000..897bc7a079 --- /dev/null +++ b/translations/zh-CN/data/features/codeql-runner-supported.yml @@ -0,0 +1,5 @@ +# Tracking deprecation of CodeQL runner +# https://github.blog/changelog/2022-04-05-codeql-runner-is-now-deprecated/ + +versions: + ghes: '<=3.3' diff --git a/translations/zh-CN/data/features/comment-dismissed-code-scanning-alert.yml b/translations/zh-CN/data/features/comment-dismissed-code-scanning-alert.yml new file mode 100644 index 0000000000..f52ee0b106 --- /dev/null +++ b/translations/zh-CN/data/features/comment-dismissed-code-scanning-alert.yml @@ -0,0 +1,5 @@ +versions: + fpt: '*' + ghec: '*' + ghes: '>=3.6' + ghae: '问题-2191' diff --git a/translations/zh-CN/data/features/commit-signoffs.yml b/translations/zh-CN/data/features/commit-signoffs.yml new file mode 100644 index 0000000000..26fe611963 --- /dev/null +++ b/translations/zh-CN/data/features/commit-signoffs.yml @@ -0,0 +1,5 @@ +versions: + fpt: '*' + ghec: '*' + ghes: '>=3.6' + ghae: 'issue-6049' diff --git a/translations/zh-CN/data/features/commit-tree-view.yml b/translations/zh-CN/data/features/commit-tree-view.yml new file mode 100644 index 0000000000..305a9ac397 --- /dev/null +++ b/translations/zh-CN/data/features/commit-tree-view.yml @@ -0,0 +1,7 @@ +# Issue 6662 +# Commit file tree view +versions: + fpt: '*' + ghec: '*' + ghes: '>=3.6' + ghae: '问题-6662' diff --git a/translations/zh-CN/data/features/create-branch-from-overview.yml b/translations/zh-CN/data/features/create-branch-from-overview.yml new file mode 100644 index 0000000000..a51e624c41 --- /dev/null +++ b/translations/zh-CN/data/features/create-branch-from-overview.yml @@ -0,0 +1,5 @@ +versions: + fpt: '*' + ghec: '*' + ghes: '>=3.7' + ghae: 'issue-6670' diff --git a/translations/zh-CN/data/features/custom-pattern-dry-run-ga.yml b/translations/zh-CN/data/features/custom-pattern-dry-run-ga.yml new file mode 100644 index 0000000000..8f75c8c6d4 --- /dev/null +++ b/translations/zh-CN/data/features/custom-pattern-dry-run-ga.yml @@ -0,0 +1,5 @@ +# Secret scanning: custom pattern dry run GA #7527 +versions: + ghec: '*' + ghes: '>3.6' + ghae: '问题-7527' diff --git a/translations/zh-CN/data/features/debug-reruns.yml b/translations/zh-CN/data/features/debug-reruns.yml new file mode 100644 index 0000000000..320c5e6a88 --- /dev/null +++ b/translations/zh-CN/data/features/debug-reruns.yml @@ -0,0 +1,7 @@ +# Issue 6629 +# Enabling debug logging when re-running jobs or workflows +versions: + fpt: '*' + ghec: '*' + ghes: '>=3.6' + ghae: 'issue-6629' diff --git a/translations/zh-CN/data/features/default-merge-squash-commit-message.yml b/translations/zh-CN/data/features/default-merge-squash-commit-message.yml new file mode 100644 index 0000000000..d0eef66ea4 --- /dev/null +++ b/translations/zh-CN/data/features/default-merge-squash-commit-message.yml @@ -0,0 +1,7 @@ +# Reference: issue #7597 +# Admin can control default PR merge/ squash commit messages +versions: + fpt: '*' + ghec: '*' + ghes: '>=3.7' + ghae: '问题-7597' diff --git a/translations/zh-CN/data/features/dependabot-alerts-development-label.yml b/translations/zh-CN/data/features/dependabot-alerts-development-label.yml new file mode 100644 index 0000000000..6429357998 --- /dev/null +++ b/translations/zh-CN/data/features/dependabot-alerts-development-label.yml @@ -0,0 +1,7 @@ +# Reference: Issue #6631 - Dependabot alerts: surface information about development dependencies - [GA] + +versions: + fpt: '*' + ghec: '*' + ghes: '>3.6' + ghae: '问题-6631' diff --git a/translations/zh-CN/data/features/dependabot-alerts-dismissal-comment.yml b/translations/zh-CN/data/features/dependabot-alerts-dismissal-comment.yml new file mode 100644 index 0000000000..c6f4cfc672 --- /dev/null +++ b/translations/zh-CN/data/features/dependabot-alerts-dismissal-comment.yml @@ -0,0 +1,7 @@ +# Reference: Issue #7673 - Dependabot alerts: optional comment with dismissal - [GA] + +versions: + fpt: '*' + ghec: '*' + ghes: '>3.6' + ghae: '问题-7673' diff --git a/translations/zh-CN/data/features/dependabot-alerts-vulnerable-calls.yml b/translations/zh-CN/data/features/dependabot-alerts-vulnerable-calls.yml new file mode 100644 index 0000000000..cc2c0a2442 --- /dev/null +++ b/translations/zh-CN/data/features/dependabot-alerts-vulnerable-calls.yml @@ -0,0 +1,5 @@ +# Reference: Issue #6076 introduction of label for "vulnerable calls" in Dependabot alerts +versions: + fpt: '*' + ghec: '*' + ghae: '问题-6076' diff --git a/translations/zh-CN/data/features/dependabot-bulk-alerts.yml b/translations/zh-CN/data/features/dependabot-bulk-alerts.yml new file mode 100644 index 0000000000..f5d72e0308 --- /dev/null +++ b/translations/zh-CN/data/features/dependabot-bulk-alerts.yml @@ -0,0 +1,6 @@ +# Reference: Issue #6076 ability to dismiss or re-open multiple Dependabot alerts +versions: + fpt: '*' + ghec: '*' + ghes: '>3.5' + ghae: '问题-6628' diff --git a/translations/zh-CN/data/features/dependabot-most-important-sort-option.yml b/translations/zh-CN/data/features/dependabot-most-important-sort-option.yml new file mode 100644 index 0000000000..d8477a5c96 --- /dev/null +++ b/translations/zh-CN/data/features/dependabot-most-important-sort-option.yml @@ -0,0 +1,7 @@ +# Reference: Issue #7510 - Dependabot alerts: "Most important" sort (prioritization score) - [GA] + +versions: + fpt: '*' + ghec: '*' + ghes: '>3.6' + ghae: '问题-7510' diff --git a/translations/zh-CN/data/features/dependabot-settings-update-37.yml b/translations/zh-CN/data/features/dependabot-settings-update-37.yml new file mode 100644 index 0000000000..f42f0958bc --- /dev/null +++ b/translations/zh-CN/data/features/dependabot-settings-update-37.yml @@ -0,0 +1,6 @@ +# Reference: Issue #7044 Update repository settings for Dependabot to include shortcut for Version updates +versions: + fpt: '*' + ghec: '*' + ghes: '>3.6' + ghae: '问题-7044' diff --git a/translations/zh-CN/data/features/dependency-review-action-ghes.yml b/translations/zh-CN/data/features/dependency-review-action-ghes.yml new file mode 100644 index 0000000000..d5bc08e890 --- /dev/null +++ b/translations/zh-CN/data/features/dependency-review-action-ghes.yml @@ -0,0 +1,4 @@ +# Reference: Issue #7753 Dependency review action has shipped with GHES 3.6 and needs admin docs +versions: + ghes: '>3.5' + ghae: '问题-7753' diff --git a/translations/zh-CN/data/features/dependency-review-action-licenses.yml b/translations/zh-CN/data/features/dependency-review-action-licenses.yml new file mode 100644 index 0000000000..ec85ab9be0 --- /dev/null +++ b/translations/zh-CN/data/features/dependency-review-action-licenses.yml @@ -0,0 +1,4 @@ +# Reference: Issue #7486 Configuring the dependency review action - [Public Beta] for GHES +versions: + fpt: '*' + ghec: '*' diff --git a/translations/zh-CN/data/features/dependency-submission-api.yml b/translations/zh-CN/data/features/dependency-submission-api.yml new file mode 100644 index 0000000000..6ab5ae4ed1 --- /dev/null +++ b/translations/zh-CN/data/features/dependency-submission-api.yml @@ -0,0 +1,7 @@ +# Reference: #6397 +# Documentation for dependency submission API (beta) +versions: + fpt: '*' + ghec: '*' + ghes: '>3.6' + ghae: 'issue-6397' diff --git a/translations/zh-CN/data/features/device-flow-is-opt-in.yml b/translations/zh-CN/data/features/device-flow-is-opt-in.yml new file mode 100644 index 0000000000..543d525448 --- /dev/null +++ b/translations/zh-CN/data/features/device-flow-is-opt-in.yml @@ -0,0 +1,6 @@ +# docs-content 6307. OAuth device auth flow is opt in. +versions: + fpt: '*' + ghec: '*' + ghes: '>3.4' + ghae: 'issue-6307' diff --git a/translations/zh-CN/data/features/discussions.yml b/translations/zh-CN/data/features/discussions.yml new file mode 100644 index 0000000000..66a3bb8592 --- /dev/null +++ b/translations/zh-CN/data/features/discussions.yml @@ -0,0 +1,4 @@ +versions: + fpt: '*' + ghec: '*' + ghes: '>=3.6' diff --git a/translations/zh-CN/data/features/docker-ghcr-enterprise-migration.yml b/translations/zh-CN/data/features/docker-ghcr-enterprise-migration.yml new file mode 100644 index 0000000000..993fa2f523 --- /dev/null +++ b/translations/zh-CN/data/features/docker-ghcr-enterprise-migration.yml @@ -0,0 +1,4 @@ +# Reference: #7360 +# Documentation for migration from Docker registry to Container registry for enterprise products +versions: + ghes: '>= 3.6' diff --git a/translations/zh-CN/data/features/enable-git-events.yml b/translations/zh-CN/data/features/enable-git-events.yml new file mode 100644 index 0000000000..43fb4f576f --- /dev/null +++ b/translations/zh-CN/data/features/enable-git-events.yml @@ -0,0 +1,5 @@ +# Reference: #7283 +# Documentation for enabling Git events in the audit log +versions: + ghes: '>=3.5' + ghae: '问题-7283' diff --git a/translations/zh-CN/data/features/enterprise-membership-view-improvements.yml b/translations/zh-CN/data/features/enterprise-membership-view-improvements.yml new file mode 100644 index 0000000000..27d315b816 --- /dev/null +++ b/translations/zh-CN/data/features/enterprise-membership-view-improvements.yml @@ -0,0 +1,4 @@ +versions: + ghec: '*' + ghes: '>=3.6' + ghae: 'issue-6344' diff --git a/translations/zh-CN/data/features/enterprise-namespace-repo-setting.yml b/translations/zh-CN/data/features/enterprise-namespace-repo-setting.yml new file mode 100644 index 0000000000..1fe76062f7 --- /dev/null +++ b/translations/zh-CN/data/features/enterprise-namespace-repo-setting.yml @@ -0,0 +1,6 @@ +# Reference: #7757 +# Setting to disable personal namespace repo creation for EMUs, GHES 3.7+ and GHAE 3.7+ users +versions: + ghec: '*' + ghes: '>=3.7' + ghae: '问题-7757' diff --git a/translations/zh-CN/data/features/enterprise-owner-join-org.yml b/translations/zh-CN/data/features/enterprise-owner-join-org.yml new file mode 100644 index 0000000000..a2468e2bd9 --- /dev/null +++ b/translations/zh-CN/data/features/enterprise-owner-join-org.yml @@ -0,0 +1,4 @@ +versions: + ghec: '*' + ghes: '>=3.6' + ghae: '问题-5740' diff --git a/translations/zh-CN/data/features/file-finder-exclusion-controls.yml b/translations/zh-CN/data/features/file-finder-exclusion-controls.yml new file mode 100644 index 0000000000..70051bdcf2 --- /dev/null +++ b/translations/zh-CN/data/features/file-finder-exclusion-controls.yml @@ -0,0 +1,7 @@ +# Reference: Issue #7579 - Improved file finder exclusion controls + +versions: + fpt: '*' + ghec: '*' + ghes: '>=3.7' + ghae: '问题-7579' diff --git a/translations/zh-CN/data/features/geoJSON-with-MapBox.yml b/translations/zh-CN/data/features/geoJSON-with-MapBox.yml new file mode 100644 index 0000000000..d53d3e1d6d --- /dev/null +++ b/translations/zh-CN/data/features/geoJSON-with-MapBox.yml @@ -0,0 +1,5 @@ +# Reference: #7429 +# Dotcom now uses Azure maps for geoJSON, but GHES/AE will still use the existing MapBox system +versions: + ghes: '*' + ghae: '*' diff --git a/translations/zh-CN/data/features/ghas-enablement-webhook.yml b/translations/zh-CN/data/features/ghas-enablement-webhook.yml new file mode 100644 index 0000000000..a5a94702c8 --- /dev/null +++ b/translations/zh-CN/data/features/ghas-enablement-webhook.yml @@ -0,0 +1,5 @@ +# docs-content 7314. GHAS enablement webhook +versions: + ghec: '*' + ghes: '>= 3.6' + ghae: '问题-7314' diff --git a/translations/zh-CN/data/features/ghe-announce-dismiss.yml b/translations/zh-CN/data/features/ghe-announce-dismiss.yml new file mode 100644 index 0000000000..827e9205db --- /dev/null +++ b/translations/zh-CN/data/features/ghe-announce-dismiss.yml @@ -0,0 +1,5 @@ +# Reference: #2221. +# Documentation for dismissing GHES announcement banner +versions: + ghes: '>=3.6' + ghae: '问题-6764' diff --git a/translations/zh-CN/data/features/internal-actions.yml b/translations/zh-CN/data/features/internal-actions.yml new file mode 100644 index 0000000000..28981916a5 --- /dev/null +++ b/translations/zh-CN/data/features/internal-actions.yml @@ -0,0 +1,4 @@ +versions: + ghec: '*' + ghes: '>=3.5' + ghae: '问题-5610' diff --git a/translations/zh-CN/data/features/ip-allow-list-address-check.yml b/translations/zh-CN/data/features/ip-allow-list-address-check.yml new file mode 100644 index 0000000000..8e472cd129 --- /dev/null +++ b/translations/zh-CN/data/features/ip-allow-list-address-check.yml @@ -0,0 +1,3 @@ +versions: + ghec: '*' + ghae: '问题-7818' diff --git a/translations/zh-CN/data/features/issue-close-reasons.yml b/translations/zh-CN/data/features/issue-close-reasons.yml new file mode 100644 index 0000000000..13589fc25c --- /dev/null +++ b/translations/zh-CN/data/features/issue-close-reasons.yml @@ -0,0 +1,7 @@ +# Issues 6363 +# Closed issue states +versions: + fpt: '*' + ghec: '*' + ghes: '>=3.6' + ghae: 'issue-6363' diff --git a/translations/zh-CN/data/features/job-hooks-for-runners.yml b/translations/zh-CN/data/features/job-hooks-for-runners.yml new file mode 100644 index 0000000000..17056a3408 --- /dev/null +++ b/translations/zh-CN/data/features/job-hooks-for-runners.yml @@ -0,0 +1,7 @@ +# Reference: #6530 +# Running scripts before or after a job +versions: + fpt: '*' + ghec: '*' + ghes: '>=3.6' + ghae: '问题-6530' diff --git a/translations/zh-CN/data/features/keyboard-shortcut-accessibility-setting.yml b/translations/zh-CN/data/features/keyboard-shortcut-accessibility-setting.yml new file mode 100644 index 0000000000..df13e39e00 --- /dev/null +++ b/translations/zh-CN/data/features/keyboard-shortcut-accessibility-setting.yml @@ -0,0 +1,7 @@ +# Reference: #4999. +# Documentation for the security manager org-level role +versions: + fpt: '*' + ghes: '>=3.4' + ghae: 'issue-5430' + ghec: '*' diff --git a/translations/zh-CN/data/features/math.yml b/translations/zh-CN/data/features/math.yml new file mode 100644 index 0000000000..757c79b230 --- /dev/null +++ b/translations/zh-CN/data/features/math.yml @@ -0,0 +1,7 @@ +# Issues 6054 +# Math support using LaTeX syntax +versions: + fpt: '*' + ghec: '*' + ghes: '>=3.6' + ghae: '问题-6054' diff --git a/translations/zh-CN/data/features/mermaid.yml b/translations/zh-CN/data/features/mermaid.yml new file mode 100644 index 0000000000..6acba84727 --- /dev/null +++ b/translations/zh-CN/data/features/mermaid.yml @@ -0,0 +1,7 @@ +# Issues 5812 and 6172, also 6411 +# Mermaid syntax support, also ASCII STL and geoJSON/topoJSON syntax support +versions: + fpt: '*' + ghec: '*' + ghes: '>=3.7' + ghae: '问题-6172' diff --git a/translations/zh-CN/data/features/motion-management.yml b/translations/zh-CN/data/features/motion-management.yml new file mode 100644 index 0000000000..10cfa589a9 --- /dev/null +++ b/translations/zh-CN/data/features/motion-management.yml @@ -0,0 +1,7 @@ +# Issue 6523 +# Support for customizing the automatic playback of animated images in the web interface +versions: + fpt: '*' + ghec: '*' + ghes: '>=3.6' + ghae: '问题-6523' diff --git a/translations/zh-CN/data/features/multiple-accounts-one-workstation.yml b/translations/zh-CN/data/features/multiple-accounts-one-workstation.yml new file mode 100644 index 0000000000..8f0bbb69e8 --- /dev/null +++ b/translations/zh-CN/data/features/multiple-accounts-one-workstation.yml @@ -0,0 +1,6 @@ +# Issue #7330 +# Documentation for managing multiple GitHub accounts on one workstation + +versions: + fpt: '*' + ghec: '*' diff --git a/translations/zh-CN/data/features/nested-reusable-workflow.yml b/translations/zh-CN/data/features/nested-reusable-workflow.yml new file mode 100644 index 0000000000..e2040d2f81 --- /dev/null +++ b/translations/zh-CN/data/features/nested-reusable-workflow.yml @@ -0,0 +1,7 @@ +# Issues 7093 +# Reusable workflows can call other reusable workflows +versions: + fpt: '*' + ghec: '*' + ghes: '>=3.7' + ghae: '问题-7093' diff --git a/translations/zh-CN/data/features/org-profile-pin-private.yml b/translations/zh-CN/data/features/org-profile-pin-private.yml new file mode 100644 index 0000000000..67834acefb --- /dev/null +++ b/translations/zh-CN/data/features/org-profile-pin-private.yml @@ -0,0 +1,7 @@ +# Issue #6171 +# Documentation for the "Org profile pin private/internal repos" +versions: + fpt: '*' + ghec: '*' + ghes: '>=3.6' + ghae: '问题-6171' diff --git a/translations/zh-CN/data/features/packages-npm-v2.yml b/translations/zh-CN/data/features/packages-npm-v2.yml new file mode 100644 index 0000000000..aaebb7fbfc --- /dev/null +++ b/translations/zh-CN/data/features/packages-npm-v2.yml @@ -0,0 +1,5 @@ +# Issue 7039 +# npm Package Registry Improvements (v2) GA +versions: + fpt: '*' + ghec: '*' diff --git a/translations/zh-CN/data/features/pages-custom-workflow.yml b/translations/zh-CN/data/features/pages-custom-workflow.yml new file mode 100644 index 0000000000..94ab08b480 --- /dev/null +++ b/translations/zh-CN/data/features/pages-custom-workflow.yml @@ -0,0 +1,5 @@ +# Issue 7066 +# Publishing Pages via custom Actions workflow +versions: + fpt: '*' + ghec: '*' diff --git a/translations/zh-CN/data/features/partial-reruns-with-reusable.yml b/translations/zh-CN/data/features/partial-reruns-with-reusable.yml new file mode 100644 index 0000000000..53c14ecc87 --- /dev/null +++ b/translations/zh-CN/data/features/partial-reruns-with-reusable.yml @@ -0,0 +1,6 @@ +# Issue #7062 +versions: + fpt: '*' + ghec: '*' + ghes: '>=3.5' + ghae: '问题-7062' diff --git a/translations/zh-CN/data/features/pr-tree-view.yml b/translations/zh-CN/data/features/pr-tree-view.yml new file mode 100644 index 0000000000..7e93dea288 --- /dev/null +++ b/translations/zh-CN/data/features/pr-tree-view.yml @@ -0,0 +1,7 @@ +# Issue 5892 +# PR file tree view +versions: + fpt: '*' + ghec: '*' + ghes: '>=3.6' + ghae: 'issue-5892' diff --git a/translations/zh-CN/data/features/project-beta-webhooks.yml b/translations/zh-CN/data/features/project-beta-webhooks.yml new file mode 100644 index 0000000000..757aa1a65b --- /dev/null +++ b/translations/zh-CN/data/features/project-beta-webhooks.yml @@ -0,0 +1,5 @@ +# Issue 6981 +# Projects (beta) webhooks +versions: + fpt: '*' + ghec: '*' diff --git a/translations/zh-CN/data/features/projects-oauth-scope.yml b/translations/zh-CN/data/features/projects-oauth-scope.yml new file mode 100644 index 0000000000..5e7e86fd1c --- /dev/null +++ b/translations/zh-CN/data/features/projects-oauth-scope.yml @@ -0,0 +1,5 @@ +# Issue 7302 +# ProjectV2 GraphQL API +versions: + fpt: '*' + ghec: '*' diff --git a/translations/zh-CN/data/features/projects-v1.yml b/translations/zh-CN/data/features/projects-v1.yml new file mode 100644 index 0000000000..c217fc003d --- /dev/null +++ b/translations/zh-CN/data/features/projects-v1.yml @@ -0,0 +1,8 @@ +# Issue 6980 +# Projects (classic) +# n.b. /managing-project-boards/copying-a-project-board.md retains ghec/fpt versioning. +versions: + fpt: '*' + ghec: '*' + ghes: '*' + ghae: '*' diff --git a/translations/zh-CN/data/features/projects-v2.yml b/translations/zh-CN/data/features/projects-v2.yml new file mode 100644 index 0000000000..0360682940 --- /dev/null +++ b/translations/zh-CN/data/features/projects-v2.yml @@ -0,0 +1,6 @@ +# Issue 6980 +# ProjectV2 GA +versions: + fpt: '*' + ghec: '*' + ghae: '问题-6980' diff --git a/translations/zh-CN/data/features/push-protection-custom-link-orgs-beta.yml b/translations/zh-CN/data/features/push-protection-custom-link-orgs-beta.yml new file mode 100644 index 0000000000..1b8d320f9c --- /dev/null +++ b/translations/zh-CN/data/features/push-protection-custom-link-orgs-beta.yml @@ -0,0 +1,8 @@ +# Issue 7299 +# Push protection custom links beta flags +# See "push-protection-custom-link-orgs" for the feature +versions: + fpt: '*' + ghec: '*' + ghes: '>=3.7' + ghae: '问题-7299' diff --git a/translations/zh-CN/data/features/push-protection-custom-link-orgs.yml b/translations/zh-CN/data/features/push-protection-custom-link-orgs.yml new file mode 100644 index 0000000000..9b4ffb22d7 --- /dev/null +++ b/translations/zh-CN/data/features/push-protection-custom-link-orgs.yml @@ -0,0 +1,8 @@ +# Issue 7299 +# Push protection custom links +# See "push-protection-custom-link-orgs-beta" for the beta flags +versions: + fpt: '*' + ghec: '*' + ghes: '>=3.7' + ghae: '问题-7299' diff --git a/translations/zh-CN/data/features/re-run-jobs.yml b/translations/zh-CN/data/features/re-run-jobs.yml new file mode 100644 index 0000000000..31a13136ba --- /dev/null +++ b/translations/zh-CN/data/features/re-run-jobs.yml @@ -0,0 +1,7 @@ +# Issue 4722 +# Re-running failed jobs in an Actions workflow +versions: + fpt: '*' + ghec: '*' + ghes: '>=3.5' + ghae: 'issue-4722' diff --git a/translations/zh-CN/data/features/remove-enterprise-members.yml b/translations/zh-CN/data/features/remove-enterprise-members.yml new file mode 100644 index 0000000000..d78d06b4f4 --- /dev/null +++ b/translations/zh-CN/data/features/remove-enterprise-members.yml @@ -0,0 +1,3 @@ +versions: + ghec: '*' + ghae: '问题-5739' diff --git a/translations/zh-CN/data/features/require-tls-for-smtp.yml b/translations/zh-CN/data/features/require-tls-for-smtp.yml new file mode 100644 index 0000000000..4f9de7ca76 --- /dev/null +++ b/translations/zh-CN/data/features/require-tls-for-smtp.yml @@ -0,0 +1,4 @@ +# Reference 7394 +# Documentation for the option to enforce TLS encryption for incoming SMTP connections +versions: + ghes: '>=3.6' diff --git a/translations/zh-CN/data/features/required-deployments.yml b/translations/zh-CN/data/features/required-deployments.yml new file mode 100644 index 0000000000..c1b7fc94d1 --- /dev/null +++ b/translations/zh-CN/data/features/required-deployments.yml @@ -0,0 +1,7 @@ +# Issue 6384 +# Required deployments branch protection rule +versions: + fpt: '*' + ghec: '*' + ghes: '>=3.5' + ghae: 'issue-6384' diff --git a/translations/zh-CN/data/features/secret-scanning-custom-enterprise-35.yml b/translations/zh-CN/data/features/secret-scanning-custom-enterprise-35.yml new file mode 100644 index 0000000000..6ab224b749 --- /dev/null +++ b/translations/zh-CN/data/features/secret-scanning-custom-enterprise-35.yml @@ -0,0 +1,6 @@ +# Issues: changes to custom patterns for secret scanning +# #6367: updates for the "organization level dry runs (Public Beta)" +# #5499: updates for the "repository level dry runs (Public Beta)" +versions: + ghes: '>3.4 <3.7' + ghae: '问题-6367' diff --git a/translations/zh-CN/data/features/secret-scanning-custom-enterprise-36.yml b/translations/zh-CN/data/features/secret-scanning-custom-enterprise-36.yml new file mode 100644 index 0000000000..05b5a77999 --- /dev/null +++ b/translations/zh-CN/data/features/secret-scanning-custom-enterprise-36.yml @@ -0,0 +1,6 @@ +# Issues: changes to custom patterns for secret scanning +# #6904: updates for "enterprise account level dry runs (Public Beta)" +# #7297: updates for dry runs on editing patterns (Public Beta) +versions: + ghes: '>3.5 <3.7' + ghae: '问题-6904' diff --git a/translations/zh-CN/data/features/secret-scanning-push-protection.yml b/translations/zh-CN/data/features/secret-scanning-push-protection.yml new file mode 100644 index 0000000000..cdc8054e09 --- /dev/null +++ b/translations/zh-CN/data/features/secret-scanning-push-protection.yml @@ -0,0 +1,6 @@ +# Reference: #5620. +# Documentation for secret scanning as a push protection +versions: + ghes: '>=3.5' + ghae: 'issue-5620' + ghec: '*' diff --git a/translations/zh-CN/data/features/security-advisories-ghes-ghae.yml b/translations/zh-CN/data/features/security-advisories-ghes-ghae.yml new file mode 100644 index 0000000000..70f00fa47d --- /dev/null +++ b/translations/zh-CN/data/features/security-advisories-ghes-ghae.yml @@ -0,0 +1,4 @@ +# Reference: Issue #6982 Community Contributions to Security Advisories - Enterprise 3.6 +versions: + ghes: '>=3.6' + ghae: '问题-6982' diff --git a/translations/zh-CN/data/features/security-overview-displayed-alerts.yml b/translations/zh-CN/data/features/security-overview-displayed-alerts.yml new file mode 100644 index 0000000000..03562af41d --- /dev/null +++ b/translations/zh-CN/data/features/security-overview-displayed-alerts.yml @@ -0,0 +1,6 @@ +# Reference: #7114. +# Documentation for security overview availability to all enterprise accounts. +versions: + ghec: '*' + ghes: '>=3.7' + ghae: '问题-7114' diff --git a/translations/zh-CN/data/features/security-overview-feature-specific-alert-page.yml b/translations/zh-CN/data/features/security-overview-feature-specific-alert-page.yml new file mode 100644 index 0000000000..a3ac7515ce --- /dev/null +++ b/translations/zh-CN/data/features/security-overview-feature-specific-alert-page.yml @@ -0,0 +1,7 @@ +# Reference: #7028. +# Documentation for feature-specific page for security overview at enterprise-level. +versions: + fpt: '*' + ghec: '*' + ghes: '>3.5' + ghae: 'issue-7028' diff --git a/translations/zh-CN/data/features/ssh-commit-verification.yml b/translations/zh-CN/data/features/ssh-commit-verification.yml new file mode 100644 index 0000000000..87f1f3d243 --- /dev/null +++ b/translations/zh-CN/data/features/ssh-commit-verification.yml @@ -0,0 +1,8 @@ +# Reference: github/docs-content#6709 +# Initial docs for showing SSH signed commits as verified and +# uploading SSH signing keys +versions: + fpt: '*' + ghec: '*' + ghes: '>= 3.7' + ghae: '*' diff --git a/translations/zh-CN/data/features/svg-support.yml b/translations/zh-CN/data/features/svg-support.yml new file mode 100644 index 0000000000..0203d64cb9 --- /dev/null +++ b/translations/zh-CN/data/features/svg-support.yml @@ -0,0 +1,5 @@ +# Releases issue #1951 +# Support upload of SVG files +versions: + fpt: '*' + ghec: '*' diff --git a/translations/zh-CN/data/features/syncing-fork-web-ui.yml b/translations/zh-CN/data/features/syncing-fork-web-ui.yml new file mode 100644 index 0000000000..83f40298f5 --- /dev/null +++ b/translations/zh-CN/data/features/syncing-fork-web-ui.yml @@ -0,0 +1,7 @@ +# Issue 7629 +# Improved UI for manually syncing a fork +versions: + fpt: '*' + ghec: '*' + ghes: '>=3.7' + ghae: '问题-7629' diff --git a/translations/zh-CN/data/features/totp-and-mobile-sudo-challenge.yml b/translations/zh-CN/data/features/totp-and-mobile-sudo-challenge.yml new file mode 100644 index 0000000000..caf7524585 --- /dev/null +++ b/translations/zh-CN/data/features/totp-and-mobile-sudo-challenge.yml @@ -0,0 +1,6 @@ +# TOTP and mobile challenge for sudo mode prompt. + +versions: + fpt: '*' + ghec: '*' + ghes: '>= 3.7' diff --git a/translations/zh-CN/data/features/upload-expired-or-revoked-gpg-key.yml b/translations/zh-CN/data/features/upload-expired-or-revoked-gpg-key.yml new file mode 100644 index 0000000000..f1b605e79b --- /dev/null +++ b/translations/zh-CN/data/features/upload-expired-or-revoked-gpg-key.yml @@ -0,0 +1,8 @@ +# Issue: 7123 +# Description: Allow adding expired and revoked GPG keys for verifying commit and tag signatures +# Usage: {% ifversion upload-expired-or-revoked-gpg-key %} ... {% endif %} +versions: + fpt: '*' + ghec: '*' + ghes: '>=3.6' + ghae: '问题-7123' diff --git a/translations/zh-CN/data/learning-tracks/admin.yml b/translations/zh-CN/data/learning-tracks/admin.yml new file mode 100644 index 0000000000..b22fecb9ac --- /dev/null +++ b/translations/zh-CN/data/learning-tracks/admin.yml @@ -0,0 +1,139 @@ +get_started_with_github_ae: + title: '{% data variables.product.prodname_ghe_managed %} 入门' + description: '了解 {% data variables.product.prodname_ghe_managed %} 并完成新企业的初始配置。' + featured_track: true + versions: + ghae: '*' + guides: + - /admin/overview/about-github-ae + - /admin/overview/about-data-residency + - /admin/configuration/configuring-your-enterprise/deploying-github-ae + - /admin/configuration/initializing-github-ae + - /admin/configuration/restricting-network-traffic-to-your-enterprise + - /admin/github-actions/getting-started-with-github-actions-for-github-ae + +deploy_an_instance: + title: '部署实例' + description: '在你选择的平台上安装 {% data variables.product.prodname_ghe_server %} 并配置 SAML 身份验证。' + featured_track: true + versions: + ghes: '*' + guides: + - /admin/overview/system-overview + - /admin/installation + - /admin/configuration/accessing-the-management-console + - /admin/configuration/configuring-a-hostname + - /admin/authentication/using-saml + - /admin/configuration/site-admin-dashboard + +upgrade_your_instance: + title: '升级实例' + description: '分阶段测试升级,通知用户维护,并升级实例以获取最新功能和安全更新。' + versions: + ghes: '*' + guides: + - /admin/enterprise-management/enabling-automatic-update-checks + - /admin/installation/setting-up-a-staging-instance + - /admin/enterprise-management/upgrade-requirements + - /admin/user-management/customizing-user-messages-for-your-enterprise + - /admin/configuration/enabling-and-scheduling-maintenance-mode + - /admin/enterprise-management/upgrading-github-enterprise-server + +adopting_github_actions_for_your_enterprise_ghec: + title: '为企业采用 GitHub Actions' + description: '了解如何在企业中计划和实现 {% data variables.product.prodname_actions %} 的推出。' + versions: + ghec: '*' + guides: + - /admin/github-actions/getting-started-with-github-actions-for-your-enterprise/about-github-actions-for-enterprises + - /actions/learn-github-actions/understanding-github-actions + - /admin/github-actions/getting-started-with-github-actions-for-your-enterprise/introducing-github-actions-to-your-enterprise + - /admin/github-actions/getting-started-with-github-actions-for-your-enterprise/migrating-your-enterprise-to-github-actions + - /admin/github-actions/getting-started-with-github-actions-for-your-enterprise/getting-started-with-github-actions-for-github-enterprise-cloud + - /actions/security-guides/security-hardening-for-github-actions + - /billing/managing-billing-for-github-actions/about-billing-for-github-actions + +adopting_github_actions_for_your_enterprise_ghes_and_ghae: + title: '为企业采用 GitHub Actions' + description: '了解如何在企业中计划和实现 {% data variables.product.prodname_actions %} 的推出。' + versions: + ghes: '*' + ghae: '*' + guides: + - /admin/github-actions/getting-started-with-github-actions-for-your-enterprise/about-github-actions-for-enterprises + - /actions/learn-github-actions/understanding-github-actions + - /admin/github-actions/getting-started-with-github-actions-for-your-enterprise/introducing-github-actions-to-your-enterprise + - /admin/github-actions/getting-started-with-github-actions-for-your-enterprise/migrating-your-enterprise-to-github-actions + - /admin/github-actions/getting-started-with-github-actions-for-your-enterprise/getting-started-with-github-actions-for-github-enterprise-cloud + - /admin/github-actions/getting-started-with-github-actions-for-your-enterprise/getting-started-with-github-actions-for-github-enterprise-server + - /admin/github-actions/getting-started-with-github-actions-for-your-enterprise/getting-started-with-self-hosted-runners-for-your-enterprise + - /actions/security-guides/security-hardening-for-github-actions + - /billing/managing-billing-for-github-actions/about-billing-for-github-actions + +increase_fault_tolerance: + title: '提高实例的容错能力' + description: "备份开发者代码并配置高可用性 (HA),以确保环境中 {% data variables.product.prodname_ghe_server %} 的可靠性。" + versions: + ghes: '*' + guides: + - /admin/configuration/accessing-the-administrative-shell-ssh + - /admin/configuration/configuring-backups-on-your-appliance + - /admin/enterprise-management/about-high-availability-configuration + - /admin/enterprise-management/creating-a-high-availability-replica + - /admin/configuration/using-github-enterprise-server-with-a-load-balancer + +improve_security_of_your_instance: + title: '提高实例的安全性' + description: "查看网络配置和安全功能,并强化运行 {% data variables.product.prodname_ghe_server %} 的实例,以保护你的企业数据。" + versions: + ghes: '*' + guides: + - /admin/configuration/enabling-private-mode + - /admin/guides/installation/configuring-tls + - /admin/configuration/troubleshooting-ssl-errors + - /admin/configuration/enabling-subdomain-isolation + - /admin/configuration/accessing-the-administrative-shell-ssh + - /admin/configuration/network-ports + - /admin/configuration/configuring-built-in-firewall-rules + - /admin/user-management/best-practices-for-user-security + - /admin/user-management/promoting-or-demoting-a-site-administrator + +configure_github_actions: + title: '配置 {% data variables.product.prodname_actions %}' + description: '开发者可以使用 {% data variables.product.prodname_actions %} 为 {% data variables.product.product_location %} 创建、自动化、自定义和执行功能强大的软件开发工作流。' + versions: + ghes: '*' + guides: + - /admin/github-actions/getting-started-with-github-actions-for-github-enterprise-server + - /admin/github-actions/enforcing-github-actions-policies-for-your-enterprise + - /admin/github-actions/enabling-automatic-access-to-githubcom-actions-using-github-connect + - /admin/github-actions/high-availability-for-github-actions + - /admin/github-actions/backing-up-and-restoring-github-enterprise-server-with-github-actions-enabled + - /admin/github-actions/using-a-staging-environment + +configure_github_advanced_security: + title: '配置 {% data variables.product.prodname_GH_advanced_security %}' + description: "通过 {% data variables.product.prodname_GH_advanced_security %} 提高开发者代码的质量和安全性。" + versions: + ghes: '*' + guides: + - /admin/advanced-security/about-licensing-for-github-advanced-security + - /admin/advanced-security/enabling-github-advanced-security-for-your-enterprise + - /admin/advanced-security/configuring-code-scanning-for-your-appliance + - /admin/code-security/managing-github-advanced-security-for-your-enterprise/configuring-dependency-review-for-your-appliance + - /admin/advanced-security/configuring-secret-scanning-for-your-appliance + - /admin/policies/enforcing-policies-for-advanced-security-in-your-enterprise + +get_started_with_your_enterprise_account: + title: '开始使用企业帐户' + description: '开始使用企业帐户,在 {% data variables.product.product_name %} 上集中管理多个组织。' + versions: + ghes: '*' + ghec: '*' + guides: + - /admin/overview/about-enterprise-accounts + - /billing/managing-billing-for-your-github-account/about-billing-for-your-enterprise + - /admin/user-management/managing-users-in-your-enterprise/inviting-people-to-manage-your-enterprise + - /admin/user-management/managing-organizations-in-your-enterprise/adding-organizations-to-your-enterprise + - /admin/authentication/managing-identity-and-access-for-your-enterprise/configuring-saml-single-sign-on-for-your-enterprise + - /admin/policies/enforcing-policies-for-your-enterprise/about-enterprise-policies diff --git a/translations/zh-CN/data/learning-tracks/code-security.yml b/translations/zh-CN/data/learning-tracks/code-security.yml new file mode 100644 index 0000000000..3f545dfa4c --- /dev/null +++ b/translations/zh-CN/data/learning-tracks/code-security.yml @@ -0,0 +1,124 @@ +# Feature available only on dotcom +security_advisories: + title: '修复并披露安全漏洞' + description: '使用存储库安全建议私下修复报告的漏洞并获取 CVE。' + featured_track: '{% ifversion fpt or ghec %}true{% else %}false{% endif %}' + guides: + - /code-security/repository-security-advisories/about-coordinated-disclosure-of-security-vulnerabilities + - /code-security/repository-security-advisories/creating-a-repository-security-advisory + - /code-security/repository-security-advisories/adding-a-collaborator-to-a-repository-security-advisory + - /code-security/repository-security-advisories/collaborating-in-a-temporary-private-fork-to-resolve-a-repository-security-vulnerability + - /code-security/repository-security-advisories/publishing-a-repository-security-advisory + - /code-security/repository-security-advisories/editing-a-repository-security-advisory + - /code-security/repository-security-advisories/withdrawing-a-repository-security-advisory + - /code-security/repository-security-advisories/removing-a-collaborator-from-a-repository-security-advisory + +# Feature available on dotcom and GHES 3.3+, so articles available on GHAE and earlier GHES hidden to hide the learning track +dependabot_alerts: + title: '获取有关不安全依赖项的通知' + description: '设置 Dependabot 提醒你的依赖项中有新漏洞{% ifversion GH-advisory-db-supports-malware %}或恶意软件{% endif %}。' + guides: + - /code-security/dependabot/dependabot-alerts/about-dependabot-alerts + - '{% ifversion fpt or ghec or ghes > 3.2 %}/github/administering-a-repository/managing-repository-settings/managing-security-and-analysis-settings-for-your-repository{% endif %}' + - /code-security/dependabot/dependabot-alerts/viewing-and-updating-dependabot-alerts + - /code-security/dependabot/dependabot-alerts/configuring-notifications-for-dependabot-alerts + - /code-security/dependabot/working-with-dependabot/managing-pull-requests-for-dependency-updates + - /code-security/dependabot/working-with-dependabot/troubleshooting-the-detection-of-vulnerable-dependencies + - /code-security/dependabot/working-with-dependabot/troubleshooting-dependabot-errors + +# Feature available on dotcom and GHES 3.3+, so articles available on GHAE and earlier GHES hidden to hide the learning track +dependabot_security_updates: + title: '获取拉取请求以更新你的漏洞依赖项' + description: '设置 Dependabot 以在报告新漏洞时创建拉取请求。' + guides: + - /code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates + - /code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates + - '{% ifversion fpt or ghec or ghes > 3.2 %}/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-notifications-for-vulnerable-dependencies{% endif %}' + - '{% ifversion fpt or ghec or ghes > 3.2 %}/github/administering-a-repository/managing-repository-settings/managing-security-and-analysis-settings-for-your-repository{% endif %}' + - /code-security/dependabot/working-with-dependabot/managing-pull-requests-for-dependency-updates + - '{% ifversion fpt or ghec or ghes > 3.2 %}/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-the-detection-of-vulnerable-dependencies{% endif %}' + +# Feature available only on dotcom and GHES 3.3+ +dependency_version_updates: + title: '保持更新依赖项' + description: '使用 Dependabot 检查新版本并创建拉取请求来更新你的依赖项。' + guides: + - /code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates + - /code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates + - /code-security/dependabot/dependabot-version-updates/customizing-dependency-updates + - /code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file + - /code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot + - /code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions + - /code-security/dependabot/dependabot-version-updates/listing-dependencies-configured-for-version-updates + - /code-security/dependabot/working-with-dependabot/managing-encrypted-secrets-for-dependabot + - /code-security/dependabot/working-with-dependabot/managing-pull-requests-for-dependency-updates + - /code-security/dependabot/working-with-dependabot/troubleshooting-dependabot-errors + +# Feature available in GHEC, GHES 3.0 up, and GHAE. Feature limited on FPT so hidden there. +secret_scanning: + title: '扫描机密' + description: '设置机密扫描以防意外检入令牌、密码和其他机密到你的存存储库。' + guides: + - '{% ifversion not fpt %}/code-security/secret-scanning/about-secret-scanning{% endif %}' + - '{% ifversion not fpt %}/code-security/secret-scanning/configuring-secret-scanning-for-your-repositories{% endif %}' + - '{% ifversion not fpt %}/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning{% endif %}' + - '{% ifversion not fpt %}/code-security/secret-scanning/managing-alerts-from-secret-scanning{% endif %}' + - '{% ifversion not fpt %}/code-security/secret-scanning/secret-scanning-patterns{% endif %}' + - '{% ifversion secret-scanning-push-protection %}/code-security/secret-scanning/protecting-pushes-with-secret-scanning{% endif %}' + - '{% ifversion secret-scanning-push-protection %}/code-security/secret-scanning/pushing-a-branch-blocked-by-push-protection{% endif %}' + +# Security overview feature available in GHEC and GHES 3.2+, so other articles hidden to hide the learning path in other versions +security_alerts: + title: '探索和管理安全警报' + description: '了解在哪里可以查找和解决安全警报。' + guides: + - '{% ifversion ghec or ghes > 3.1 %}/code-security/security-overview/about-the-security-overview {% endif %}' + - '{% ifversion ghec or ghes > 3.1 %}/code-security/security-overview/viewing-the-security-overview {% endif %}' + - '{% ifversion ghec or ghes > 3.1 %}/code-security/secret-scanning/managing-alerts-from-secret-scanning {% endif %}' + - '{% ifversion ghec or ghes > 3.1 %}/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/managing-code-scanning-alerts-for-your-repository{% endif %}' + - '{% ifversion ghec or ghes > 3.1 %}/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/triaging-code-scanning-alerts-in-pull-requests{% endif %}' + - '{% ifversion ghec or ghes > 3.1 %}/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/viewing-and-updating-vulnerable-dependencies-in-your-repository{% endif %}' + +# Feature available in all versions from GHES 2.22 up +code_security_actions: + title: '使用 GitHub Actions 运行代码扫描' + description: '检查默认分支和每个拉取请求,以排除存储库中的漏洞和错误。' + featured_track: '{% ifversion ghae or ghes %}true{% else %}false{% endif %}' + guides: + - /code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning + - /code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/setting-up-code-scanning-for-a-repository + - /code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning + - /code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-the-codeql-workflow-for-compiled-languages + - /code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/running-codeql-code-scanning-in-a-container + - /code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/troubleshooting-the-codeql-workflow + +# Feature available in all versions from GHES 2.22 up +code_security_integration: + title: '与代码扫描集成' + description: '使用 SARIF 将分析结果从第三方系统上传到 GitHub。' + guides: + - /code-security/code-scanning/integrating-with-code-scanning/about-integration-with-code-scanning + - /code-security/code-scanning/integrating-with-code-scanning/uploading-a-sarif-file-to-github + - /code-security/code-scanning/integrating-with-code-scanning/sarif-support-for-code-scanning + - /rest/reference/code-scanning + +# Feature available in all versions from GHES 2.22 up +code_security_ci: + title: '在 CI 中运行 CodeQL 代码扫描' + description: '在现有的 CI 中设置 CodeQL 并将结果上传到 GitHub 代码扫描。' + guides: + - /code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/about-codeql-code-scanning-in-your-ci-system + - /code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/installing-codeql-cli-in-your-ci-system + - /code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/configuring-codeql-cli-in-your-ci-system + - /code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/migrating-from-the-codeql-runner-to-codeql-cli + - /code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/troubleshooting-codeql-runner-in-your-ci-system + +# Feature available in all versions +end_to_end_supply_chain: + title: '端到端供应链' + description: '如何考虑保护用户帐户、代码和生成流程。' + guides: + - /code-security/supply-chain-security/end-to-end-supply-chain/end-to-end-supply-chain-overview + - /code-security/supply-chain-security/end-to-end-supply-chain/securing-accounts + - /code-security/supply-chain-security/end-to-end-supply-chain/securing-code + - /code-security/supply-chain-security/end-to-end-supply-chain/securing-builds diff --git a/translations/zh-CN/data/release-notes/enterprise-server/2-20/0.yml b/translations/zh-CN/data/release-notes/enterprise-server/2-20/0.yml new file mode 100644 index 0000000000..3fd77690d3 --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/2-20/0.yml @@ -0,0 +1,44 @@ +date: '2020-02-11' +sections: + features: + - '在存储库分支上,存储库管理员可以使用[分支保护规则](https://help.github.com/en/github/administering-a-repository/enabling-branch-restrictions)启用“需要线性历史记录”,从而拒绝包含合并提交的任何推送。{% comment %} https://github.blog/changelog/2019-12-04-expanded-branch-protection-rules/ {% endcomment %}' + - '存储库管理员可以使用[分支保护规则](https://help.github.com/en/github/administering-a-repository/enabling-branch-restrictions)启用“允许强制推送”,从而授予所有用户强制推送到受保护的分支的能力。{% comment %} https://github.blog/changelog/2019-12-04-expanded-branch-protection-rules/、https://github.com/github/ce-oss-happiness/issues/42、https://github.com/github/github/pull/125950 {% endcomment %}' + - '存储库管理员可以使用[分支保护规则](https://help.github.com/en/github/administering-a-repository/enabling-branch-restrictions)启用“允许删除”,从而授予所有具有推送权限的用户删除受保护分支的能力。{% comment %} https://github.blog/changelog/2019-12-04-expanded-branch-protection-rules/ {% endcomment %}' + - '管理员可以在存储库上设置 `maxobjectsize` 限制、对不在 [Git LFS](https://help.github.com/en/enterprise/admin/installation/configuring-git-large-file-storage-on-github-enterprise-server) 中的存储库[限制推送提交的大小](https://help.github.com/en/enterprise/admin/installation/setting-git-push-limits)。{% comment %} https://github.com/github/babeld/pull/864、https://team.githubapp.com/posts/33519、https://github.com/githubcustomers/Slack/issues/27 {% endcomment %}' + - '组织所有者在创建新存储库时可以创建一组默认标签。{% comment %} https://github.com/github/issues-projects/issues/237、https://github.com/github/issues-projects/issues/179 {% endcomment %}' + security_fixes: + - 包已更新到最新的安全版本。 + bugs: + - '当组织的成员尝试查看该组织的公共存储库时,SSO 提示可能会中断页面显示。{% comment %} https://github.com/github/github/issues/126677、https://github.com/github/github/pull/127501 {% endcomment %}' + - "查看用户配置文件时,指向该用户团队的链接可能会断开。{% comment %} https://github.com/github/github/issues/131771、https://github.com/github/github/pull/131865 {% endcomment %}" + - '具有 `maintain` 角色的用户无法编辑存储库主题。{% comment %} https://github.com/github/github/pull/129503、https://github.com/github/github/issues/119456 {% endcomment %}' + - "不是组织管理员的用户在尝试访问注册页面时将收到 500 个错误。{% comment %} https://github.com/github/github/pull/129213、https://github.com/github/github/issues/129210、https://github.com/github/github/issues/129212 {% endcomment %}" + - '编辑历史记录弹出窗口不会显示在 Gist 注释上。{% comment %} https://github.com/github/github/pull/129134、https://github.com/github/github/issues/128496 {% endcomment %}' + - '使用已注册的电子邮件地址可以注册新帐户。{% comment %} https://github.com/github/github/pull/127905、https://github.com/github/github/issues/127858 {% endcomment %}' + - '存储服务达到文件描述符限制,并导致内核挂起和其他服务记录错误。{% comment %} https://github.com/github/enterprise2/pull/18775 {% endcomment %}' + - '当自动链接引用是 URL 的一部分时,可以删除超链接。{% comment %} https://github.com/github/github/pull/126776 {% endcomment %}' + - '向拉取请求添加注释时,侧边栏中的“链接的议题”部分可能会消失。{% comment %} https://github.com/github/issues-projects/issues/384、https://github.com/github/github/pull/130514 {% endcomment %}' + - '编辑用户的现有组织邀请时,`Teams` 表上可能会显示重复的标头。{% comment %} https://github.com/github/github/issues/120381、https://github.com/github/github/pull/128939 {% endcomment %}' + - '当队列变得太大时,`resqued` 服务可能会停止记录事件。{% comment %} https://github.com/github/github/pull/130087、https://github.com/github/business-support/issues/2696 {% endcomment %}' + - '对于群集和高可用性配置运行 `ghe-config-apply` 命令时,不会自动生成自签名证书。{% comment %} https://github.com/github/enterprise2/pull/18773 {% endcomment %}' + changes: + - '如果尚未上传主题,则不会显示徽标。{% comment %} https://github.com/github/github/issues/130513、https://github.com/github/github/pull/130515 {% endcomment %}' + - '在移动浏览器上查看问题时,问题元数据将列在页面顶部。{% comment %} https://github.com/github/github/pull/127560 {% endcomment %}' + - 'Consul 的顶级域已从“.consul”更改为“.ghe.local”。{% comment %} https://github.com/github/enterprise2/pull/17443、https://github.com/github/enterprise2/issues/17701 {% endcomment %}' + - 'Hookshot 服务不再依赖 ElasticSearch,只能使用 MySQL 作为数据库存储。{% comment %} https://github.com/github/enterprise2/pull/18158、https://github.com/github/hookshot/pull/1128、https://github.com/github/enterprise2/pull/15898 {% endcomment %}' + - '在项目说明卡上改进了问题、项目及讨论之间的视觉区分。{% comment %} https://github.com/github/github/pull/132038 {% endcomment %}' + - '在拉取请求审阅中,如果多行注释被截断,将显示通知。{% comment %} https://github.com/github/github/issues/125948、https://github.com/github/github/pull/128677 {% endcomment %}' + - '用户可以在个人设置页面的“安全日志”选项卡上查看其审核日志。{% comment %} https://github.com/github/github/pull/123041{% endcomment %}' + known_issues: + - '在新建的没有任何用户的 GitHub Enterprise Server 上,攻击者可以创建第一个管理员用户。{% comment %} https://github.com/github/enterprise2/issues/1889 {% endcomment %}' + - '在升级期间不会维护自定义防火墙规则。{% comment %} https://github.com/github/enterprise2/issues/2823 {% endcomment %}' + - '[通过 Web 界面上传](https://github.com/blog/2105-upload-files-to-your-repositories)的 Git LFS 跟踪文件被错误地直接添加到存储库。{% comment %} https://github.com/github/github/issues/54684 {% endcomment %}' + - '如果问题包含同一存储库中文件路径长于 255 个字符的 blob 的永久链接,则问题无法关闭。{% comment %} https://github.com/github/github/issues/107731 {% endcomment %}' + - '推送到 Gist 时,可能会在后接收挂钩期间触发异常。{% comment %} https://github.com/github/github/issues/129091 {% endcomment %}' + - "数据库中重复的 Webhook 条目可能会导致从早期版本的升级失败。(更新时间:2020-02-26)" + - '如果自定义了后台工作进程配置,则升级和设置更新将失败。{% comment %} https://github.com/github/enterprise2/issues/19119 {% endcomment %}' + - '在 GitHub Connect 中启用了“用户可以搜索 GitHub.com”时,专用和内部存储库中的问题不包括在 GitHub.com 搜索结果中。{% comment %} https://github.com/github/admin-experience/issues/571 {% endcomment %}' + - '从早期版本升级时,可能无法生成后台作业工作进程,从而阻止合并拉取请求等基本功能。(更新时间:2020-04-07){% comment %} https://github.com/github/enterprise2/issues/19232 {% endcomment %}' + - '推送到命令行上的存储库时,不会报告安全警报。(更新时间:2020-06-23){% comment %} https://github.com/github/github/issues/143190 {% endcomment %}' + - '依赖项关系图在具有多个 Redis 节点的群集配置中部署时不会检测依赖项。(更新时间:2020-06-30){% comment %} https://github.com/github/dependency-graph/issues/81 {% endcomment %}' + - '当副本节点在高可用性配置下离线时,{% data variables.product.product_name %} 仍可能将 {% data variables.product.prodname_pages %} 请求路由到离线节点,从而减少用户的 {% data variables.product.prodname_pages %} 可用性。' diff --git a/translations/zh-CN/data/release-notes/enterprise-server/2-20/14.yml b/translations/zh-CN/data/release-notes/enterprise-server/2-20/14.yml new file mode 100644 index 0000000000..048b4bdd5c --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/2-20/14.yml @@ -0,0 +1,13 @@ +date: '2020-08-12' +sections: + bugs: + - '解决了在生成系统配置模板时可能导致高 CPU 使用率的问题。{% comment %} https://github.com/github/enterprise2/pull/21784、https://github.com/github/enterprise2/pull/21741 {% endcomment %}' + - '最近对内存分配的更改可能导致系统性能降低 {% comment %} https://github.com/github/enterprise2/pull/22067 {% endcomment %}' + known_issues: + - '在新建的没有任何用户的 GitHub Enterprise Server 上,攻击者可以创建第一个管理员用户。{% comment %} https://github.com/github/enterprise2/issues/1889 {% endcomment %}' + - '在升级期间不会维护自定义防火墙规则。{% comment %} https://github.com/github/enterprise2/issues/2823 {% endcomment %}' + - '[通过 Web 界面上传](https://github.com/blog/2105-upload-files-to-your-repositories)的 Git LFS 跟踪文件被错误地直接添加到存储库。{% comment %} https://github.com/github/github/issues/54684 {% endcomment %}' + - '如果问题包含同一存储库中文件路径长于 255 个字符的 blob 的永久链接,则问题无法关闭。{% comment %} https://github.com/github/github/issues/107731 {% endcomment %}' + - '在 GitHub Connect 中启用了“用户可以搜索 GitHub.com”时,专用和内部存储库中的问题不包括在 GitHub.com 搜索结果中。{% comment %} https://github.com/github/admin-experience/issues/571 {% endcomment %}' + - '在命令行上推送到存储库时不会报告安全警报。{% comment %} https://github.com/github/github/issues/143190 {% endcomment %}' + - '当副本节点在高可用性配置下离线时,{% data variables.product.product_name %} 仍可能将 {% data variables.product.prodname_pages %} 请求路由到离线节点,从而减少用户的 {% data variables.product.prodname_pages %} 可用性。' diff --git a/translations/zh-CN/data/release-notes/enterprise-server/2-20/15.yml b/translations/zh-CN/data/release-notes/enterprise-server/2-20/15.yml new file mode 100644 index 0000000000..01f9c1eed7 --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/2-20/15.yml @@ -0,0 +1,25 @@ +date: '2020-08-26' +sections: + security_fixes: + - >- + {% octicon "alert" aria-label="The alert icon" %} **Critical:** A remote code execution vulnerability was identified in GitHub Pages that could be exploited when building a GitHub Pages site. User-controlled configuration of the underlying parsers used by GitHub Pages were not sufficiently restricted and made it possible to execute commands on the GitHub Enterprise Server instance. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Server instance. This vulnerability affected all versions of GitHub Enterprise Server. The underlying issues contributing to this vulnerability were identified both internally and through the GitHub Security Bug Bounty program. We have issued CVE-2020-10518. {% comment %} https://github.com/github/pages/pull/2883, https://github.com/github/pages/pull/2902, https://github.com/github/pages/pull/2894, https://github.com/github/pages/pull/2877, https://github.com/github/pages-gem/pull/700, + https://github.com/github/pages/pull/2890, https://github.com/github/pages/pull/2898, https://github.com/github/pages/pull/2909, https://github.com/github/pages/pull/2891, https://github.com/github/pages/pull/2884, https://github.com/github/pages/pull/2889 {% endcomment %} + - '**MEDIUM:** An improper access control vulnerability was identified that allowed authenticated users of the instance to determine the names of unauthorized private repositories given their numerical IDs. This vulnerability did not allow unauthorized access to any repository content besides the name. This vulnerability affected all versions of GitHub Enterprise Server prior to 2.22 and has been assigned [CVE-2020-10517](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10517). The vulnerability was reported via the [GitHub Bug Bounty program](https://bounty.github.com). {% comment %} https://github.com/github/github/pull/151987, https://github.com/github/github/pull/151713 {% endcomment %}' + - 'Packages have been updated to the latest security versions. {% comment %} https://github.com/github/enterprise2/pull/21852, https://github.com/github/enterprise2/pull/21828, https://github.com/github/enterprise2/pull/22153, https://github.com/github/enterprise2/pull/21920, https://github.com/github/enterprise2/pull/22215, https://github.com/github/enterprise2/pull/22190 {% endcomment %}' + bugs: + - 'A message was not logged when the ghe-config-apply process had finished running ghe-es-auto-expand. {% comment %} https://github.com/github/enterprise2/pull/22177, https://github.com/github/enterprise2/pull/22171 {% endcomment %}' + - 'Excessive logging to the `syslog` file could occur on high-availability replicas if the primary appliance is unavailable. {% comment %} https://github.com/github/enterprise2/pull/22267, https://github.com/github/enterprise2/pull/22124 {% endcomment %}' + - "Database re-seeding on a replica could fail with an error: `Got packet bigger than 'max_allowed_packet'` {% comment %} https://github.com/github/enterprise2/pull/22321, https://github.com/github/enterprise2/pull/20063 {% endcomment %}" + - 'In some cases duplicate user data could cause a 500 error while running the ghe-license-usage script. {% comment %} https://github.com/github/github/pull/152638 {% endcomment %}' + changes: + - 'In a high availability or geo-replication configuration, replica instances would exit maintenance mode when ghe-config-apply ran. {% comment %} https://github.com/github/enterprise2/pull/21776, https://github.com/github/enterprise2/pull/21440 {% endcomment %}' + - "We've added support for the R5a and R5n AWS instance types. {% comment %} https://github.com/github/enterprise2/pull/21902, https://github.com/github/enterprise2/pull/21173 {% endcomment %}" + - 'Removed the license seat count information on the administrative SSH MOTD due to a performance issue impacting GitHub Enterprise Server clusters. {% comment %} https://github.com/github/enterprise2/pull/21993, https://github.com/github/enterprise2/pull/21870 {% endcomment %}' + known_issues: + - 'On a freshly set up GitHub Enterprise Server without any users, an attacker could create the first admin user. {% comment %} https://github.com/github/enterprise2/issues/1889 {% endcomment %}' + - 'Custom firewall rules are not maintained during an upgrade. {% comment %} https://github.com/github/enterprise2/issues/2823 {% endcomment %}' + - 'Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. {% comment %} https://github.com/github/github/issues/54684 {% endcomment %}' + - 'Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters. {% comment %} https://github.com/github/github/issues/107731 {% endcomment %}' + - 'When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. {% comment %} https://github.com/github/admin-experience/issues/571 {% endcomment %}' + - 'Security alerts are not reported when pushing to a repository on the command line. {% comment %} https://github.com/github/github/issues/143190 {% endcomment %}' + - 'When a replica node is offline in a high availability configuration, {% data variables.product.product_name %} may still route {% data variables.product.prodname_pages %} requests to the offline node, reducing the availability of {% data variables.product.prodname_pages %} for users.' diff --git a/translations/zh-CN/data/release-notes/enterprise-server/2-20/17.yml b/translations/zh-CN/data/release-notes/enterprise-server/2-20/17.yml new file mode 100644 index 0000000000..39d615a7f2 --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/2-20/17.yml @@ -0,0 +1,13 @@ +date: '2020-09-23' +sections: + security_fixes: + - '中****:ImageMagick 已更新,以解决 [DSA-4715-1](https://www.debian.org/security/2020/dsa-4715)。{% comment %} https://github.com/github/enterprise2/pull/22625, https://github.com/github/enterprise2/pull/22610 {% endcomment %}' + - '包已更新到最新安全版本。{% comment %} https://github.com/github/enterprise2/pull/22601, https://github.com/github/enterprise2/pull/22592, https://github.com/github/enterprise2/pull/22605, https://github.com/github/enterprise2/pull/22426, https://github.com/github/enterprise2/pull/22718, https://github.com/github/enterprise2/pull/22699 {% endcomment %}' + known_issues: + - '在没有任何用户的新建 GitHub Enterprise Server 上,攻击者可以创建第一个管理员用户。{% comment %} https://github.com/github/enterprise2/issues/1889 {% endcomment %}' + - '在升级期间不会维护自定义防火墙规则。{% comment %} https://github.com/github/enterprise2/issues/2823 {% endcomment %}' + - '[通过 Web 界面上传](https://github.com/blog/2105-upload-files-to-your-repositories)的 Git LFS 跟踪文件被错误地直接添加到存储库。{% comment %} https://github.com/github/github/issues/54684 {% endcomment %}' + - '如果问题包含同一存储库中文件路径长于 255 个字符的 blob 的永久链接,则无法关闭。{% comment %} https://github.com/github/github/issues/107731 {% endcomment %}' + - '在 GitHub Connect 中启用了“用户可以搜索 GitHub.com”时,专用和内部存储库中的问题不包括在 GitHub.com 搜索结果中。{% comment %} https://github.com/github/admin-experience/issues/571 {% endcomment %}' + - '在命令行上推送到存储库时不会报告安全警报。{% comment %} https://github.com/github/github/issues/143190 {% endcomment %}' + - '当副本节点在高可用性配置下离线时,{% data variables.product.product_name %} 仍可能将 {% data variables.product.prodname_pages %} 请求路由到离线节点,从而减少用户的 {% data variables.product.prodname_pages %} 可用性。' diff --git a/translations/zh-CN/data/release-notes/enterprise-server/2-20/18.yml b/translations/zh-CN/data/release-notes/enterprise-server/2-20/18.yml new file mode 100644 index 0000000000..9bdfe66a37 --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/2-20/18.yml @@ -0,0 +1,26 @@ +date: '2020-10-09' +sections: + security_fixes: + - 'LDAP 目录用户名标准化为现有 GHES 帐户登录的用户可以验证现有帐户。{% comment %} https://github.com/github/github/pull/156518, https://github.com/github/github/pull/155512 {% endcomment %}' + - '包已更新到最新的安全版本。{% comment %} https://github.com/github/enterprise2/pull/22910, https://github.com/github/enterprise2/pull/22878 {% endcomment %}' + bugs: + - '管理控制台中的 NameID 格式下拉列表将在设置为“持久”之后重置为“未指定”。{% comment %} https://github.com/github/enterprise2/pull/22403, https://github.com/github/enterprise2/pull/22331, https://github.com/github/enterprise2/issues/13446 {% endcomment %}' + - '通过[管理控制台](/admin/configuration/accessing-the-management-console)保存设置将附加一个新行到 [TLS/SSL 证书和密钥](/admin/configuration/configuring-tls)文件,这触发了某些服务的不必要重新加载。{% comment %} https://github.com/github/enterprise2/pull/22607, https://github.com/github/enterprise2/pull/22540 {% endcomment %}' + - '依赖关系图的系统日志没有旋转,允许无限存储增长。{% comment %} https://github.com/github/enterprise2/pull/22765, https://github.com/github/enterprise2/pull/22733 {% endcomment %}' + - '到 GitHub 安全通告的链接将使用 GitHub Enterprise Server 实例主机名的 URL 而不是 GitHub.com,将用户引导到不存在的 URL。{% comment %} https://github.com/github/github/pull/153444, https://github.com/github/github/pull/151301 {% endcomment %}' + - '使用 `ghe-migrator` 导入存储库时,如果数据不一致,可能发生意外异常。{% comment %} https://github.com/github/github/pull/153848, https://github.com/github/github/pull/151552 {% endcomment %}' + - '当使用 `ghe-migrator` 导入 PR 审核请求时,与删除用户相关的记录将产生外部数据库记录。{% comment %} https://github.com/github/github/pull/154958, https://github.com/github/github/pull/153169 {% endcomment %}' + - '使用 `ghe-migrator` 导入用户时,如果系统生成的电子邮件地址超过 100 个字符,则会出现“电子邮件无效”的错误。{% comment %} https://github.com/github/github/pull/155112, https://github.com/github/github/pull/152418 {% endcomment %}' + - '记录 Webhook 活动可能会使用大量的磁盘空间,并导致根盘变满。{% comment %} https://github.com/github/github/pull/155655, https://github.com/github/github/pull/154100 {% endcomment %}' + changes: + - '为 AWS EC2 实例类型 `m5.16xlarge` 添加了支持。{% comment %} https://github.com/github/enterprise2/pull/22500, https://github.com/github/enterprise2/pull/22473 {% endcomment %}' + - '删除 `ghe-migrator` 档案中 SSH 指纹的要求,因为它可以随时计算。{% comment %} https://github.com/github/github/pull/156944, https://github.com/github/github/pull/155387 {% endcomment %}' + - 'GitHub App 清单现在包含 `request_oauth_on_install` 字段。{% comment %} https://github.com/github/github/pull/156996, https://github.com/github/github/pull/155010, https://github.com/github/ecosystem-apps/issues/1055 {% endcomment %}' + known_issues: + - '在新建的没有任何用户的 GitHub Enterprise Server 上,攻击者可以创建第一个管理员用户。{% comment %} https://github.com/github/enterprise2/issues/1889 {% endcomment %}' + - '在升级期间不会维护自定义防火墙规则。{% comment %} https://github.com/github/enterprise2/issues/2823 {% endcomment %}' + - '[通过 Web 界面上传](https://github.com/blog/2105-upload-files-to-your-repositories)的 Git LFS 跟踪文件被错误地直接添加到存储库。{% comment %} https://github.com/github/github/issues/54684 {% endcomment %}' + - '如果问题包含同一存储库中文件路径长于 255 个字符的 blob 的永久链接,则问题无法关闭。{% comment %} https://github.com/github/github/issues/107731 {% endcomment %}' + - '在 GitHub Connect 中启用了“用户可以搜索 GitHub.com”时,专用和内部存储库中的问题不包括在 GitHub.com 搜索结果中。{% comment %} https://github.com/github/admin-experience/issues/571 {% endcomment %}' + - '在命令行上推送到存储库时不会报告安全警报。{% comment %} https://github.com/github/github/issues/143190 {% endcomment %}' + - '当副本节点在高可用性配置下离线时,{% data variables.product.product_name %} 仍可能将 {% data variables.product.prodname_pages %} 请求路由到离线节点,从而减少用户的 {% data variables.product.prodname_pages %} 可用性。' diff --git a/translations/zh-CN/data/release-notes/enterprise-server/2-20/21.yml b/translations/zh-CN/data/release-notes/enterprise-server/2-20/21.yml new file mode 100644 index 0000000000..fe9d3649d4 --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/2-20/21.yml @@ -0,0 +1,15 @@ +date: '2020-11-17' +sections: + security_fixes: + - '包已更新到最新的安全版本。{% comment %} https://github.com/github/enterprise2/pull/23843、https://github.com/github/enterprise2/pull/23712 {% endcomment %}' + bugs: + - 'Babeld 日志在秒与微秒之间缺少分隔符。{% comment %} https://github.com/github/babeld/pull/1004、https://github.com/github/babeld/pull/1002 {% endcomment %}' + - '当企业帐户“存储库可见性更改”策略设置为“启用”时,组织所有者无法更改组织内存储库的可见性。{% comment %} https://github.com/github/github/pull/160922、https://github.com/github/github/pull/160773 {% endcomment %}' + known_issues: + - '在新建的没有任何用户的 GitHub Enterprise Server 上,攻击者可以创建第一个管理员用户。{% comment %} https://github.com/github/enterprise2/issues/1889 {% endcomment %}' + - '在升级期间不会维护自定义防火墙规则。{% comment %} https://github.com/github/enterprise2/issues/2823 {% endcomment %}' + - '[通过 Web 界面上传](https://github.com/blog/2105-upload-files-to-your-repositories)的 Git LFS 跟踪文件被错误地直接添加到存储库。{% comment %} https://github.com/github/github/issues/54684 {% endcomment %}' + - '如果问题包含同一存储库中文件路径长于 255 个字符的 blob 的永久链接,则问题无法关闭。{% comment %} https://github.com/github/github/issues/107731 {% endcomment %}' + - '在 GitHub Connect 中启用了“用户可以搜索 GitHub.com”时,专用和内部存储库中的问题不包括在 GitHub.com 搜索结果中。{% comment %} https://github.com/github/admin-experience/issues/571 {% endcomment %}' + - '在命令行上推送到存储库时不会报告安全警报。{% comment %} https://github.com/github/github/issues/143190 {% endcomment %}' + - '当副本节点在高可用性配置下离线时,{% data variables.product.product_name %} 仍可能将 {% data variables.product.prodname_pages %} 请求路由到离线节点,从而减少用户的 {% data variables.product.prodname_pages %} 可用性。' diff --git a/translations/zh-CN/data/release-notes/enterprise-server/2-20/23.yml b/translations/zh-CN/data/release-notes/enterprise-server/2-20/23.yml new file mode 100644 index 0000000000..cbf6780351 --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/2-20/23.yml @@ -0,0 +1,13 @@ +date: '2020-12-17' +sections: + security_fixes: + - '低:****高 CPU 使用可能被特殊构建的 SVN 桥请求触发,进而导致 SVN 桥服务上的拒绝服务 (DoS)。{% comment %} https://github.com/github/slumlord/pull/1020, https://github.com/github/slumlord/pull/1017 {% endcomment %}' + - '包已更新到最新安全版本。{% comment %} https://github.com/github/enterprise2/pull/24351, https://github.com/github/enterprise2/pull/23866 {% endcomment %}' + known_issues: + - '在新建的没有任何用户的 GitHub Enterprise Server 上,攻击者可以创建第一个管理员用户。{% comment %} https://github.com/github/enterprise2/issues/1889 {% endcomment %}' + - '在升级期间不会维护自定义防火墙规则。{% comment %} https://github.com/github/enterprise2/issues/2823 {% endcomment %}' + - '[通过 Web 界面上传](https://github.com/blog/2105-upload-files-to-your-repositories)的 Git LFS 跟踪文件被错误地直接添加到存储库。{% comment %} https://github.com/github/github/issues/54684 {% endcomment %}' + - '如果问题包含同一存储库中文件路径长于 255 个字符的 blob 的永久链接,则问题无法关闭。{% comment %} https://github.com/github/github/issues/107731 {% endcomment %}' + - '在 GitHub Connect 中启用了“用户可以搜索 GitHub.com”时,专用和内部存储库中的问题不包括在 GitHub.com 搜索结果中。{% comment %} https://github.com/github/admin-experience/issues/571 {% endcomment %}' + - '在命令行上推送到存储库时不会报告安全警报。{% comment %} https://github.com/github/github/issues/143190 {% endcomment %}' + - '当副本节点在高可用性配置下离线时,{% data variables.product.product_name %} 仍可能将 {% data variables.product.prodname_pages %} 请求路由到离线节点,从而减少用户的 {% data variables.product.prodname_pages %} 可用性。' diff --git a/translations/zh-CN/data/release-notes/enterprise-server/2-20/24.yml b/translations/zh-CN/data/release-notes/enterprise-server/2-20/24.yml new file mode 100644 index 0000000000..5c62b29244 --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/2-20/24.yml @@ -0,0 +1,28 @@ +date: '2021-03-02' +sections: + security_fixes: + - '**高:**在 GitHub Enterprise Server 中发现了一个不适当的访问控制漏洞,允许经过验证的实例用户通过特殊构建的拉取请求和 REST API 请求获得对未授权存储库的写入权限。攻击者需要能够创建目标存储库分支,该设置默认为组织拥有的私有存储库禁用。分支保护(如所需的拉取请求审查或状态检查)将防止未经进一步审查或验证的未授权提交被合并。此漏洞已分配 CVE-2021-22861。这个问题是通过 [GitHub Bug 赏金计划](https://bounty.github.com)报告的。' + - '**高:**在 GitHub Enterprise Server GraphQL API 中发现了一个不适当的访问控制漏洞,允许经过验证的实例用户在未经适当授权的情况下修改拉取请求的维护员协作权限。通过利用此漏洞,攻击者将能够访问在他们作为维护员的存储库上打开的拉取请求的头部分支。默认为组织拥有的私有存储库禁用分叉,并且可以防止此漏洞。此外,分支保护(如所需的拉取请求审查或状态检查)将防止未经进一步审查或验证的未授权提交被合并。此漏洞已分配 CVE-2021-22863。这个问题是通过 [GitHub Bug 赏金计划](https://bounty.github.com)报告的。' + - '**高:**在 GitHub Enterprise Server 中发现了一个在构建 GitHub Pages 站点时可以利用的远程代码执行漏洞。GitHub Pages 使用的基础分析器的用户控制配置没有受到足够的限制,因此可以在 GitHub Enterprise Server 实例上执行命令。要利用此漏洞,攻击者需要获得在 GitHub Enterprise Server 实例上创建和构建 GitHub Pages 站点的权限。该漏洞编号为 CVE-2020-10519,是通过 [GitHub Bug 赏金计划](https://bounty.github.com/)报告的。' + - '**低:**对 SVN 桥的特别设计请求可能会触发长时间的等待,然后再导致拒绝服务 (DoS)。' + - '包已更新到最新的安全版本。' + bugs: + - '在 GitHub Enterprise 备份实用程序快照期间,信息性消息被无意中记录为错误,这导致在备份由侦听输出到 stderr 的 cron 作业安排时发送不必要的电子邮件。' + - '在恢复大型备份时,与 Redis 内存耗尽相关的异常记录可能导致恢复由于完整磁盘而出现故障。' + - '在编辑 wiki 页面时,用户单击“保存”按钮时可能会遇到 500 错误。' + - '使用主题替代名称中具有多个名称的证书签名的 S/MIME 签名提交将错误地显示为提交徽章中的“未验证”。' + - '被暂停的用户在添加到团队时收到电子邮件。' + - '上传与之前许可证文件不同数量的新许可证文件时,席位差异在企业帐户的“设置”->“许可证”页面中未正确表示。' + - '无法成功启用或禁用企业帐户设置中的“防止存储库管理员更改匿名 Git 读取访问权限”复选框。' + - '在闰年,用户在尝试在星期一查看贡献活动时收到 404 响应。' + changes: + - '添加了 [AWS EC2 r5b 实例类型](https://aws.amazon.com/about-aws/whats-new/2020/12/introducing-new-amazon-ec2-r5b-instances-feuring-60-gbps-of-ebbandwidth-260K-iops/)支持。' + - '调整的背景队列排列优先顺序,以更均匀地分配作业。' + known_issues: + - '在新建的没有任何用户的 GitHub Enterprise Server 上,攻击者可以创建第一个管理员用户。' + - '在升级期间不会维护自定义防火墙规则。' + - '[通过 Web 界面上传](https://github.com/blog/2105-upload-files-to-your-repositories)的 Git LFS 跟踪文件被错误地直接添加到存储库。' + - '如果问题包含文件路径长于 255 个字符的同一存储库中 blob 的永久链接,则问题无法关闭。' + - '对 GitHub Connect 启用“用户可以搜索 GitHub.com”后,专用和内部存储库中的问题不包括在 GitHub.com 搜索结果中。' + - '推送到命令行上的存储库时不报告安全警报。' + - '当副本节点在高可用性配置下离线时,{% data variables.product.product_name %} 仍可能将 {% data variables.product.prodname_pages %} 请求路由到离线节点,从而减少用户的 {% data variables.product.prodname_pages %} 可用性。' diff --git a/translations/zh-CN/data/release-notes/enterprise-server/2-20/6.yml b/translations/zh-CN/data/release-notes/enterprise-server/2-20/6.yml new file mode 100644 index 0000000000..cef61a882a --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/2-20/6.yml @@ -0,0 +1,27 @@ +date: '2020-04-23' +sections: + security_fixes: + - '**高**:OpenSSL 已更新以解决 [CVE-2020-1967](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1967)。{% comment %} https://github.com/github/enterprise2/pull/19889、https://github.com/github/enterprise2/pull/19885 {% endcomment %}' + - '**高**:Git 已更新以解决 [CVE-2020-5260](https://github.com/git/git/security/advisories/GHSA-qm7j-c969-7j4q) 和 [CVE-2020-11008](https://github.com/git/git/security/advisories/GHSA-hjc9-x69f-jqj7)。新限制可防止恶意存储库被推入服务器实例,从而保护尚未修补的客户端。{% comment %} https://github.com/github/git/pull/990 {% endcomment %}' + - '**低**:ImageMagick 已更新以解决 [CVE-2019-10131](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10131)。{% comment %} https://github.com/github/enterprise2/pull/19655、https://github.com/github/enterprise2/pull/19617 {% endcomment %}' + - '包已更新到最新的安全版本。{% comment %} https://github.com/github/enterprise2/pull/19809、https://github.com/github/enterprise2/pull/19792、https://github.com/github/enterprise2/pull/19899、https://github.com/github/enterprise2/pull/19882 {% endcomment %}' + bugs: + - 'Git 用户没有权限调用使用 Subversion 将现有存储库从 v4 格式转换为 v3 LRS 所需的进程。{% comment %} https://github.com/github/enterprise2/pull/19465、https://github.com/github/enterprise2/pull/19150 {% endcomment %}' + - 'MySQL 配置中的不匹配可能导致备份在大型安装中失败。{% comment %} https://github.com/github/enterprise2/pull/19688、https://github.com/github/enterprise2/pull/19409、https://github.com/github/enterprise2/issues/19055 {% endcomment %}' + - '从以前的版本升级时,后台作业工作进程有时不会生成,从而阻止诸如合并拉取请求等基本功能。{% comment %} https://github.com/github/enterprise2/pull/19771、https://github.com/github/enterprise2/pull/19712 {% endcomment %}' + - "当 GitHub Enterprise Server 许可证包含非 ASCII 字符时,对管理控制台的 API `/setup/api/settings` 终结点的 `GET` 请求将导致内部服务器错误。{% comment %} https://github.com/github/enterprise2/pull/19790 {% endcomment %}" + - '即使根帐户已锁定,恢复控制台也会提示输入根密码。{% comment %} https://github.com/github/enterprise2/pull/19810、https://github.com/github/enterprise2/pull/19788、https://github.com/github/enterprise2/issues/18425 {% endcomment %}' + - '具有前导 UTF-8 字节顺序标记的 CODEOWNERS 文件将导致忽略所有代码所有者规则。{% comment %} https://github.com/github/github/pull/140974、https://github.com/github/github/pull/140729 {% endcomment %}' + changes: + - '当业务流程协调程序-客户端 cron 作业失败时,将向根帐户发送多封电子邮件。{% comment %} https://github.com/github/enterprise2/pull/19761、https://github.com/github/enterprise2/pull/19748 {% endcomment %}' + - "当外部标识提供者控制用户的站点管理员状态时,无法通过命令行实用程序降级用户。{% comment %} https://github.com/github/github/pull/140522、https://github.com/github/github/pull/137807、https://github.com/github/github/issues/42727 {% endcomment %}" + known_issues: + - '在新建的没有任何用户的 GitHub Enterprise Server 上,攻击者可以创建第一个管理员用户。{% comment %} https://github.com/github/enterprise2/issues/1889 {% endcomment %}' + - '在升级期间不会维护自定义防火墙规则。{% comment %} https://github.com/github/enterprise2/issues/2823 {% endcomment %}' + - '[通过 Web 界面上传](https://github.com/blog/2105-upload-files-to-your-repositories)的 Git LFS 跟踪文件被错误地直接添加到存储库。{% comment %} https://github.com/github/github/issues/54684 {% endcomment %}' + - '如果问题包含同一存储库中文件路径长于 255 个字符的 blob 的永久链接,则问题无法关闭。{% comment %} https://github.com/github/github/issues/107731 {% endcomment %}' + - '推送到 Gist 时,可能会在后接收挂钩期间触发异常。{% comment %} https://github.com/github/github/issues/129091 {% endcomment %}' + - '在 GitHub Connect 中启用了“用户可以搜索 GitHub.com”时,专用和内部存储库中的问题不包括在 GitHub.com 搜索结果中。{% comment %} https://github.com/github/admin-experience/issues/571 {% endcomment %}' + - '推送到命令行上的存储库时,不会报告安全警报。(更新时间:2020-06-23){% comment %} https://github.com/github/github/issues/143190 {% endcomment %}' + - '依赖项关系图在具有多个 Redis 节点的群集配置中部署时不会检测依赖项。(更新时间:2020-06-30){% comment %} https://github.com/github/dependency-graph/issues/81 {% endcomment %}' + - '当副本节点在高可用性配置下离线时,{% data variables.product.product_name %} 仍可能将 {% data variables.product.prodname_pages %} 请求路由到离线节点,从而减少用户的 {% data variables.product.prodname_pages %} 可用性。' diff --git a/translations/zh-CN/data/release-notes/enterprise-server/2-21/0.yml b/translations/zh-CN/data/release-notes/enterprise-server/2-21/0.yml new file mode 100644 index 0000000000..7ff6239c4d --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/2-21/0.yml @@ -0,0 +1,73 @@ +date: '2020-06-09' +sections: + features: + - '用户可以在从网页通知导航时可以就议题、拉请求及其他主题[管理通知](https://help.github.com/en/enterprise/2.21/user/github/managing-subscriptions-and-notifications-on-github/about-notifications)。{% comment %} https://github.com/github/enterprise-releases/issues/2135#issuecomment-633905096 {% endcomment %}' + - '用户可以[将拉取请求转换回“草稿”](https://github.blog/changelog/2020-04-08-convert-pull-request-to-draft/) {% comment %} https://github.com/github/releases/issues/800 {% endcomment %}' + - '[多行建议](https://github.blog/changelog/2020-04-15-multi-line-code-sugutions-general-availability/)可让用户在审查拉取请求时建议对多行代码进行特定的更改。{% comment %} https://github.com/github/releases/issues/810 {% endcomment %}' + - '可以写入存储库的用户可以[隐藏作为“重复项”的议题评论或拉取请求](https://help.github.com/en/enterprise/2.21/user/github/building-a-strong-community/managing-disrutive-comments#hiding-a-comment)。{% comment %}https://github.com/github/github/pull/131746 {% endcomment %}' + - '当[从模板创建存储库](https://help.github.com/en/enterprise/2.21/user/github/creating-cloning-and-archiving-repositeries/creating-a-repository-from-a-template)时,用户可以选择性地选择包含所有分支,而不仅仅是默认分支。{% comment %} https://github.com/github/releases/issues/580 {% endcomment %}' + - '[问题项目卡包含链接的拉取请求部分](https://github.blog/changelog/2020-02-04-project-issue-cards-include-linked-pull-requests/),因此用户能够看到哪些开发工作与直接来源于项目板的问题有关。{% comment %} https://github.com/github/releases/issues/743 {% endcomment %}' + - '反应 API 中有一组新的[“删除反应”终结点](https://developer.github.com/changes/2020-02-26-new-delete-reactions-endpoints/)。现有的“删除反应”终结点将在 2021 年初弃用。{% comment %} https://developer.github.com/changes/2020-02-26-new-delete-reactions-endpoints/ {% endcomment %}' + - '有一组新的 [Teams API 终结点](https://developer.github.com/changes/2020-01-21-moving-the-team-api-endpoints/),允许 GitHub 缩放并长期支持 Teams API。现有 API 终结点将在 2021 年初弃用。{% comment %} https://developer.github.com/changes/2020-01-21-moving-the-team-api-endpoints/ {% endcomment %}' + - '用户可以[在问题与拉取请求之间创建链接](https://help.github.com/en/enterprise/2.21/user/github/managing-your-work-on-github/linking-a-pull-request-to-an-issue#manually-linking-a-pull-request-to-an-issue),而无需在拉取请求描述中使用结束关键词。{% comment %} https://github.com/github/releases/issues/704 {% endcomment %}' + security_fixes: + - '在 GitHub Enterprise Server API 中发现了一个不适当的访问控制漏洞,该漏洞允许组织成员升级权限,获得对组织内未经授权的存储库的访问权限。此漏洞影响 GitHub Enterprise Server 2.21 之前的所有版本。为应对此问题,我们发布了 [CVE-2020-10516](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10516)。此漏洞通过 [GitHub Bug 赏金计划](https://bounty.github.com/) 报告。{% comment %} https://developer.github.com/changes/2020-02-26-new-delete-reactions-endpoints/ {% endcomment %}' + bugs: + - "如果具有推送访问权限的用户将另一个用户的评论最小化,则该评论的作者即使特权不足,也可以将其取消减小化。{% comment %} https://github.com/github/github/pull/141237 {% endcomment %}" + - '用户可能会意外地从问题模板编辑器和 Blob 编辑器中合并到主分支。{% comment %} https://github.com/github/github/pull/134483, https://github.com/github/github/pull/134323 {% endcomment %}' + - '当用户从 GitHub 中删除帐户时,审核日志记录没有正确显示组织删除记录。{% comment %} https://github.com/github/github/pull/140940 {% endcomment %}' + - '当前用户的 gist 头像将链接到一个不存在的 URL。{% comment %} https://github.com/github/github/pull/140925 {% endcomment %}' + - '组织存储库选项卡计数不包括内部存储库。{% comment %} https://github.com/github/github/pull/136323 {% endcomment %}' + - '在转移存储库时单击“显示所有团队”按钮造成了 500 错误。{% comment %} https://github.com/github/github/pull/134455 {% endcomment %}' + - "长文件名可能会在显示“自上次查看以来发生的变化”标签或在差异文件视图上显示“显示富”差异时造成溢出问题。{% comment %} https://github.com/github/github/pull/134453 {% endcomment %}" + - '组织团队的悬停卡误报其成员大小。{% comment %} https://github.com/github/github/pull/133879 {% endcomment %}' + - '拉取请求审查评论弹出窗口有滚动问题。{% comment %} https://github.com/github/github/pull/141157 {% endcomment %}' + - 'Haproxy 可能会饱和,导致 git 操作减速。{% comment %} https://github.com/github/enterprise2/issues/19322 {% endcomment %}' + - '在 HA 副本升级后不自动启用依赖关系图功能。{% comment %} https://github.com/github/enterprise2/issues/18698 {% endcomment %}' + - '对于有数千个草稿拉取请求的存储库,在版本索引页面上可能会触发超时。{% comment %} https://github.com/github/github/pull/131802 {% endcomment %}' + - '无法同时通过状态和草稿过滤拉取请求。{% comment %} https://github.com/github/github/pull/132567 {% endcomment %}' + - '如果拉取请求更改了子模块指针,然后从拉取请求页面的“已更改的文件”选项卡单击该子模块文件上的“编辑文件”,会导致 404 错误。{% comment %} https://github.com/github/github/pull/132448 {% endcomment %}' + - '在大量删除该组织的所有用户和管理员之后,无法将用户添加到组织或删除组织。{% comment %} https://github.com/github/github/pull/132238 {% endcomment %}' + - '当页面重新加载时,对“已更改的文件”页面上文件名中包含变音符号和非拉丁字符的文件的审核评论将消失。{% comment %} https://github.com/github/github/pull/131836 {% endcomment %}' + - '“已查看”复选框的状态对“已更改的文件”页面上文件名中包含变音符号和非拉丁字符的文件不会保留。{% comment %} https://github.com/github/github/pull/131836 {% endcomment %}' + - '拉取请求所有必需审查尚未完成时显示“已批准”徽章。{% comment %} https://github.com/github/github/pull/131823 {% endcomment %}' + - '当在拥有超过 100 个标签的存储库中搜索标签时,标签下拉菜单为空。{% comment %} https://github.com/github/github/pull/131914 {% endcomment %}' + - '显示带有非 UTF-8 标题注释的拉取请求页面在视图渲染中可能遇到编码错误。{% comment %} https://github.com/github/github/pull/138534 {% endcomment %}' + - '在 OAuth 页面上刷新的竞争条件可能导致重定向执行两次。{% comment %} https://github.com/github/github/pull/131964 {% endcomment %}' + - '如果有超过 10 个令牌,“个人访问令牌”页面将超时。{% comment %} https://github.com/github/github/pull/132064 {% endcomment %}' + - '计划的 LDAP 用户和团队同步任务可能会在先前计划的同步任务仍在进行中时开始。已经实施锁定机制来防止新的同步任务在运行时启动。{% comment %} https://github.com/github/github/pull/139205, https://github.com/github/support/issues/429, https://github.com/github/github/issues/54386, https://github.com/github/iam/issues/40 {% endcomment %}' + changes: + - 'Web 通知界面,包括新的[状态](https://help.github.com/en/enterprise/2.21/user/github/managing-subscriptions-and-notifications-on-github/managing-notifications-from-your-inbox#triaging-options)、[筛选器](https://help.github.com/en/enterprise/2.21/user/github/managing-subscriptions-and-notifications-on-github/managing-notifications-from-your-inbox#supported-queries-for-custom-filters)和[快捷方式](https://help.github.com/en/enterprise/2.21/user/github/getting-started-with-github/keyboard-shortcuts#notifications),已经更新。{% comment %} https://github.com/github/enterprise-releases/issues/2135#issuecomment-633905096 {% endcomment %}' + - '现在可以禁用在 LDAP 同步时重新激活 LDAP 用户。{% comment %} https://github.com/github/github/pull/139023 {% endcomment %}' + - '已更新推送受保护分支措辞,以明确管理员总是可以推送,当状态检查通过时,具有维护角色的用户可以推送。{% comment %} https://github.com/github/github/pull/141555 {% endcomment %}' + - '当建议与原始文本相同时,防止空白提交。{% comment %} https://github.com/github/github/pull/138587 {% endcomment %}' + - '支持分页作为一种通过 REST API 在与提交相关的差异中获取更多文件的方式。{% comment %} https://github.com/github/github/pull/134341 {% endcomment %}' + - '管理员可以在命令行中使用 `ghe-webhook-manage` 启用、禁用、删除 Webhook 或使用 Webhook ID 搜索 Webhook。{% comment %} https://github.com/github/enterprise2/pull/19027 {% endcomment %}' + - '在手动清理合并的拉取请求的头部引用后,将会进行自动基础重新定位。{% comment %} https://github.com/github/github/pull/142133 {% endcomment %}' + - 'SVG 文件在差异查看器中处理为文本和图像。{% comment %} https://github.com/github/render/pull/1129 {% endcomment %}' + - '使用 REST API 创建和更新存储库时,可以设置“合并时自动删除分支”设置。{% comment %} https://github.com/github/github/pull/131728 {% endcomment %}' + - '已添加一个新的终结点来通过 REST API 删除部署。{% comment %} https://github.com/github/github/pull/128733 {% endcomment %}' + - '管理员可以[启用安全警报](https://help.github.com/en/enterprise/2.21/admin/installation/enabling-security alerts-for-vulnerable-dependencies-on-github-enterprise-server#enabling-security-alerts-for-vulnerable-dependencies-for-vulnerable-dependencies-on-github-enterprise-server),但禁用来自这些警报的所有通知。{% comment %} https://github.com/github/releases/issues/841 {% endcomment %}' + - '页面日志显示访问 GitHub Pages 网站的用户登录。{% comment %} https://github.com/github/enterprise2/pull/19905 {% endcomment %}' + - '企业成员可以导航到 `https://[ghes-hostname]/enterprises/[account-name]`,从一个视图查看他们作业企业帐户一部分所属的所有组织。{% comment %} https://github.com/github/releases/issues/832 {% endcomment %}' + - '[分类和维护角色的 REST API 支持](https://developer.github.com/changes/2020-04-07-explining-rest-api-support-for-the-triage-and-server-roles/)已扩展。{% comment %} https://github.com/github/releases/issues/748 {% endcomment %}' + - '用户可以使用 `@me` 搜索语法创建和分享解析到当前用户的搜索查询。{% comment %} https://github.com/github/github/pull/129624 {% endcomment %}' + - '新发行模板配置选项已[添加](https://github.blog/changelog/2019-10-28-new-issue-template-configuration-options/)。{% comment %} https://github.com/github/releases/issues/660 {% endcomment %}' + - 'MySQL 备份和恢复可靠性以及完成时间已得到改善。{% comment %} https://github.com/github/ghes-infrastructure/issues/162 {% endcomment %}' + - '问题侧边栏、问题卡和问题列表中拉取请求和问题引用的[可见性已改进](https://github.blog/2020-02-06-get-more-information-at-a-glance-with-issue-and-pull-request-linking/)。{% comment %} https://github.com/github/releases/issues/704 {% endcomment %}' + - '用户可以通过 `linked:pr` 或 `linked:issue` 过滤和搜索。{% comment %} https://github.com/github/releases/issues/744 {% endcomment %}' + - 'MySQL 现在可在单个区域内自动故障转移以进行群集部署。{% comment %} https://github.com/github/ghes-infrastructure/issues/136 {% endcomment %}' + - '用户可以比较两个版本之间的标签来确定发行版页面上发生了哪些更改。{% comment %} https://github.com/github/github/issues/107054 {% endcomment %}' + - '默认情况下,过时的评论不再在拉取请求时间线上折叠。它们可以通过解析线程来折叠。{% comment %} https://github.com/github/enterprise-web/pull/6389#issuecomment-634201583 {% endcomment %}' + - '管理员可以通过导航到“保留登录”stafftools 选项卡来查看保留供内部使用的登录列表。{% comment %} https://github.com/github/enterprise-web/pull/6389#issuecomment-637846206 {% endcomment %}' + known_issues: + - '在新建的没有任何用户的 GitHub Enterprise Server 上,攻击者可以创建第一个管理员用户。{% comment %} https://github.com/github/enterprise2/issues/1889 {% endcomment %}' + - '在升级期间不会维护自定义防火墙规则。{% comment %} https://github.com/github/enterprise2/issues/2823 {% endcomment %}' + - '[通过 Web 界面上传](https://github.com/blog/2105-upload-files-to-your-repositories)的 Git LFS 跟踪文件被错误地直接添加到存储库。{% comment %} https://github.com/github/github/issues/54684 {% endcomment %}' + - '如果问题包含同一存储库中文件路径长于 255 个字符的 blob 的永久链接,则问题无法关闭。{% comment %} https://github.com/github/github/issues/107731 {% endcomment %}' + - '推送到 Gist 时,可能会在后接收挂钩期间触发异常。{% comment %} https://github.com/github/github/issues/129091 {% endcomment %}' + - '在 GitHub Connect 中启用了“用户可以搜索 GitHub.com”时,专用和内部存储库中的问题不包括在 GitHub.com 搜索结果中。{% comment %} https://github.com/github/admin-experience/issues/571 {% endcomment %}' + - '推送到命令行上的存储库时,不会报告安全警报。(更新时间:2020-06-23){% comment %} https://github.com/github/github/issues/143190 {% endcomment %}' + - '审核日志可归因于 127.0.0.1,而不是实际源 IP 地址。(更新时间:2020-11-02){% comment %} https://github.com/github/enterprise2/issues/21514 {% endcomment %}' + - "将存储库的权限配置为“会审”或“维护”失败,并显示错误消息。" + - '当副本节点在高可用性配置下离线时,{% data variables.product.product_name %} 仍可能将 {% data variables.product.prodname_pages %} 请求路由到离线节点,从而减少用户的 {% data variables.product.prodname_pages %} 可用性。' diff --git a/translations/zh-CN/data/release-notes/enterprise-server/2-21/17.yml b/translations/zh-CN/data/release-notes/enterprise-server/2-21/17.yml new file mode 100644 index 0000000000..9c2b33be60 --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/2-21/17.yml @@ -0,0 +1,27 @@ +date: '2021-03-23' +intro: Downloads have been disabled due to a major bug affecting multiple customers. A fix will be available in the next patch. +sections: + security_fixes: + - '**HIGH:** A remote code execution vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. User-controlled configuration options used by GitHub Pages were not sufficiently restricted and made it possible to override environment variables leading to code execution on the GitHub Enterprise Server instance. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Server instance. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.0.3 and was fixed in 3.0.3, 2.22.9, and 2.21.17. This vulnerability was reported via the GitHub Bug Bounty program and has been assigned CVE-2021-22864.' + - Packages have been updated to the latest security versions. + bugs: + - The `ghe-cluster-config-init` run was not fully accounting for the exit code of background jobs leading to improper handling of preflight checks. + changes: + - Logs will rotate based on size in addition to time. + - Use a relative number for consul and nomad `bootstrap_expect` allowing for a cluster to bootstrap even if a handful of nodes are down. + known_issues: + - On a freshly set up GitHub Enterprise Server without any users, an attacker could create the first admin user. + - Custom firewall rules are not maintained during an upgrade. + - Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. + - Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters. + - When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. + - Security alerts are not reported when pushing to a repository on the command line. + - | + Log rotation may fail to signal services to transition to new log files, leading to older log files continuing to be used, and eventual root disk space exhaustion. + To remedy and/or prevent this issue, run the following commands in the [administrative shell](https://docs.github.com/en/enterprise-server/admin/configuration/accessing-the-administrative-shell-ssh) (SSH), or contact [GitHub Enterprise Support](https://support.github.com/contact) for assistance: + + ``` + printf "PATH=/usr/local/sbin:/usr/local/bin:/usr/local/share/enterprise:/usr/sbin:/usr/bin:/sbin:/bin\n29,59 * * * * root /usr/sbin/logrotate /etc/logrotate.conf\n" | sudo sponge /etc/cron.d/logrotate + sudo /usr/sbin/logrotate -f /etc/logrotate.conf + ``` + - When a replica node is offline in a high availability configuration, {% data variables.product.product_name %} may still route {% data variables.product.prodname_pages %} requests to the offline node, reducing the availability of {% data variables.product.prodname_pages %} for users. diff --git a/translations/zh-CN/data/release-notes/enterprise-server/2-21/20.yml b/translations/zh-CN/data/release-notes/enterprise-server/2-21/20.yml new file mode 100644 index 0000000000..35cf37ce02 --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/2-21/20.yml @@ -0,0 +1,19 @@ +date: '2021-04-28' +sections: + security_fixes: + - 包已更新到最新的安全版本。 + bugs: + - 在 MySQL 副本上运行的安装脚本可能导致数据库故障转移期间不必要的数据库重新播种。 + - '由于不必要地调用 `rake db:migrate`,`config-apply` 可能需要更长的时间。' + - Orchestrator 可能已故障转移到 MySQL 副本,当主数据库无法连接时,它无法在播种阶段从主数据库复制。 + - 出现错误的组织或项目阻止了迁移,无法排除。 + changes: + - 默认情况下,预检检查允许所有 AWS 实例类型。 + known_issues: + - 在新建的没有任何用户的 GitHub Enterprise Server 上,攻击者可以创建第一个管理员用户。 + - 在升级期间不会维护自定义防火墙规则。 + - "[通过 Web 界面上传](https://github.com/blog/2105-upload-files-to-your-repositories)的 Git LFS 跟踪文件被错误地直接添加到存储库。" + - 如果问题包含文件路径长于 255 个字符的同一存储库中 blob 的永久链接,则问题无法关闭。 + - 在 GitHub Connect 中启用了“用户可以搜索 GitHub.com”时,专用和内部存储库中的问题不包括在 GitHub.com 搜索结果中。 + - 推送到命令行上的存储库时不报告安全警报。 + - '当副本节点在高可用性配置下离线时,{% data variables.product.product_name %} 仍可能将 {% data variables.product.prodname_pages %} 请求路由到离线节点,从而减少用户的 {% data variables.product.prodname_pages %} 可用性。' diff --git a/translations/zh-CN/data/release-notes/enterprise-server/2-22/11.yml b/translations/zh-CN/data/release-notes/enterprise-server/2-22/11.yml new file mode 100644 index 0000000000..5c160dca8c --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/2-22/11.yml @@ -0,0 +1,19 @@ +date: '2021-04-14' +sections: + security_fixes: + - 包已更新到最新的安全版本。 + bugs: + - '警告消息 `jq: error (at :0): Cannot index number with string "settings"` 可能在副本升级期间出现。' + - 由于 MySQL 副本无法连接到主数据库,因此将备份连续还原到群集可能会失败。 + - 由于 Treelights 容器内存不足,语法高亮可能失败。 + - 访问 `/settings/email` 页面会存储状态,在退出登录并重新登录时可能导致错误的重定向。 + - 对于其通告在 `vulnerable_version_ranges` 中具有大写包名称的一些组件,未显示依赖项关系图警报。 + - 在问题评论中通过提及功能直接提及团队时,GitHub 集成应用程序无法通知团队。 + - 当 ghe-migrator 遇到导入错误时,它有时会中止整个进程,但日志中没有包含足够的上下文。 + known_issues: + - 在新建的没有任何用户的 GitHub Enterprise Server 上,攻击者可以创建第一个管理员用户。 + - 在升级期间不会维护自定义防火墙规则。 + - "[通过 Web 界面上传](https://github.com/blog/2105-upload-files-to-your-repositories)的 Git LFS 跟踪文件被错误地直接添加到存储库。" + - 如果问题包含文件路径长于 255 个字符的同一存储库中 blob 的永久链接,则问题无法关闭。 + - 在 GitHub Connect 中启用了“用户可以搜索 GitHub.com”时,专用和内部存储库中的问题不包括在 GitHub.com 搜索结果中。 + - "当副本节点在高可用性配置下离线时,{% data variables.product.product_name %} 仍可能将 {% data variables.product.prodname_pages %} 请求路由到离线节点,从而减少用户的 {% data variables.product.prodname_pages %} 可用性。" diff --git a/translations/zh-CN/data/release-notes/enterprise-server/2-22/15.yml b/translations/zh-CN/data/release-notes/enterprise-server/2-22/15.yml new file mode 100644 index 0000000000..a15bc73c4a --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/2-22/15.yml @@ -0,0 +1,16 @@ +date: '2021-06-10' +sections: + security_fixes: + - 包已更新到最新的安全版本。 + bugs: + - "从非 GitHub 源导入组织或存储库失败可能会产生 `undefined method '[]' for nil:NilClass` 错误。" + - 使用 SAML 身份验证时,如果 GitHub 配置文件名称不匹配管理控制台中映射到 `Full name` 字段的属性值,GitHub 配置文件名称可能已无意中更改。 + changes: + - GraphQL API 用户可在 `PullRequest` 对象上查询公共字段 `closingIssuesReferences`。该字段检索将在合并相关拉取请求时自动关闭的问题。这种方法还将允许将来迁移这些数据,作为更高保真度迁移过程的一部分。 + known_issues: + - 在新建的没有任何用户的 GitHub Enterprise Server 上,攻击者可以创建第一个管理员用户。 + - 自定义防火墙规则在升级过程中被删除。 + - "[通过 Web 界面上传](https://github.com/blog/2105-upload-files-to-your-repositories)的 Git LFS 跟踪文件被错误地直接添加到存储库。" + - 如果问题包含文件路径长于 255 个字符的同一存储库中 blob 的永久链接,则问题无法关闭。 + - 在 GitHub Connect 中启用了“用户可以搜索 GitHub.com”时,专用和内部存储库中的问题不包括在 GitHub.com 搜索结果中。 + - "当副本节点在高可用性配置下离线时,{% data variables.product.product_name %} 仍可能将 {% data variables.product.prodname_pages %} 请求路由到离线节点,从而减少用户的 {% data variables.product.prodname_pages %} 可用性。" diff --git a/translations/zh-CN/data/release-notes/enterprise-server/3-0/5.yml b/translations/zh-CN/data/release-notes/enterprise-server/3-0/5.yml new file mode 100644 index 0000000000..e7537e5b79 --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/3-0/5.yml @@ -0,0 +1,28 @@ +date: '2021-04-14' +intro: "对于 {% data variables.product.prodname_ghe_server %} 3.0+ 的最低基础设施要求已经增加。有关详细信息,请参阅“[关于 GitHub Enterprise Server 3.0 及更高版本的最低要求](/admin/enterprise-management/upgrading-github-enterprise-server#about-minimum-requirements-for-github-enterprise-server-30-and-later)”。" +sections: + security_fixes: + - 包已更新到最新的安全版本。 + bugs: + - 有些日志未包含在日志转发配置中。 + - '警告消息 `jq: error (at :0): Cannot index number with string "settings"` 可能在副本升级期间出现。' + - 由于 MySQL 副本无法连接到主数据库,因此将备份连续还原到群集可能会失败。 + - 使用自定义 CA 证书时页面未发布。 + - 与子域相关的包未显示在“测试域设置”提示中以进行子域隔离。 + - 通过 Webhook 发送的 `X-GitHub-Enterprise-Host` 标头包含一个随机字符串,而不是发送 HTTP POST 有效负载的 GitHub Enterprise Server 实例的主机名。 + - 如果先前启用了 GitHub Actions,但在升级之前被禁用,则从 2.22.x 升级到 3.0.x 将会失败。 + - 访问 `/settings/email` 页面会存储状态,在退出登录并重新登录时可能导致错误的重定向。 + - 在问题评论中通过提及功能直接提及团队时,GitHub 集成应用程序无法通知团队。 + - reStructuredText (RST) 渲染在 Web UI 中可能失败,反而显示原始 RST 标记文本。 + - 如果未完全启用依赖项关系图,则不会将密码扫描警报的电子邮件通知发送给授权用户。 + - 当 ghe-migrator 遇到导入错误时,它有时会中止整个进程,但日志中没有包含足够的上下文。 + - 具有非 ASCII 字符的 Jupyter 笔记本可能无法渲染。 + known_issues: + - 在新建的没有任何用户的 GitHub Enterprise Server 上,攻击者可以创建第一个管理员用户。 + - 在升级期间不会维护自定义防火墙规则。 + - "[通过 Web 界面上传](https://github.com/blog/2105-upload-files-to-your-repositories)的 Git LFS 跟踪文件被错误地直接添加到存储库。" + - 如果问题包含文件路径长于 255 个字符的同一存储库中 blob 的永久链接,则问题无法关闭。 + - 在 GitHub Connect 中启用了“用户可以搜索 GitHub.com”时,专用和内部存储库中的问题不包括在 GitHub.com 搜索结果中。 + - 在合并拉取请求后删除分支时,即使分支删除成功也会出现错误消息。 + - "当副本节点在高可用性配置下离线时,{% data variables.product.product_name %} 仍可能将 {% data variables.product.prodname_pages %} 请求路由到离线节点,从而减少用户的 {% data variables.product.prodname_pages %} 可用性。" + - 特定于处理预接收挂钩的资源限制可能导致部分预接收挂钩失败。 diff --git a/translations/zh-CN/data/release-notes/enterprise-server/3-1/0.yml b/translations/zh-CN/data/release-notes/enterprise-server/3-1/0.yml new file mode 100644 index 0000000000..3b24968dd8 --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/3-1/0.yml @@ -0,0 +1,173 @@ +date: '2021-06-03' +intro: For minimum infrastructure requirements, see "[About minimum requirements for {% data variables.product.prodname_ghe_server %} 3.0 and later](/admin/enterprise-management/upgrading-github-enterprise-server#about-minimum-requirements-for-github-enterprise-server-30-and-later)." +sections: + features: + - heading: GitHub Advanced Security Secret Scanning + notes: + - | + [Secret Scanning](https://github.com/features/security) is now generally available on {% data variables.product.prodname_ghe_server %} 3.1+. Scan public and private repositories for committed credentials, find secrets, and notify the secret provider or admin the moment they are committed into a repository. + + This release includes several improvements from the beta of Secret Scanning on {% data variables.product.prodname_ghe_server %}: + + - Expanded our [pattern coverage](/enterprise-server@3.1/code-security/secret-security/about-secret-scanning#about-secret-scanning-for-private-repositories) from 24 partners to 37 + - Added an [API](/rest/reference/secret-scanning) and [webhooks](/developers/webhooks-and-events/webhook-events-and-payloads#secret_scanning_alert) + - Added [notifications for commit authors](https://github.blog/changelog/2021-03-05-secret-scanning-notifications-for-commit-authors-on-private-repositories/) when they commit secrets + - Updated the index view to made it easy to triage secrets in bulk + - Reduced the false positive rate on many patterns + + Administrators using {% data variables.product.prodname_GH_advanced_security %} can [enable and configure](/enterprise-server@3.1/admin/configuration/configuring-secret-scanning-for-your-appliance) {% data variables.product.prodname_GH_advanced_security %} secret scanning. You can review the [updated minimum requirements for your platform](/enterprise-server@3.1/admin/installation/setting-up-a-github-enterprise-server-instance) before you turn on {% data variables.product.prodname_GH_advanced_security %} secret scanning. + + - heading: GitHub Advanced Security billing improvements + notes: + - | + This release includes several improvements to {% data variables.product.prodname_GH_advanced_security %} billing in {% data variables.product.prodname_ghe_server %}: + + - {% data variables.product.prodname_GH_advanced_security %} customers can now view their active committer count and the remaining number of unused committer seats on their organization or enterprise account’s Billing page. If Advanced Security is purchased for an enterprise, administrators can also view the active committer seats which are being used by other organizations within their enterprise. For more information, see "[About GitHub Advanced Security licensing](/enterprise-server@3.1/admin/advanced-security/about-licensing-for-github-advanced-security)" and "[Viewing your GitHub Advanced Security usage](/enterprise-server@3.1/admin/advanced-security/viewing-your-github-advanced-security-usage)." + - GitHub Advanced Security customers can now view their active committer count for any Advanced Security enabled repositories on their organization or enterprise account's Billing page. These changes help billing administrators track their usage against how many committer licenses they purchased. For more information see "[Managing security and analysis settings for your organization](/enterprise-server@3.1/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization)." + + - heading: Dependabot improvements + notes: + - | + This release includes improvements to Dependabot alerts in {% data variables.product.prodname_ghe_server %}: + + - Users with Dependabot alerts enabled can see which of their repositories are impacted by a given vulnerability by navigating to its entry in the [GitHub Advisory Database](https://github.com/advisories). This feature is available in public beta. For more information, see "[Viewing and updating vulnerable dependencies in your repository](/enterprise-server@3.1/code-security/supply-chain-security/viewing-and-updating-vulnerable-dependencies-in-your-repository)." + - When a vulnerability is added to GitHub Advisory Database, you will no longer receive [email and web notifications](https://github.com/notifications) for Dependabot alerts on low and moderate severity vulnerabilities. These alerts are still accessible from the repository's Security tab. For more information, see "[Viewing and updating vulnerable dependencies in your repository](/enterprise-server@3.1/code-security/supply-chain-security/viewing-and-updating-vulnerable-dependencies-in-your-repository)." + - You can now give people instructions on how to responsibly report security vulnerabilities in your project by adding a `SECURITY.md` file to your repository's `root`, `docs`, or `.github` folder. When someone creates an issue in your repository, they will see a link to your project's security policy. For more information, see "[Adding a security policy to your repository](/enterprise-server@3.1/code-security/getting-started/adding-a-security-policy-to-your-repository)." + + - heading: GitHub Actions Workflow Visualization beta + notes: + - | + {% data variables.product.prodname_actions %} can now generate a visual graph of your workflow on every run. With workflow visualization, you can: + - View and understand complex workflows + - Track progress of workflows in real-time + - Troubleshoot runs quickly by easily accessing logs and jobs metadata + - Monitor progress of deployment jobs and easily access deployment targets + + For more information, see "[Using the visualization graph](/actions/managing-workflow-runs/using-the-visualization-graph)." + + - heading: OAuth 2.0 Device Authorization Grant + notes: + - | + [OAuth 2.0 Device Authorization Grant](https://github.com/login/device) allows any CLI client or developer tool to authenticate using a secondary system with a browser. + + Administrators using [OAuth Apps](/developers/apps/authorizing-oauth-apps#device-flow) and [GitHub Apps](/developers/apps/authorizing-oauth-apps#device-flow) can enable and configure OAuth 2.0 Device Authorization Flow, in addition to the existing Web Application Flow. You can review the [updated minimum requirements for your platform](/enterprise-server@3.1/admin/installation/setting-up-a-github-enterprise-server-instance) before you enable OAuth 2.0 Device Authorization Flow. + + - heading: Pull request auto-merge + notes: + - | + With auto-merge, pull requests can be set to merge automatically when all merge requirements have been satisfied. This saves users from needing to constantly check the state of their pull requests just to merge them. Auto-merge can be enabled by a user with permission to merge and on pull requests that have unsatisfied merge requirements. For more information, see "[Automatically merging a pull request](/enterprise-server@3.1/github/collaborating-with-issues-and-pull-requests/automatically-merging-a-pull-request)." + + - heading: Custom notifications + notes: + - | + You can customize the types of notifications you want to receive from individual repositories. For more information, see "[Configuring notifications](/enterprise-server@3.1/github/managing-subscriptions-and-notifications-on-github/configuring-notifications#configuring-your-watch-settings-for-an-individual-repository)." + + - heading: GitHub Mobile filtering + notes: + - | + [{% data variables.product.prodname_mobile %}](https://github.com/mobile) filtering allows you to search for and find issues, pull requests, and discussions from your device. New metadata for issues and pull request list items allow you to filter by assignees, checks status, review states, and comment counts. + + {% data variables.product.prodname_mobile %} beta is available for {% data variables.product.prodname_ghe_server %}. Sign in with our [Android](https://play.google.com/store/apps/details?id=com.github.android) and [iOS](https://apps.apple.com/app/github/id1477376905) apps to triage notifications and manage issues and pull requests on the go. Administrators can disable mobile support for their Enterprise using the management console or by running `ghe-config app.mobile.enabled false`. For more information, see "[GitHub Mobile](/get-started/using-github/github-mobile)." + + changes: + - heading: Administration Changes + notes: + - By precomputing checksums, the amount of time a repository is under the lock has reduced dramatically, allowing more write operations to succeed immediately and improving monorepo performance. + - The latest release of the CodeQL CLI supports uploading analysis results to GitHub. This makes it easier to run code analysis for customers who wish to use CI/CD systems other than {% data variables.product.prodname_actions %}. Previously, such users had to use the separate CodeQL runner, which will continue to be available. For more information, see "[About CodeQL code scanning in your CI system](/enterprise-server@3.1/code-security/secure-coding/about-codeql-code-scanning-in-your-ci-system)." + - '{% data variables.product.prodname_actions %} now supports skipping `push` and `pull_request` workflows by looking for some common keywords in your commit message.' + - Check annotations older than four months will be archived. + - Scaling of worker allocation for background tasks has been revised. We recommend validating that the new defaults are appropriate for your workload. Custom background worker overrides should be unset in most cases. [Updated 2022-03-18] + + - heading: Security Changes + notes: + - Following feedback, display of Code Scanning results on a pull request without submitting with a pull request ID will remain supported. For more information, see "[Configuring code scanning](/enterprise-server@3.1/code-security/secure-coding/configuring-code-scanning#scanning-pull-requests)" and "[Configuring CodeQL code scanning in your CI system](/enterprise-server@3.1/code-security/secure-coding/configuring-codeql-code-scanning-in-your-ci-system#scanning-pull-requests). + - SARIF upload support increased to a maximum of 5000 results per upload. + + - heading: Developer Changes + notes: + - You can specify multiple callback URLs while configuring a GitHub App. This can be used in services with multiple domains or subdomains. GitHub will always deny authorization if the callback URL from the request is not in the authorization callback URL list. + - The GitHub App file permission has been updated to allow an app developer to specify up to 10 files for read-only or read-write access that their app can request access to. + - CodeQL now supports more [libraries and frameworks](https://codeql.github.com/docs/codeql-overview/supported-languages-and-frameworks/) for a variety of languages ([C++](https://github.com/github/codeql/tree/main/cpp), [JavaScript](https://github.com/github/codeql/tree/main/javascript), [Python](https://github.com/github/codeql/tree/main/python),[Java](https://github.com/github/codeql/tree/main/java), [Go](https://github.com/github/codeql-go/tree/main)). The CodeQL engine can now detect more sources of untrusted user data, which improves the quality and depth of the code scanning alerts. For more information, see "[About CodeQL](https://codeql.github.com/docs/codeql-overview/about-codeql/)." + - When configuring a GitHub App, the authorization callback URL is a required field. Now, we allow the developer to specify multiple callback URLs. This can be used in services with multiple domains or subdomains. GitHub will always deny authorization if the callback URL from the request is not in the authorization callback URL list. + - Delete an entire directory of files, including subdirectories, from your web browser. For more information, see "[Deleting a file or directory](/enterprise-server@3.1/github/managing-files-in-a-repository/deleting-files-in-a-repository#deleting-a-directory)." + - 'Include multiple words after the `#` in an issue, discussion, or pull request comment to further narrow your search.' + - 'When you’re writing an issue, pull request, or discussion comment the list syntax for bullets, numbers, and tasks autocompletes after you press `return` or `enter`.' + + - heading: API Changes + notes: + - The code scanning API allows users to upload data about static analysis security testing results, or export data about alerts. For more information, see the [code scanning API reference](/rest/reference/code-scanning). + - The [GitHub Apps API](/rest/reference/apps) for managing installations has now graduated from an API preview to a generally available API. The [preview header](/rest/overview/api-previews) is no longer required to access these endpoints. + + security_fixes: + - '**MEDIUM** Under certain circumstances, users who were removed from a team or organization could retain write access to branches they had existing pull requests opened for.' + - Packages have been updated to the latest security versions. + + bugs: + - heading: Fixes for known issues from Release Candidate + notes: + - All known issues from Release Candidate 1 have been fixed, except those listed in the Known Issues section below. + - heading: Fixes for other issues + notes: + - On the "Configure Actions and Packages" page of the initial installation process, clicking on the "Test domain settings" button did not complete the test. + - 'Running `ghe-btop` failed with an error and cannot find a `babeld` container.' + - MySQL could reload and cause downtime if you change auto failover settings. + - After upgrading, a mismatch of internal and external timeout values created service unavailability. + - Expected replication delays in MSSQL generated warnings. + - 'Link to "[Configuring clustering](/admin/enterprise-management/configuring-clustering)" on the Management Console was incorrect.' + - When creating or editing a pre-receive hook, a race condition in the user interface meant that after selecting a repository, files within the repository were sometimes not populated in files dropdown. + - When an IP address is added to a whitelist using "Create Whitelist Entry" button, it could still be shown as locked out. + - References to the "Dependency graph" and "Dependabot alerts" features were not shown as disabled on some repositories. + - Setting an announcement in the enterprise account settings could result in a 500 Internal Server Error. + - HTTP POST requests to the `/hooks` endpoint could fail with a 401 response due to an incorrectly configured `hookID`. + - The `build-server` process failed to clean up processes, leaving them in the `defunct` state. + - '`spokesd` created excessive log entries, including the phrase "fixing placement skipped".' + - While upgrading Actions the upgrade could fail if the instance could not make self-requests via its configured hostname. + - Upgrading from 2.22.x to 3.1.0.rc1 could result in a database migration error relating to the `BackfillIntegrationApplicationCallbackUrlsTransition` data transition. + + known_issues: + - Access to a repository through the administrative shell using `ghe-repo /` will hang. As a workaround, use `ghe-repo / -c "bash -i"` until a fix is available in the next version. + - The {% data variables.product.prodname_registry %} npm registry no longer returns a time value in metadata responses. This was done to allow for substantial performance improvements. We continue to have all the data necessary to return a time value as part of the metadata response and will resume returning this value in the future once we have solved the existing performance issues. + - On a freshly set up {% data variables.product.prodname_ghe_server %} without any users, an attacker could create the first admin user. + - Custom firewall rules are not maintained during an upgrade. + - Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. + - Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters. + - When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. + - Upgrading an instance that has previously ran a 2.13 release, but not a 2.14 release, results in a database migration error relating to the `AddRepositoryIdToCheckRuns` data transition. + - | + After upgrading from 3.0.x to 3.1.x, in some cases GitHub Actions can fail with an error: `An unexpected error occurred when executing this workflow.` To workaround this problem, connect to the administrative shell (ssh) and run: + ``` + ghe-actions-console -s actions -c "Queue-ServiceJob -JobId 4DB1F4CF-19FD-40E0-A253-91288813DE8B" + ``` + - When a replica node is offline in a high availability configuration, {% data variables.product.product_name %} may still route {% data variables.product.prodname_pages %} requests to the offline node, reducing the availability of {% data variables.product.prodname_pages %} for users. + - Resource limits that are specific to processing pre-receive hooks may cause some pre-receive hooks to fail. + + deprecations: + - heading: Deprecation of GitHub Enterprise Server 2.20 + notes: + - '**{% data variables.product.prodname_ghe_server %} 2.20 was discontinued on March 2, 2021**. That means that no patch releases will be made, even for critical security issues, after this date. For better performance, improved security, and new features, [upgrade to the newest version of {% data variables.product.prodname_ghe_server %}](/enterprise-server@3.1/admin/enterprise-management/upgrading-github-enterprise-server) as soon as possible.' + - heading: Deprecation of GitHub Enterprise Server 2.21 + notes: + - '**{% data variables.product.prodname_ghe_server %} 2.21 will be discontinued on June 9, 2021**. That means that no patch releases will be made, even for critical security issues, after this date. For better performance, improved security, and new features, [upgrade to the newest version of {% data variables.product.prodname_ghe_server %}](/enterprise-server@3.1/admin/enterprise-management/upgrading-github-enterprise-server) as soon as possible.' + - heading: Deprecation of Legacy GitHub App Webhook Events + notes: + - 'Starting with {% data variables.product.prodname_ghe_server %} 2.21.0 two legacy GitHub Apps-related webhook events have been deprecated and will be removed in {% data variables.product.prodname_ghe_server %} 3.2.0. The deprecated events `integration_installation` and `integration_installation_repositories` have equivalent events which will be supported. More information is available in the [deprecation announcement blog post](https://developer.github.com/changes/2020-04-15-replacing-the-installation-and-installation-repositories-events/).' + - heading: Deprecation of Legacy GitHub Apps Endpoint + notes: + - Starting with {% data variables.product.prodname_ghe_server %} 2.21.0 the legacy GitHub Apps endpoint for creating installation access tokens was deprecated and will be removed in {% data variables.product.prodname_ghe_server %} 3.2.0. More information is available in the [deprecation announcement blog post](https://developer.github.com/changes/2020-04-15-replacing-create-installation-access-token-endpoint/). + - heading: Deprecation of OAuth Application API + notes: + - 'GitHub no longer supports the OAuth application endpoints that contain `access_token` as a path parameter. We have introduced new endpoints that allow you to securely manage tokens for OAuth Apps by moving `access_token` to the request body. While deprecated, the endpoints are still accessible in this version. We intend to remove these endpoints on {% data variables.product.prodname_ghe_server %} 3.4. For more information, see the [deprecation announcement blog post](https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/).' + - heading: Deprecation of GitHub Actions short SHA support + notes: + - '{% data variables.product.prodname_actions %} will remove support for referencing actions using the shortened version of a git commit SHA. This may cause some workflows in your repository to break. To fix these workflows, you will need to update the action reference to use the full commit SHA. For more information, see "[Security hardening for {% data variables.product.prodname_actions %}](/actions/learn-github-actions/security-hardening-for-github-actions#using-third-party-actions)."' + - heading: Deprecation of XenServer Hypervisor support + notes: + - Beginning in {% data variables.product.prodname_ghe_server %} 3.1, we will begin discontinuing support for Xen Hypervisor. The complete deprecation is scheduled for {% data variables.product.prodname_ghe_server %} 3.3, following the standard one year deprecation window. + - heading: Change to the format of authentication tokens affects GitHub Connect + notes: + # https://github.com/github/releases/issues/1235 + - | + GitHub Connect will no longer work after June 3rd for instances running GitHub Enterprise Server 3.1 or older, due to the format of GitHub authentication tokens changing. To continue using GitHub Connect, upgrade to GitHub Enterprise Server 3.2 or later. For more information, see the [GitHub Blog](https://github.blog/2022-05-20-action-needed-by-github-connect-customers-using-ghes-3-1-and-older-to-adopt-new-authentication-token-format-updates/). [Updated: 2022-06-14] + + backups: + - '{% data variables.product.prodname_ghe_server %} 3.1 requires at least [GitHub Enterprise Backup Utilities 3.1.0](https://github.com/github/backup-utils) for [Backups and Disaster Recovery](/enterprise-server@3.1/admin/configuration/configuring-backups-on-your-appliance).' diff --git a/translations/zh-CN/data/release-notes/enterprise-server/3-1/13.yml b/translations/zh-CN/data/release-notes/enterprise-server/3-1/13.yml new file mode 100644 index 0000000000..b6b479d82a --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/3-1/13.yml @@ -0,0 +1,23 @@ +date: '2021-12-07' +sections: + security_fixes: + - 支持包可以包含敏感文件,前提是它们满足一组特定条件。 + - "在 GitHub Enterprise Server 中发现了一个 UI 虚假陈述漏洞,该漏洞允许在 GitHub 应用程序的用户授权 Web 流期间授予比在审批期间向用户显示的更多权限。此漏洞影响 GitHub Enterprise Server 3.3 之前的所有版本,已在 3.2.5、3.1.13 和 3.0.21 中修复。此漏洞通过 GitHub Bug 赏金计划报告,编号为 [CVE-2021-41598](https://www.cve.org/CVERecord?id=CVE-2021-41598)。" + - "在 GitHub Enterprise Server 中发现了一个在构建 GitHub Pages 站点时可以利用的远程代码执行漏洞。此漏洞影响 GitHub Enterprise Server 3.3 之前的所有版本,已在 3.0.21、3.1.13 和 3.2.5 中修复。此漏洞通过 GitHub Bug 赏金计划报告,编号为 [CVE-2021-41599](https://www.cve.org/CVERecord?id=CVE-2021-41599)。更新时间:2022 年 2 月 17 日" + bugs: + - 由于 `/data/user/tmp/pages` 中存在权限问题,运行 `ghe-config-apply` 有时可能会失败。 + - 管理控制台中的错误配置导致了调度错误。 + - Docker 会在日志轮换后保持日志文件打开。 + - GraphQL 请求未在预接收挂钩环境中设置 GITHUB_USER_IP 变量。 + changes: + - 阐明了文档中对 Actions 路径样式的解释。 + - 更新支持联系 URL 以使用当前支持站点 support.github.com。 + known_issues: + - "{% data variables.product.prodname_registry %} npm 注册表不再在元数据响应中返回时间值。这样可以大幅改善性能。我们继续拥有将时间值作为元数据响应的一部分返回所需的所有数据,并将在以后解决现有性能问题后恢复返回该值。" + - "在新建的没有任何用户的 {% data variables.product.prodname_ghe_server %} 上,攻击者可以创建第一个管理员用户。" + - 自定义防火墙规则在升级过程中被删除。 + - "[通过 Web 界面上传](https://github.com/blog/2105-upload-files-to-your-repositories)的 Git LFS 跟踪文件被错误地直接添加到存储库。" + - 如果问题包含文件路径长于 255 个字符的同一存储库中 blob 的永久链接,则问题无法关闭。 + - 在 GitHub Connect 中启用了“用户可以搜索 GitHub.com”时,专用和内部存储库中的问题不包括在 GitHub.com 搜索结果中。 + - "如果为 {% data variables.product.prodname_ghe_server %} 启用 {% data variables.product.prodname_actions %},将能使用 `ghe-repl-teardown` 成功拆解副本节点,但是可能会返回 `ERROR:Running migrations`。" + - 特定于处理预接收挂钩的资源限制可能导致部分预接收挂钩失败。 diff --git a/translations/zh-CN/data/release-notes/enterprise-server/3-1/21.yml b/translations/zh-CN/data/release-notes/enterprise-server/3-1/21.yml new file mode 100644 index 0000000000..da3e9b4d50 --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/3-1/21.yml @@ -0,0 +1,25 @@ +date: '2022-05-17' +sections: + security_fixes: + - '**中:**发现了 nginx 解析器中的一个安全问题,可以从 DNS 服务器伪造 UDP 数据包的攻击者可能导致 1 字节内存覆盖,从而导致工作进程崩溃或其他潜在的破坏性影响。该漏洞的编号为 [CVE-2021-23017](https://nvd.nist.gov/vuln/detail/CVE-2021-23017)。' + - "更新了 `actions/checkout@v2` 和 `actions/checkout@v3` 操作以解决 [Git 安全措施实施博客文章](https://github.blog/2022-04-12-git-security-vulnerability-announced/)中公布的新漏洞。" + - 包已更新到最新的安全版本。 + bugs: + - 在某些群集拓扑中,`ghe-cluster-status` 命令会在 `/tmp` 中留下空目录。 + - SNMP 错误地将大量 `Cannot statfs` 错误消息记录到 syslog。 + - 对于配置了 SAML 身份验证和启用内置回退的实例,内置用户在尝试从退出登录后生成的页面登录时会陷入“登录”循环。 + - 使用 SAML 加密断言时,某些断言未正确将 SSH 密钥标记为已验证。 + - '当存储库具有包含非 ASCII 字符的标记时,发布页面将返回 500 错误。[更新时间:2022-06-10]' + changes: + - 在高可用性配置中,阐明管理控制台中的复制概述页面仅显示当前复制配置,而不是当前复制状态。 + - "启用 {% data variables.product.prodname_registry %} 时,阐明不支持使用共享访问签名 (SAS) 令牌作为连接字符串。" + - 支持包现在包括存储在 MySQL 中的表的行数。 + known_issues: + - "{% data variables.product.prodname_registry %} npm 注册表不再在元数据响应中返回时间值。这样可以大幅改善性能。我们继续拥有将时间值作为元数据响应的一部分返回所需的所有数据,并将在以后解决现有性能问题后恢复返回该值。" + - "在新建的没有任何用户的 {% data variables.product.prodname_ghe_server %} 实例上,攻击者可以创建第一个管理员用户。" + - 自定义防火墙规则在升级过程中被删除。 + - "[通过 Web 界面上传](https://github.com/blog/2105-upload-files-to-your-repositories)的 Git LFS 跟踪文件被错误地直接添加到存储库。" + - 如果问题包含文件路径长于 255 个字符的同一存储库中 blob 的永久链接,则问题无法关闭。 + - "对 {% data variables.product.prodname_github_connect %} 启用“用户可以搜索 GitHub.com”后,专用和内部存储库中的问题不包括在 {% data variables.product.prodname_dotcom_the_website %} 搜索结果中。" + - "如果为 {% data variables.product.prodname_ghe_server %} 启用 {% data variables.product.prodname_actions %},将能使用 `ghe-repl-teardown` 成功拆解副本节点,但是可能会返回 `ERROR:Running migrations`。" + - 特定于处理预接收挂钩的资源限制可能导致部分预接收挂钩失败。 diff --git a/translations/zh-CN/data/release-notes/enterprise-server/3-1/22.yml b/translations/zh-CN/data/release-notes/enterprise-server/3-1/22.yml new file mode 100644 index 0000000000..aa5edba89b --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/3-1/22.yml @@ -0,0 +1,20 @@ +date: '2022-06-09' +sections: + security_fixes: + - 包已更新到最新的安全版本。 + bugs: + - "如果主机名字符串以“.”开头(句点字符),则 {% data variables.product.prodname_ghe_server %} 配置文件中用于验证主机名的内部脚本将返回错误。" + - 在主节点的主机名超过 60 个字符的 HA 配置中,MySQL 将无法配置。 + - 站点管理员仪表板中报告的“跨整个实例的最大提交者”的计算不正确。 + - "使用 {% data variables.product.prodname_enterprise_backup_utilities %} 执行还原时,存储库复制的数据库输入不正确导致数据库损坏。" + changes: + - 在 Elasticsearch 报告有效的标黄状态的 HA 配置中,之前修复中引入的更改将阻止 `ghe-repl-stop` 命令,并且不允许停止复制。当服务处于正常或有效标黄状态时,使用 `ghe-repo-stop --force` 将强制 Elasticsearch 停止运行。 + known_issues: + - "{% data variables.product.prodname_registry %} npm 注册表不再在元数据响应中返回时间值。这样可以大幅改善性能。我们继续拥有将时间值作为元数据响应的一部分返回所需的所有数据,并将在以后解决现有性能问题后恢复返回该值。" + - "在新建的没有任何用户的 {% data variables.product.prodname_ghe_server %} 实例上,攻击者可以创建第一个管理员用户。" + - 自定义防火墙规则在升级过程中被删除。 + - "[通过 Web 界面上传](https://github.com/blog/2105-upload-files-to-your-repositories)的 Git LFS 跟踪文件被错误地直接添加到存储库。" + - 如果问题包含文件路径长于 255 个字符的同一存储库中 Blob 的永久链接,则问题无法关闭。 + - "对 {% data variables.product.prodname_github_connect %} 启用“用户可以搜索 GitHub.com”后,专用和内部存储库中的问题不包括在 {% data variables.product.prodname_dotcom_the_website %} 搜索结果中。" + - "如果为 {% data variables.product.prodname_ghe_server %} 启用 {% data variables.product.prodname_actions %},将能使用 `ghe-repl-teardown` 成功拆解副本节点,但是可能会返回 `ERROR:Running migrations`。" + - 特定于处理预接收挂钩的资源限制可能导致部分预接收挂钩失败。 diff --git a/translations/zh-CN/data/release-notes/enterprise-server/3-1/5.yml b/translations/zh-CN/data/release-notes/enterprise-server/3-1/5.yml new file mode 100644 index 0000000000..db2fc553e8 --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/3-1/5.yml @@ -0,0 +1,20 @@ +date: '2021-08-10' +sections: + bugs: + - '使用 bash 子 shell 的自定义预接收挂钩将返回错误:`No such file or directory`。' + - 如果在不运行定期计划备份的情况下启用 GitHub Actions,则 MSSQL 事务日志可能会无限增长,并且会占用设备数据磁盘上的所有可用空间,从而可能导致中断。 + - 不必要的数据库日志记录在使用大量 LFS 的实例上消耗了大量磁盘空间。 + - 对“存储库创建”组织设置所做更改的审核日志条目不准确。 + - "过多记录 `ActionController::UnknownFormat` 异常会导致不必要的磁盘使用。" + - "LDAP `group_dn` 值超过 255 个字符将导致记录错误:`Data truncated for column 'group_dn' at row 1`。" + changes: + - 滥用速率限制现在称为辅助速率限制,因为它们限制的行为并不总是滥用。 + known_issues: + - "{% data variables.product.prodname_registry %} npm 注册表不再在元数据响应中返回时间值。这样可以大幅改善性能。我们继续拥有将时间值作为元数据响应的一部分返回所需的所有数据,并将在以后解决现有性能问题后恢复返回该值。" + - "在新建的没有任何用户的 {% data variables.product.prodname_ghe_server %} 上,攻击者可以创建第一个管理员用户。" + - 自定义防火墙规则在升级过程中被删除。 + - "[通过 Web 界面上传](https://github.com/blog/2105-upload-files-to-your-repositories)的 Git LFS 跟踪文件被错误地直接添加到存储库。" + - 如果问题包含文件路径长于 255 个字符的同一存储库中 blob 的永久链接,则问题无法关闭。 + - 在 GitHub Connect 中启用了“用户可以搜索 GitHub.com”时,专用和内部存储库中的问题不包括在 GitHub.com 搜索结果中。 + - "如果为 {% data variables.product.prodname_ghe_server %} 启用 {% data variables.product.prodname_actions %},将能使用 `ghe-repl-teardown` 成功拆解副本节点,但是可能会返回 `ERROR:Running migrations`。" + - 特定于处理预接收挂钩的资源限制可能导致部分预接收挂钩失败。 diff --git a/translations/zh-CN/data/release-notes/enterprise-server/3-2/0.yml b/translations/zh-CN/data/release-notes/enterprise-server/3-2/0.yml new file mode 100644 index 0000000000..ba34f7a61d --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/3-2/0.yml @@ -0,0 +1,317 @@ +date: '2021-09-28' +intro: For upgrade instructions, see "[Upgrading {% data variables.product.prodname_ghe_server %}](/admin/enterprise-management/updating-the-virtual-machine-and-physical-resources/upgrading-github-enterprise-server)." +sections: + features: + - heading: Custom patterns for secret scanning + notes: + # https://github.com/github/releases/issues/1426 + - | + {% data variables.product.prodname_GH_advanced_security %} customers can now specify custom patterns for secret scanning. When a new pattern is specified, secret scanning searches a repository's entire Git history for the pattern, as well as any new commits. + + User defined patterns are in beta for {% data variables.product.prodname_ghe_server %} 3.2. They can be defined at the repository, organization, and enterprise levels. For more information, see "[Defining custom patterns for secret scanning](/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning)." + + - heading: Security overview for Advanced Security (beta) + notes: + # https://github.com/github/releases/issues/1381 + - | + {% data variables.product.prodname_GH_advanced_security %} customers now have an organization-level view of the application security risks detected by {% data variables.product.prodname_code_scanning %}, {% data variables.product.prodname_dependabot %}, and {% data variables.product.prodname_secret_scanning %}. The security overview shows the enablement status of security features on each repository, as well as the number of alerts detected. + + In addition, the security overview lists all {% data variables.product.prodname_secret_scanning %} alerts at the organization level. Similar views for {% data variables.product.prodname_dependabot %} and {% data variables.product.prodname_code_scanning %} alerts are coming in future releases. For more information, see "[About the security overview](/code-security/security-overview/about-the-security-overview)." + + ![Screenshot of security overview](/assets/images/enterprise/3.2/release-notes/security-overview-UI.png) + + - heading: Dependency review (beta) + notes: + # https://github.com/github/releases/issues/1364 + - | + {% data variables.product.prodname_GH_advanced_security %} customers can now see a rich diff of the dependencies changed in a pull request. Dependency review provides an easy-to-understand view of dependency changes and their security impact in the "Files changed" tab of pull requests. It informs you of which dependencies were added, removed, or updated, along with vulnerability information for these dependencies. For more information, see "[Reviewing dependency changes in a pull request](/github/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-dependency-changes-in-a-pull-request)." + + - heading: GitHub Actions environments + notes: + # https://github.com/github/releases/issues/1308 + - | + Environments, environment protection rules, and environment secrets are now generally available for {% data variables.product.prodname_actions %} on {% data variables.product.product_name %}. For more information, see "[Environments](/actions/reference/environments)." + + ![Environment protection rules](/assets/images/enterprise/3.2/release-notes/actions-environments.png) + + - heading: SSH authentication with security keys + notes: + # https://github.com/github/releases/issues/1276 + - | + SSH authentication using a FIDO2 security key is now supported when you add a `sk-ecdsa-sha2-nistp256@openssh.com` or `sk-ssh-ed25519@openssh.com` SSH key to your account. SSH security keys store secret key material on a separate hardware device that requires verification, such as a tap, to operate. For more information, see "[Generating a new SSH key and adding it to the ssh-agent](/github/authenticating-to-github/connecting-to-github-with-ssh/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent#generating-a-new-ssh-key-for-a-hardware-security-key)." + + - heading: 'Dark and dark dimmed themes' + notes: + # https://github.com/github/releases/issues/1260 + - | + Dark and dark dimmed themes are now available for the web UI. {% data variables.product.product_name %} will match your system preferences when you haven't set theme preferences in {% data variables.product.product_name %}. You can also choose which themes are active during the day and night. For more information, see "[Managing your theme settings](/github/setting-up-and-managing-your-github-user-account/managing-user-account-settings/managing-your-theme-settings)." + + ![Dark and dark dimmed themes](https://user-images.githubusercontent.com/33528647/114629560-d2231f80-9c86-11eb-9bde-cc301a97040d.gif) + + - heading: 'Approving unverified domains for email notifications' + notes: + # https://github.com/github/releases/issues/1244 + - Domains that are not able to be verified can now be approved for email notification routing. Enterprise and organization owners will be able to approve domains and immediately augment their email notification restriction policy, allowing notifications to be sent to collaborators, consultants, acquisitions, or other partners. For more information, see "[Verifying or approving a domain for your enterprise](/admin/configuration/configuring-your-enterprise/verifying-or-approving-a-domain-for-your-enterprise#about-approval-of-domains)" and "[Restricting email notifications for your enterprise](/admin/policies/enforcing-policies-for-your-enterprise/restricting-email-notifications-for-your-enterprise#restricting-email-notifications-for-your-enterprise-account)." + + - heading: 'Git Credential Manager (GCM) secure credential storage and multi-factor authentication support' + notes: + # https://github.com/github/releases/issues/1406 + - | + Git Credential Manager (GCM) versions 2.0.452 and later now provide security-hardened credential storage and multi-factor authentication support for {% data variables.product.product_name %}. + + GCM with support for {% data variables.product.product_name %} is included with [Git for Windows](https://gitforwindows.org) versions 2.32 and later. GCM is not included with Git for macOS or Linux, but can be installed separately. For more information, see the [latest release](https://github.com/GitCredentialManager/git-credential-manager/releases/) and [installation instructions](https://github.com/GitCredentialManager/git-credential-manager/releases/) in the `GitCredentialManager/git-credential-manager` repository. + + changes: + - heading: Administration Changes + notes: + # https://github.com/github/releases/issues/1309 + - A 'User Agent Referrer Policy' setting has been added to the enterprise settings. This allows an admin to set a stricter `Referrer-Policy` to hide the hostname of a {% data variables.product.prodname_ghe_server %} installation from external sites. The setting is disabled by default and is tracked by audit log events for staff and enterprise owners when enabled or disabled. For more information, see "[Configuring Referrer Policy for your enterprise](/admin/configuration/configuring-your-enterprise/configuring-the-referrer-policy-for-your-enterprise)." + + # https://github.com/github/releases/issues/1515 + - The MySQL health check was changed to use `mysqladmin ping` instead of TCP checks, which removes some unnecessary noise in the MySQL error log. Also, Orchestrator failover checks were improved to prevent unnecessary MySQL failovers when applying cluster config changes. + + # https://github.com/github/releases/issues/1287 + - The Resque service, which supports background job processing, has been replaced with Aqueduct Lite. This change makes the job system easier to manage and should not affect the user experience. For the new administration and debugging commands for Aqueduct, see "[Command-line utilities](/admin/configuration/configuring-your-enterprise/command-line-utilities#ghe-aqueduct)." + + - heading: Token Changes + notes: + # https://github.com/github/releases/issues/1235 + - | + The format of authentication tokens for {% data variables.product.product_name %} has changed. The change affects the format of personal access tokens and access tokens for {% data variables.product.prodname_oauth_apps %}, as well as user-to-server, server-to-server, and refresh tokens for {% data variables.product.prodname_github_apps %}. + + The different token types now have unique identifiable prefixes, which allows for secret scanning to detect the tokens so that you can mitigate the impact of someone accidentally committing a token to a repository. {% data variables.product.company_short %} recommends updating existing tokens as soon as possible. For more information, see "[About authentication to {% data variables.product.prodname_dotcom %}](/github/authenticating-to-github/keeping-your-account-and-data-secure/about-authentication-to-github#githubs-token-formats)" and "[About {% data variables.product.prodname_secret_scanning %}](/code-security/secret-security/about-secret-scanning)." + + - heading: 'Repositories changes' + notes: + # https://github.com/github/releases/issues/1295 + - Repositories on user profiles and organization profiles now support sorting by star count. + + # https://github.com/github/releases/issues/1327 + - When viewing the commit history of a single file, you can now click {% octicon "file-code" aria-label="The code icon" %} to view that file at the selected point in history. + + # https://github.com/github/releases/issues/1254 + - When a submodule is defined with a relative path in {% data variables.product.product_location %}, the submodule is now clickable in the web UI. Clicking the submodule in the web UI will take you to the linked repository. Previously, only submodules with absolute URLs were clickable. This is supported for relative paths for repositories with the same owner that follow the pattern ../REPOSITORY or relative paths for repositories with a different owner that follow the pattern ../OWNER/REPOSITORY. For more information about working with submodules, see [Working with submodules](https://github.blog/2016-02-01-working-with-submodules/) on {% data variables.product.prodname_blog %}. + + # https://github.com/github/releases/issues/1250 + - The web UI can now be used to synchronize an out-of-date branch of a fork with the fork's upstream branch. If there are no merge conflicts between the branches, the branch is updated either by fast-forwarding or by merging from upstream. If there are conflicts, you will be prompted to create a pull request to resolve the conflicts. For more information, see "[Syncing a fork](/github/collaborating-with-pull-requests/working-with-forks/syncing-a-fork#syncing-a-fork-from-the-web-ui)." + + - heading: 'Markdown changes' + notes: + # https://github.com/github/releases/issues/1477 + - The markdown editor used when creating or editing a release in a repository now has a text-editing toolbar. For more information, see "[Managing releases in a repository](/github/administering-a-repository/releasing-projects-on-github/managing-releases-in-a-repository#creating-a-release)." + + # https://github.com/github/releases/issues/1169 + - Uploading video files is now supported everywhere you write Markdown on {% data variables.product.product_name %}. Share demos, reproduction steps, and more in your issue and pull request comments, as well as in Markdown files within repositories, such as READMEs. For more information, see "[Attaching files](/github/writing-on-github/working-with-advanced-formatting/attaching-files)." + + # https://github.com/github/releases/issues/1269 + - Markdown files will now automatically generate a table of contents in the header when there are 2 or more headings. The table of contents is interactive and links to the selected section. All 6 Markdown heading levels are supported. + + # https://github.com/github/releases/issues/1294 + - 'There is a new keyboard shortcut, `cmd+e` on macOS or `ctrl+e` on Windows, to insert codeblocks in Markdown files, issues, pull requests, and comments.' + + # https://github.com/github/releases/issues/1474 + - Appending `?plain=1` to the URL for any Markdown file will now display the file without rendering and with line numbers. The plain view can be used to link other users to specific lines. For example, appending `?plain=1#L52` will highlight line 52 of a plain text Markdown file. For more information, "[Creating a permanent link to a code snippet](/github/writing-on-github/working-with-advanced-formatting/creating-a-permanent-link-to-a-code-snippet#linking-to-markdown)." + + - heading: 'Issues and pull requests changes' + notes: + # https://github.com/github/releases/issues/1413 + - With the [latest version of Octicons](https://github.com/primer/octicons/releases), the states of issues and pull requests are now more visually distinct so you can scan their status more easily. For more information, see [{% data variables.product.prodname_blog %}](https://github.blog/changelog/2021-06-08-new-issue-and-pull-request-state-icons/). + + # https://github.com/github/releases/issues/1419 + - A new "Require conversation resolution before merging" branch protection rule and "Conversations" menu is now available. Easily discover your pull request comments from the "Files changed" tab, and require that all your pull request conversations are resolved before merging. For more information, see "[About pull request reviews](/github/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/about-pull-request-reviews#discovering-and-navigating-conversations)" and "[About protected branches](/github/administering-a-repository/defining-the-mergeability-of-pull-requests/about-protected-branches#require-conversation-resolution-before-merging)." + + # https://github.com/github/releases/issues/1279 + - To prevent the merge of unexpected changes after auto-merge is enabled for a pull request, auto-merge is now disabled automatically when new changes are pushed by a user without write access to the repository. Users without write access can still update the pull request with changes from the base branch when auto-merge is enabled. To prevent a malicious user from using a merge conflict to introduce unexpected changes to the pull request, auto-merge for the pull request is disabled if the update causes a merge conflict. For more information about auto-merge, see "[Automatically merging a pull request](/github/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/automatically-merging-a-pull-request)." + + # https://github.com/github/releases/issues/1550 + - People with maintain permissions can now manage the repository-level "Allow auto-merge" setting. This setting, which is off by default, controls whether auto-merge is available on pull requests in the repository. Previously, only people with admin permissions could manage this setting. Additionally, this setting can now by controlled using the "[Create a repository](/rest/reference/repos#create-an-organization-repository)" and "[Update a repository](/rest/reference/repos#update-a-repository)" REST APIs. For more information, see "[Managing auto-merge for pull requests in your repository](/github/administering-a-repository/configuring-pull-request-merges/managing-auto-merge-for-pull-requests-in-your-repository)." + + # https://github.com/github/releases/issues/1201 + - The assignees selection for issues and pull requests now supports type ahead searching so you can find users in your organization faster. Additionally, search result rankings have been updated to prefer matches at the start of a person's username or profile name. + + # https://github.com/github/releases/issues/1430 + - When a review is requested from a team of more than 100 people, developers are now shown a confirmation dialog box in order to prevent unnecessary notifications for large teams. + + # https://github.com/github/releases/issues/1293 + - Back-tick `code blocks` are now supported in issue titles, pull request titles, and in any place issue and pull request titles are referenced in {% data variables.product.prodname_ghe_server %}. + + # https://github.com/github/releases/issues/1300 + - Events for pull requests and pull request reviews are now included in the audit log for both [enterprises](/admin/user-management/managing-users-in-your-enterprise/auditing-users-across-your-enterprise) and [organizations](/organizations/keeping-your-organization-secure/reviewing-the-audit-log-for-your-organization). These events help admins better monitor pull request activity and help ensure security and compliance requirements are being met. Events can be viewed from the web UI, exported as CSV or JSON, or accessed via REST API. You can also search the audit log for specific pull request events. For more information, see "[Reviewing the audit log for your organization](/organizations/keeping-your-organization-secure/reviewing-the-audit-log-for-your-organization#pull_request-category-actions)." + + - heading: 'Branches changes' + notes: + # https://github.com/github/releases/issues/885 + - | + The default branch name for new repositories is now `main`. Existing repositories are not impacted by this change. If users, organization owners, or enterprise owners have previously specified a default branch for new repositories, they are also not impacted. + + If you want to set a different default branch name, you can do so in the [user](/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/managing-the-default-branch-name-for-your-repositories), [organization](/organizations/managing-organization-settings/managing-the-default-branch-name-for-repositories-in-your-organization), or [enterprise](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-on-the-default-branch-name) settings. + + # https://github.com/github/releases/issues/981 + - | + Branches, including the default branch, can now be renamed using the the {% data variables.product.product_name %} web UI. When a branch is renamed, any open pull requests and draft releases targeting the renamed branch will be retargeted automatically, and branch protection rules that explicitly reference the renamed branch will be updated. + + Admin permissions are required to rename the default branch, but write permissions are sufficient to rename other branches. + + To help make the change as seamless as possible for users: + + * A notice is shown to contributors, maintainers, and admins on the repository homepage with instructions for updating their local repository. + * Web requests to the old branch will be redirected. + * A "moved permanently" HTTP response will be returned to REST API calls. + * An informational message is displayed to Git command line users that push to the old branch. + + For more information, see "[Renaming a branch](/github/administering-a-repository/managing-branches-in-your-repository/renaming-a-branch)." + + - heading: 'GitHub Actions changes' + notes: + # https://github.com/github/releases/issues/1227 + - '{% data variables.product.prodname_actions %} now lets you control the permissions granted to the `GITHUB_TOKEN` secret. The `GITHUB_TOKEN` is an automatically-generated secret that lets you make authenticated calls to the API for {% data variables.product.product_name %} in your workflow runs. {% data variables.product.prodname_actions %} generates a new token for each job and expires the token when a job completes. The token usually has `write` permissions to a number of [API endpoints](/actions/reference/authentication-in-a-workflow#permissions-for-the-github_token), except in the case of pull requests from forks, which are always `read`. These new settings allow you to follow a principle of least privilege in your workflows. For more information, see "[Authentication in a workflow](/actions/reference/authentication-in-a-workflow#modifying-the-permissions-for-the-github_token)."' + + # https://github.com/github/releases/issues/1280 + - '{% data variables.product.prodname_cli %} 1.9 and later allows you to work with {% data variables.product.prodname_actions %} in your terminal. For more information, see the [{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-04-15-github-cli-1-9-enables-you-to-work-with-github-actions-from-your-terminal/).' + + # https://github.com/github/releases/issues/1157 + - The audit log now includes events associated with {% data variables.product.prodname_actions %} workflow runs. This data provides administrators with a greatly expanded data set for security and compliance audits. For more information, see "[Reviewing the audit log for your organization](/organizations/keeping-your-organization-secure/reviewing-the-audit-log-for-your-organization#workflows-category-actions)." + + # https://github.com/github/releases/issues/1587 + - | + {% data variables.product.prodname_ghe_server %} 3.2 contains performance improvements for job concurrency with {% data variables.product.prodname_actions %}. For more information about the new performance targets for a range of CPU and memory configurations, see "[Getting started with {% data variables.product.prodname_actions %} for {% data variables.product.prodname_ghe_server %}](/admin/github-actions/enabling-github-actions-for-github-enterprise-server/getting-started-with-github-actions-for-github-enterprise-server#review-hardware-considerations)." + * The "Maximum Concurrency" values were modified to reflect our most up to date performance testing. [Updated: 2021-12-07] + + - The [{% data variables.product.prodname_actions %} Runner](https://github.com/actions/runner) application in {% data variables.product.prodname_ghe_server %} 3.2 has been updated to [v2.279.0](https://github.com/actions/runner/releases/tag/v2.279.0). + + - heading: 'GitHub Packages changes' + notes: + # https://github.com/github/releases/issues/1088 + - Any package or package version for {% data variables.product.prodname_registry %} can now be deleted from {% data variables.product.product_name %}'s web UI. You can also undo the deletion of any package or package version within 30 days. For more information, see "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)". + + - heading: 'Dependabot and Dependency graph changes' + notes: + # https://github.com/github/releases/issues/1537 + - The dependency graph can now be enabled using the Management Console, rather than needing to run a command in the administrative shell. For more information, see "[Enabling alerts for vulnerable dependencies {% data variables.product.prodname_ghe_server %}](/admin/configuration/managing-connections-between-github-enterprise-server-and-github-enterprise-cloud/enabling-alerts-for-vulnerable-dependencies-on-github-enterprise-server#enabling-the-dependency-graph-and-dependabot-alerts-for-vulnerable-dependencies-on-github-enterprise-server)." + + # https://github.com/github/releases/issues/1153 + - Notifications for multiple {% data variables.product.prodname_dependabot_alerts %} are now grouped together if they're discovered at the same time. This significantly reduces the volume of {% data variables.product.prodname_dependabot %} alert notifications that users receive. For more information, see the [{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-03-18-grouped-dependabot-alert-notifications/). + + # https://github.com/github/releases/issues/1371 + - Dependency graph and {% data variables.product.prodname_dependabot_alerts %} now support Go modules. {% data variables.product.prodname_ghe_server %} analyzes a repository's `go.mod` files to understand the repository’s dependencies. Along with security advisories, the dependency graph provides the information needed to alert developers to vulnerable dependencies. For more information about enabling the dependency graph on private repositories, see "[Securing your repository](/code-security/getting-started/securing-your-repository#managing-the-dependency-graph)." + + # https://github.com/github/releases/issues/1538 + - The default notification settings for security alerts have changed. Previously, if you had permission to view security alerts in a repository, you would receive notifications for that repository as long as your settings allowed for security alert notifications. Now, you must opt in to security alert notifications by watching the repository. You will be notified if you select `All Activity` or configure `Custom` to include `Security alerts`. All existing repositories will be automatically migrated to these new settings and you will continue to receive notifications; however, any new repositories will require opting-in by watching the repository. For more information see "[Configuring notifications for {% data variables.product.prodname_dependabot_alerts %}](/code-security/dependabot/dependabot-alerts/configuring-notifications-for-dependabot-alerts)" and "[Managing alerts from secret scanning](/code-security/secret-security/managing-alerts-from-secret-scanning)." + + - heading: 'Code scanning and secret scanning changes' + notes: + # https://github.com/github/releases/issues/1352 + - '{% data variables.product.prodname_code_scanning_capc %} with {% data variables.product.prodname_codeql %} now generates diagnostic information for all supported languages. This helps check the state of the created database to understand the status and quality of performed analysis. The diagnostic information is available starting in [version 2.5.6](https://github.com/github/codeql-cli-binaries/releases) of the [{% data variables.product.prodname_codeql_cli %}](https://codeql.github.com/docs/codeql-cli/). You can see the detailed diagnostic information in the {% data variables.product.prodname_actions %} logs for {% data variables.product.prodname_codeql %}. For more information, see "[Viewing code scanning logs](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/viewing-code-scanning-logs)."' + + # https://github.com/github/releases/issues/1360 + - '{% data variables.product.prodname_code_scanning_capc %} with {% data variables.product.prodname_codeql_cli %} now supports analyzing several languages during a single build. This makes it easier to run code analysis to use CI/CD systems other than {% data variables.product.prodname_actions %}. The new mode of the `codeql database create` command is available starting [version 2.5.6](https://github.com/github/codeql-cli-binaries/releases) of the [{% data variables.product.prodname_codeql_cli %}](https://codeql.github.com/docs/codeql-cli/). For more information about setting this up, see "[Installing {% data variables.product.prodname_codeql_cli %} in your CI system](/code-security/secure-coding/using-codeql-code-scanning-with-your-existing-ci-system/running-codeql-cli-in-your-ci-system)."' + + # https://github.com/github/releases/issues/1160 + - '{% data variables.product.prodname_code_scanning_capc %} alerts from all enabled tools are now shown in one consolidated list, so that you can easily prioritize across all alerts. You can view alerts from a specific tool by using the "Tool" filter, and the "Rule" and "Tag" filters will dynamically update based on your "Tool" selection.' + + # https://github.com/github/releases/issues/1454 + - '{% data variables.product.prodname_code_scanning_capc %} with {% data variables.product.prodname_codeql %} now includes beta support for analyzing C++20 code. This is only available when building codebases with GCC on Linux. C++20 modules are not supported yet.' + + # https://github.com/github/releases/issues/1375 + - The depth of {% data variables.product.prodname_codeql %}'s analysis has been improved by adding support for more [libraries and frameworks](https://codeql.github.com/docs/codeql-overview/supported-languages-and-frameworks/) and increasing the coverage of our existing library and framework models for several languages ([C++](https://github.com/github/codeql/tree/main/cpp), [JavaScript](https://github.com/github/codeql/tree/main/javascript), [Python](https://github.com/github/codeql/tree/main/python), and [Java](https://github.com/github/codeql/tree/main/java)). As a result, {% data variables.product.prodname_codeql %} can now detect even more potential sources of untrusted user data, review the steps through which that data flows, and identify potentially dangerous sinks in which this data could end up. This results in an overall improvement of the quality of the {% data variables.product.prodname_code_scanning %} alerts. For more information, see the [{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-07-01-codeql-code-scanning-now-recognizes-more-sources-and-uses-of-untrusted-user-data/). + + # https://github.com/github/releases/issues/1335 + # https://github.com/github/releases/issues/1314 + - | + {% data variables.product.prodname_code_scanning_capc %} now shows `security-severity` levels for CodeQL security alerts. You can configure which `security-severity` levels will cause a check failure for a pull request. The severity level of security alerts can be `critical`, `high`, `medium`, or `low`. By default, any {% data variables.product.prodname_code_scanning %} alerts with a `security-severity` of `critical` or `high` will cause a pull request check failure. + + Additionally, you can now also configure which severity levels will cause a pull request check to fail for non-security alerts. You can configure this behavior at the repository level, and define whether alerts with the severity `error`, `warning`, or `note` will cause a pull request check to fail. By default, non-security {% data variables.product.prodname_code_scanning %} alerts with a severity of `error` will cause a pull request check failure. + + For more information see "[Defining which alert severity levels cause pull request check failure](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#defining-the-severities-causing-pull-request-check-failure)." + + ![List of code scanning alerts with security levels](/assets/images/enterprise/3.2/release-notes/code-scanning-alerts.png) + + # https://github.com/github/releases/issues/1324 + - | + Improvements to the branch filter for {% data variables.product.prodname_code_scanning %} alerts make it clearer which {% data variables.product.prodname_code_scanning %} alerts are being displayed on the alerts page. By default, {% data variables.product.prodname_code_scanning %} alerts are filtered to show alerts for the default branch of the repository only. You can use the branch filter to display the alerts on any of the non-default branches. Any branch filter that has been applied is shown in the search bar. + + The search syntax has also been simplified to `branch:`. This syntax can be used multiple times in the search bar to filter on multiple branches. The previous syntax, `ref:refs/heads/`, is still supported, so any saved URLs will continue to work. + + # https://github.com/github/releases/issues/1313 + - | + Free text search is now available for code scanning alerts. You can search code scanning results to quickly find specific alerts without having to know exact search terms. The search is applied across the alert's name, description, and help text. The syntax is: + + - A single word returns all matches. + - Multiple search words returns matches to either word. + - Words in double quotes returns exact matches. + - The keyword 'AND' returns matches to multiple words. + + - '{% data variables.product.prodname_secret_scanning_caps %} added patterns for 23 new service providers. For the updated list of supported secrets, see "[About secret scanning](/code-security/secret-scanning/about-secret-scanning)."' + + - heading: API Changes + notes: + # https://github.com/github/releases/issues/1253 + - Pagination support has been added to the Repositories REST API's "compare two commits" endpoint, which returns a list of commits reachable from one commit or branch, but unreachable from another. The API can also now return the results for comparisons over 250 commits. For more information, see the "[Commits](/rest/reference/commits#compare-two-commits)" REST API documentation and "[Traversing with pagination](/rest/guides/traversing-with-pagination)." + + # https://github.com/github/releases/issues/969 + - The REST API can now be used to programmatically resend or check the status of webhooks. For more information, see "[Repositories](/rest/reference/repos#webhooks)," "[Organizations](/rest/reference/orgs#webhooks)," and "[Apps](/rest/reference/apps#webhooks)" in the REST API documentation. + + # https://github.com/github/releases/issues/1349 + - | + Improvements have been made to the code scanning and {% data variables.product.prodname_GH_advanced_security %} APIs: + + - The code scanning API now returns the CodeQL query version used for an analysis. This can be used to reproduce results or confirm that an analysis used the latest query. For more information, see "[Code scanning](/rest/reference/code-scanning#list-code-scanning-alerts-for-a-repository)" in the REST API documentation. + - Admin users can now use the REST API to enable or disable {% data variables.product.prodname_GH_advanced_security %} for repositories, using the `security_and_analysis` object on `repos/{org}/{repo}`. In addition, admin users can check whether {% data variables.product.prodname_advanced_security %} is currently enabled for a repository by using a `GET /repos/{owner}/{repo}` request. These changes help you manage {% data variables.product.prodname_advanced_security %} repository access at scale. For more information, see "[Repositories](/rest/reference/repos#update-a-repository)" in the REST API documentation. + + # No security/bug fixes for the RC release + # security_fixes: + # - PLACEHOLDER + + # bugs: + # - PLACEHOLDER + + known_issues: + - On a freshly set up {% data variables.product.prodname_ghe_server %} without any users, an attacker could create the first admin user. + - Custom firewall rules are removed during the upgrade process. + - Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. + - Issues cannot be closed if they contain a permalink to a blob in the same repository, where the blob's file path is longer than 255 characters. + - When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. + - The {% data variables.product.prodname_registry %} npm registry no longer returns a time value in metadata responses. This was done to allow for substantial performance improvements. We continue to have all the data necessary to return a time value as part of the metadata response and will resume returning this value in the future once we have solved the existing performance issues. + - Resource limits that are specific to processing pre-receive hooks may cause some pre-receive hooks to fail. + - '{% data reusables.release-notes.ghas-3.4-secret-scanning-known-issue %}' + + deprecations: + - heading: Deprecation of GitHub Enterprise Server 2.21 + notes: + - '**{% data variables.product.prodname_ghe_server %} 2.21 was discontinued on June 6, 2021**. That means that no patch releases will be made, even for critical security issues, after this date. For better performance, improved security, and new features, [upgrade to the newest version of {% data variables.product.prodname_ghe_server %}](/enterprise-server@3.2/admin/enterprise-management/upgrading-github-enterprise-server) as soon as possible.' + - heading: Deprecation of GitHub Enterprise Server 2.22 + notes: + - '**{% data variables.product.prodname_ghe_server %} 2.22 will be discontinued on September 23, 2021**. That means that no patch releases will be made, even for critical security issues, after this date. For better performance, improved security, and new features, [upgrade to the newest version of {% data variables.product.prodname_ghe_server %}](/enterprise-server@3.2/admin/enterprise-management/upgrading-github-enterprise-server) as soon as possible.' + - heading: Deprecation of XenServer Hypervisor support + notes: + # https://github.com/github/docs-content/issues/4439 + - Beginning in {% data variables.product.prodname_ghe_server %} 3.1, we will begin discontinuing support for Xen Hypervisor. The complete deprecation is scheduled for {% data variables.product.prodname_ghe_server %} 3.3, following the standard one year deprecation window. Please contact [GitHub Support](https://support.github.com/contact) with questions or concerns. + - heading: Removal of Legacy GitHub Services + notes: + # https://github.com/github/releases/issues/1506 + - '{% data variables.product.prodname_ghe_server %} 3.2 removes unused GitHub Service database records. More information is available in the [deprecation announcement post](https://developer.github.com/changes/2018-04-25-github-services-deprecation/).' + - heading: Deprecation of OAuth Application API endpoints and API authentication via query parameters + notes: + # https://github.com/github/releases/issues/1316 + - | + To prevent accidental logging or exposure of `access_tokens`, we discourage the use of OAuth Application API endpoints and the use of API auth via query params. Visit the following posts to see the proposed replacements: + + * [Replacement OAuth Application API endpoints](https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/#changes-to-make) + * [Replacement auth via headers instead of query param](https://developer.github.com/changes/2020-02-10-deprecating-auth-through-query-param/#changes-to-make) + + These endpoints and auth route are planned to be removed from {% data variables.product.prodname_ghe_server %} in {% data variables.product.prodname_ghe_server %} 3.4. + - heading: Removal of legacy GitHub App webhook events and endpoints + notes: + # https://github.com/github/releases/issues/965 + - | + Two legacy GitHub Apps-related webhook events have been removed: `integration_installation` and `integration_installation_repositories`. You should instead be listening to the `installation` and `installation_repositories` events. + - | + The following REST API endpoint has been removed: `POST /installations/{installation_id}/access_tokens`. You should instead be using the namespaced equivalent `POST /app/installations/{installation_id}/access_tokens`. + - heading: Change to the format of authentication tokens affects GitHub Connect + notes: + # https://github.com/github/releases/issues/1235 + - | + GitHub Connect will no longer work after June 3rd for instances running GitHub Enterprise Server 3.1 or older, due to the format of GitHub authentication tokens changing. To continue using GitHub Connect, upgrade to GitHub Enterprise Server 3.2 or later. For more information, see the [GitHub Blog](https://github.blog/2022-05-20-action-needed-by-github-connect-customers-using-ghes-3-1-and-older-to-adopt-new-authentication-token-format-updates/). [Updated: 2022-06-14] + + backups: + - '{% data variables.product.prodname_ghe_server %} 3.2 requires at least [GitHub Enterprise Backup Utilities 3.2.0](https://github.com/github/backup-utils) for [Backups and Disaster Recovery](/enterprise-server@3.2/admin/configuration/configuring-backups-on-your-appliance).' diff --git a/translations/zh-CN/data/release-notes/enterprise-server/3-2/1.yml b/translations/zh-CN/data/release-notes/enterprise-server/3-2/1.yml new file mode 100644 index 0000000000..09c7e2745f --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/3-2/1.yml @@ -0,0 +1,28 @@ +date: '2021-10-12' +sections: + security_fixes: + - '包已更新到最新的安全版本。{% comment %} https://github.com/github/enterprise2/pull/27118, https://github.com/github/enterprise2/pull/27110 {% endcomment %}' + bugs: + - '由于过于严格的虚拟内存或 CPU 时间限制,自定义预接收挂钩可能会失败。{% comment %} https://github.com/github/enterprise2/pull/26973, https://github.com/github/enterprise2/pull/26955 {% endcomment %}' + - '在 GitHub Enterprise Server 群集配置中,依赖项关系图设置可能未正确应用。{% comment %} https://github.com/github/enterprise2/pull/26981, https://github.com/github/enterprise2/pull/26861 {% endcomment %}' + - '尝试使用 `ghe-cleanup-settings` 擦除所有现有配置设置无法重启管理控制台服务。{% comment %} https://github.com/github/enterprise2/pull/26988, https://github.com/github/enterprise2/pull/26901 {% endcomment %}' + - '利用“ghe-repl-teardown”清理复制期间,Memcached 未能重启。{% comment %} https://github.com/github/enterprise2/pull/26994, https://github.com/github/enterprise2/pull/26983 {% endcomment %}' + - '在高负载期间,当上游服务未通过内部运行状况检查时,用户将收到 HTTP 503 状态代码。{% comment %} https://github.com/github/enterprise2/pull/27083, https://github.com/github/enterprise2/pull/26999 {% endcomment %}' + - '禁止预接收挂钩环境通过 Alpine 上的 BusyBox 调用 cat 命令。{% comment %} https://github.com/github/enterprise2/pull/27116, https://github.com/github/enterprise2/pull/27094 {% endcomment %}' + - '从主群集数据中心故障转移到辅助群集数据中心成功,但随后故障转移回原始主群集数据中心时未能提升 Elasticsearch 索引。{% comment %} https://github.com/github/github/pull/193182, https://github.com/github/github/pull/192447 {% endcomment %}' + - '组织的“团队”页面上的“导入团队”按钮返回了 HTTP 404。{% comment %} https://github.com/github/github/pull/193303 {% endcomment %}' + - '使用 API 禁用机密扫描正确禁用了此属性,但错误地返回了 HTTP 422 和一个错误消息。{% comment %} https://github.com/github/github/pull/193455, https://github.com/github/github/pull/192907 {% endcomment %}' + - '在某些情况下,尝试查看“休眠用户”页面的 GitHub Enterprise 管理员会收到“502 网关错误”或“504 网关超时”响应。{% comment %} https://github.com/github/github/pull/194262, https://github.com/github/github/pull/193609 {% endcomment %}' + - '由于“SynchronizePullRequestJob”作业数量的增加,在某些高负载情况下,性能会受到负面影响。{% comment %} https://github.com/github/github/pull/195256, https://github.com/github/github/pull/194591 {% endcomment %}' + - '针对机密扫描创建的用户定义模式在被删除后也会继续被扫描。{% comment %} https://github.com/github/token-scanning-service/pull/1039, https://github.com/github/token-scanning-service/pull/822 {% endcomment %}' + changes: + - 'GitHub Apps 现在将存储库上的机密扫描功能设置为与 API 一致。{% comment %} https://github.com/github/github/pull/193456, https://github.com/github/github/pull/193125 {% endcomment %}' + known_issues: + - "在新建的没有任何用户的 {% data variables.product.prodname_ghe_server %} 上,攻击者可以创建第一个管理员用户。" + - 自定义防火墙规则在升级过程中被删除。 + - "[通过 Web 界面上传](https://github.com/blog/2105-upload-files-to-your-repositories)的 Git LFS 跟踪文件被错误地直接添加到存储库。" + - 如果问题包含文件路径长于 255 个字符的同一存储库中 blob 的永久链接,则问题无法关闭。 + - 在 GitHub Connect 中启用了“用户可以搜索 GitHub.com”时,专用和内部存储库中的问题不包括在 GitHub.com 搜索结果中。 + - "{% data variables.product.prodname_registry %} npm 注册表不再在元数据响应中返回时间值。这样做是为了大幅改善性能。作为元数据响应的一部分,我们继续拥有返回时间值所需的所有数据,并将在我们解决现有性能问题后恢复返回这个值。" + - 特定于处理预接收挂钩的资源限制可能会导致某些预接收挂钩失败。 + - '{% data reusables.release-notes.ghas-3.4-secret-scanning-known-issue %}' diff --git a/translations/zh-CN/data/release-notes/enterprise-server/3-2/10.yml b/translations/zh-CN/data/release-notes/enterprise-server/3-2/10.yml new file mode 100644 index 0000000000..654001252d --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/3-2/10.yml @@ -0,0 +1,16 @@ +date: '2022-03-01' +sections: + security_fixes: + - "高:在 GitHub 的 Markdown 分析程序中发现了可能会导致信息泄漏和 RCE 的整数溢出漏洞。该漏洞由 Google Project Zero 的成员 Felix Wilhelm 通过 GitHub Bug 悬赏计划报告,编号为 CVE-2022-24724。" + bugs: + - 如果高可用性副本的时钟与主要副本不同步,升级有时会失败。 + - "在 2020 年 9 月 1 日之后创建的 OAuth 应用程序无法使用[检查授权](https://docs.github.com/en/enterprise-server@3.2/rest/reference/apps#check-an-authorization) API 终结点。" + known_issues: + - "在新建的没有任何用户的 {% data variables.product.prodname_ghe_server %} 实例上,攻击者可以创建第一个管理员用户。" + - 自定义防火墙规则在升级过程中被删除。 + - "[通过 Web 界面上传](https://github.com/blog/2105-upload-files-to-your-repositories)的 Git LFS 跟踪文件被错误地直接添加到存储库。" + - 如果问题包含同一存储库中文件路径长于 255 个字符的 blob 的永久链接,则无法关闭。 + - 在 GitHub Connect 中启用了“用户可以搜索 GitHub.com”时,专用和内部存储库中的问题不包括在 GitHub.com 搜索结果中。 + - "{% data variables.product.prodname_registry %} npm 注册表不再在元数据响应中返回时间值。这样可以大幅改善性能。我们继续拥有将时间值作为元数据响应的一部分返回所需的所有数据,并将在以后解决现有性能问题后恢复返回该值。" + - 特定于处理预接收挂钩的资源限制可能导致部分预接收挂钩失败。 + - '{% data reusables.release-notes.ghas-3.4-secret-scanning-known-issue %}' diff --git a/translations/zh-CN/data/release-notes/enterprise-server/3-2/11.yml b/translations/zh-CN/data/release-notes/enterprise-server/3-2/11.yml new file mode 100644 index 0000000000..bafb1315de --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/3-2/11.yml @@ -0,0 +1,44 @@ +date: '2022-04-04' +sections: + security_fixes: + - '中:在 {% data variables.product.prodname_ghe_server %} 管理控制台中发现了一个允许绕过 CSRF 保护的路径遍历漏洞。此漏洞影响 3.5 之前的所有 {% data variables.product.prodname_ghe_server %} 版本,并在 3.1.19、3.2.11、3.3.6 和 3.4.1 中得到了修复。此漏洞通过 {% data variables.product.prodname_dotcom %} Bug 赏金计划报告,编号为 CVE-2022-23732。' + - '中:在 `yajil` 的 1.x 分支和 2.x 分支中发现了一个整数溢出漏洞,在处理大型 (~2GB) 输入时,该漏洞会导致随后出现堆内存损坏。此漏洞是内部报告的,编号为 CVE-2022-24795。' + - "如果启用了 {% data variables.product.prodname_actions %},支持包可能包含敏感文件。" + - 包已更新到最新的安全版本。 + bugs: + - "如果升级 {% data variables.product.prodname_ghe_server %} 后存在旧配置选项,Minio 进程的 CPU 使用率会很高。" + - 显示了用于在管理控制台的“隐私”设置中启用 `TLS 1.0` 和 `TLS 1.1` 的选项,尽管在早期版本中移除了这些协议版本。 + - "在 HA 环境中,首次启用 {% data variables.product.prodname_actions %} 后,可能需要执行额外的手动步骤才能配置 MSSQL 复制。" + - 经过热补丁,内部配置文件的子集更新会更可靠。 + - "`ghe-run-migrations` 脚本有时无法正确生成临时证书名称。" + - 在群集环境中,Git LFS 操作可能会因跨多个 Web 节点的内部 API 调用失败而失败。 + - 由于 `syscall` 权限不足,使用 `gpg --import` 的预接收挂钩超时。 + - 在某些群集拓扑中,Webhook 交付信息不可用。 + - "在 HA 配置中,如果先前已启用 {% data variables.product.prodname_actions %},副本拆解操作将失败。" + - 运行迁移时,Elasticsearch 运行状况检查不允许出现黄色群集状态。 + - 由于用户将其用户帐户转换为组织而创建的组织未添加到全局企业帐户中。 + - "使用 `ghe-migrator` 或从 {% data variables.product.prodname_dotcom_the_website %} 导出时,如果在导出过程中删除数据,则长时间运行的导出将失败。" + - "{% data variables.product.prodname_actions %} 部署图在呈现待处理作业时会显示错误。" + - 无法访问的页面链接已被移除。 + - 远离 Web UI 中两个提交的比较将使差异在其他页面中持续存在。 + - 将团队添加为拉取请求的审阅者时,有时会显示不正确的团队成员数量。 + - "[删除用户的团队成员身份](/rest/reference/teams#remove-team-membership-for-a-user) API 终结点在尝试删除由 SCIM 组在外部管理的成员时会响应错误。" + - "大量休眠用户可能会导致 {% data variables.product.prodname_github_connect %} 配置失败。" + - 站点管理员 Web UI 中的“功能和 Beta 版本注册”页面无法正确使用。 + - 单击站点页脚中的“站点管理员模式”链接时,其状态未发生更改。 + - '`spokesctl cache-policy rm` 命名不再失败且显示消息 `error: failed to delete cache policy`。' + changes: + - 增加了 Memcached 连接上限,可更好地适应大型群集拓扑。 + - 依赖项关系图 API 以前使用静态定义的端口运行。 + - 已更新与群集相关的 Elasticsearch 分片设置的默认分片计数。 + - “会审”和“维护”团队角色在存储库迁移期间保留。 + - 企业所有者提出的 Web 请求的性能已得到改进。 + known_issues: + - "在新建的没有任何用户的 {% data variables.product.prodname_ghe_server %} 实例上,攻击者可以创建第一个管理员用户。" + - 自定义防火墙规则在升级过程中被移除。 + - "[通过 Web 界面上传](https://github.com/blog/2105-upload-files-to-your-repositories)的 Git LFS 跟踪文件被错误地直接添加到存储库。" + - 如果问题包含同一存储库中 blob 的永久链接并且该 blob de 文件路径长于 255 个字符,则问题无法关闭。 + - "对 {% data variables.product.prodname_github_connect %} 启用“用户可以搜索 GitHub.com”后,专用和内部存储库中的问题不包括在 {% data variables.product.prodname_dotcom_the_website %} 搜索结果中。" + - "{% data variables.product.prodname_registry %} npm 注册表不再在元数据响应中返回时间值。这样做是为了大幅改善性能。我们继续拥有将时间值作为元数据响应的一部分返回所需的所有数据,并将在以后解决现有性能问题后恢复返回该值。" + - 特定于处理预接收挂钩的资源限制可能导致部分预接收挂钩失败。 + - '{% data reusables.release-notes.ghas-3.4-secret-scanning-known-issue %}' diff --git a/translations/zh-CN/data/release-notes/enterprise-server/3-2/12.yml b/translations/zh-CN/data/release-notes/enterprise-server/3-2/12.yml new file mode 100644 index 0000000000..5543b2fb41 --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/3-2/12.yml @@ -0,0 +1,24 @@ +date: '2022-04-20' +sections: + security_fixes: + - 包已更新到最新的安全版本。 + bugs: + - 在某些情况下,使用升级包升级高可用性对中的节点可能会导致 Elasticsearch 进入不一致状态。 + - 在某些群集拓扑中,命令行实用程序 `ghe-spokesctl` 和 `ghe-btop` 无法运行。 + - 由于 `elasticsearch-upgrade` 服务并行运行多次,因此 Elasticsearch 索引可能会在包升级期间重复。 + - "将用户帐户转换为组织帐户时,如果用户帐户是 {% data variables.product.prodname_ghe_server %} 企业帐户的所有者,则转换后的组织将无法正确显示在企业所有者列表中。" + - 当与 OAuth 应用程序 ID 匹配的集成已存在时,使用企业管理 REST API 创建模拟 OAuth 令牌会运行不正常。 + changes: + - 除了配置日志之外,停止 config apply 运行的配置错误现在会输出到终端。 + - 尝试缓存大于 Memcached 中允许的最大值的值时,会引发错误,但不会报告密钥。 + - "即使未使用 {% data variables.product.prodname_actions %} 的默认令牌权限,{% data variables.product.prodname_codeql %} 入门工作流程也不会再出错。" + - "如果在实例上启用了 {% data variables.product.prodname_GH_advanced_security %} 功能,则在处理存储库贡献的批次时,后台作业的性能会有所提高。" + known_issues: + - "在新建的没有任何用户的 {% data variables.product.prodname_ghe_server %} 实例上,攻击者可以创建第一个管理员用户。" + - 自定义防火墙规则在升级过程中被删除。 + - "[通过 Web 界面上传](https://github.com/blog/2105-upload-files-to-your-repositories)的 Git LFS 跟踪文件被错误地直接添加到存储库。" + - 如果问题包含文件路径长于 255 个字符的同一存储库中 blob 的永久链接,则问题无法关闭。 + - "对 {% data variables.product.prodname_github_connect %} 启用“用户可以搜索 GitHub.com”后,专用和内部存储库中的问题不包括在 {% data variables.product.prodname_dotcom_the_website %} 搜索结果中。" + - "{% data variables.product.prodname_registry %} npm 注册表不再在元数据响应中返回时间值。这样可以大幅改善性能。我们继续拥有将时间值作为元数据响应的一部分返回所需的所有数据,并将在以后解决现有性能问题后恢复返回该值。" + - 特定于处理预接收挂钩的资源限制可能会导致某些预接收挂钩失败。 + - '{% data reusables.release-notes.ghas-3.4-secret-scanning-known-issue %}' diff --git a/translations/zh-CN/data/release-notes/enterprise-server/3-2/13.yml b/translations/zh-CN/data/release-notes/enterprise-server/3-2/13.yml new file mode 100644 index 0000000000..68abc622b7 --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/3-2/13.yml @@ -0,0 +1,28 @@ +date: '2022-05-17' +sections: + security_fixes: + - '**中:**发现了 nginx 解析器中的一个安全问题,可以从 DNS 服务器伪造 UDP 数据包的攻击者可能导致 1 字节内存覆盖,从而导致工作进程崩溃或其他潜在的破坏性影响。该漏洞的编号为 [CVE-2021-23017](https://nvd.nist.gov/vuln/detail/CVE-2021-23017)。' + - "更新了 `actions/checkout@v2` 和 `actions/checkout@v3` 操作以解决 [Git 安全措施实施博客文章](https://github.blog/2022-04-12-git-security-vulnerability-announced/)中公布的新漏洞。" + - 包已更新到最新的安全版本。 + bugs: + - 在某些群集拓扑中,`ghe-cluster-status` 命令会在 `/tmp` 中留下空目录。 + - SNMP 错误地将大量 `Cannot statfs` 错误消息记录到 syslog。 + - 对于配置了 SAML 身份验证和启用内置回退的实例,内置用户在尝试从退出登录后生成的页面登录时会陷入“登录”循环。 + - 上传到问题评论的视频将无法正确呈现。 + - 使用 SAML 加密断言时,某些断言未正确将 SSH 密钥标记为已验证。 + - 使用 `ghe-migrator` 时,迁移将无法在问题和拉取请求中导入视频文件附件。 + - '当存储库具有包含非 ASCII 字符的标记时,发布页面将返回 500 错误。[更新时间:2022-06-10]' + changes: + - 在高可用性配置中,阐明管理控制台中的复制概述页面仅显示当前复制配置,而不是当前复制状态。 + - "启用 {% data variables.product.prodname_registry %} 时,阐明当前不支持使用共享访问签名 (SAS) 令牌作为连接字符串。" + - 支持包现在包括存储在 MySQL 中的表的行数。 + - "现在可以在没有漏洞数据的情况下启用依赖项关系图,允许你查看正在使用的依赖项和版本。启用依赖项关系图而不启用 {% data variables.product.prodname_github_connect %} 不会**提供漏洞信息。" + known_issues: + - "在新建的没有任何用户的 {% data variables.product.prodname_ghe_server %} 实例上,攻击者可以创建第一个管理员用户。" + - 自定义防火墙规则在升级过程中被移除。 + - "[通过 Web 界面上传](https://github.com/blog/2105-upload-files-to-your-repositories)的 Git LFS 跟踪文件被错误地直接添加到存储库。" + - 如果问题包含同一存储库中文件路径长于 255 个字符的 blob 的永久链接,则无法关闭。 + - "对 {% data variables.product.prodname_github_connect %} 启用“用户可以搜索 GitHub.com”后,专用和内部存储库中的问题不包括在 {% data variables.product.prodname_dotcom_the_website %} 搜索结果中。" + - "{% data variables.product.prodname_registry %} npm 注册表不再在元数据响应中返回时间值。这样做是为了大幅改善性能。我们继续拥有将时间值作为元数据响应的一部分返回所需的所有数据,并将在以后解决现有性能问题后恢复返回该值。" + - 特定于处理预接收挂钩的资源限制可能导致部分预接收挂钩失败。 + - '{% data reusables.release-notes.ghas-3.4-secret-scanning-known-issue %}' diff --git a/translations/zh-CN/data/release-notes/enterprise-server/3-2/14.yml b/translations/zh-CN/data/release-notes/enterprise-server/3-2/14.yml new file mode 100644 index 0000000000..360c7618fc --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/3-2/14.yml @@ -0,0 +1,23 @@ +date: '2022-06-09' +sections: + security_fixes: + - 包已更新到最新的安全版本。 + bugs: + - "如果主机名字符串以“.”开头(句点字符),则 {% data variables.product.prodname_ghe_server %} 配置文件中用于验证主机名的内部脚本将返回错误。" + - 在主节点的主机名超过 60 个字符的 HA 配置中,MySQL 将无法配置。 + - "`--gateway` 参数已添加到 `ghe-setup-network` 命令,以允许使用命令行配置网络设置时传递网关地址。" + - 删除的图像附件将返回 `500 内部服务器错误` 而非 `404 未找到` 错误。 + - 站点管理员仪表板中报告的“跨整个实例的最大提交者”的计算不正确。 + - "使用 {% data variables.product.prodname_enterprise_backup_utilities %} 执行还原时,存储库复制的数据库输入不正确导致数据库损坏。" + changes: + - 优化了生成群集支持包时包含的指标。 + - 在 Elasticsearch 报告有效的标黄状态的 HA 配置中,之前修复中引入的更改将阻止 `ghe-repl-stop` 命令,并且不允许停止复制。当服务处于正常或有效标黄状态时,使用 `ghe-repo-stop --force` 将强制 Elasticsearch 停止运行。 + known_issues: + - "在新建的没有任何用户的 {% data variables.product.prodname_ghe_server %} 实例上,攻击者可以创建第一个管理员用户。" + - 自定义防火墙规则在升级过程中被删除。 + - "[通过 Web 界面上传](https://github.com/blog/2105-upload-files-to-your-repositories)的 Git LFS 跟踪文件被错误地直接添加到存储库。" + - 如果问题包含文件路径长于 255 个字符的同一存储库中 Blob 的永久链接,则问题无法关闭。 + - "对 {% data variables.product.prodname_github_connect %} 启用“用户可以搜索 GitHub.com”后,专用和内部存储库中的问题不包括在 {% data variables.product.prodname_dotcom_the_website %} 搜索结果中。" + - "{% data variables.product.prodname_registry %} npm 注册表不再在元数据响应中返回时间值。这样可以大幅改善性能。我们继续拥有将时间值作为元数据响应的一部分返回所需的所有数据,并将在以后解决现有性能问题后恢复返回该值。" + - 特定于处理预接收挂钩的资源限制可能导致部分预接收挂钩失败。 + - '{% data reusables.release-notes.ghas-3.4-secret-scanning-known-issue %}' diff --git a/translations/zh-CN/data/release-notes/enterprise-server/3-2/15.yml b/translations/zh-CN/data/release-notes/enterprise-server/3-2/15.yml new file mode 100644 index 0000000000..84169dfb99 --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/3-2/15.yml @@ -0,0 +1,20 @@ +date: '2022-06-28' +sections: + security_fixes: + - "中****:确保 `github.company.com` 和 `github-company.com` 不会被内部服务评估为相同的主机名,从而防止潜在的服务器端安全性伪造 (SSRF) 攻击。" + - "低****:即使外部防火墙规则阻止了 HTTP 访问,攻击者也可以使用路径遍历攻击通过 HTTP 访问管理控制台。" + - 包已更新到最新安全版本。 + bugs: + - 在某些情况下,网站管理员未自动添加为企业所有者。 + - 将一个分支合并到默认分支之后,文件的“历史记录”链接仍然会链接到前一个分支,而不是目标分支。 + changes: + - 如果某些字段(如名称)的值过长,则创建或更新检查运行或检查套件可能返回“500 内部服务器错误”。 + known_issues: + - "在新建的没有任何用户的 {% data variables.product.prodname_ghe_server %} 实例上,攻击者可以创建第一个管理员用户。" + - 自定义防火墙规则在升级过程中被删除。 + - "[通过 Web 界面上传](https://github.com/blog/2105-upload-files-to-your-repositories)的 Git LFS 跟踪文件被错误地直接添加到存储库。" + - 如果问题包含文件路径长于 255 个字符的同一存储库中 Blob 的永久链接,则问题无法关闭。 + - "对 {% data variables.product.prodname_github_connect %} 启用“用户可以搜索 GitHub.com”后,专用和内部存储库中的问题不包括在 {% data variables.product.prodname_dotcom_the_website %} 搜索结果中。" + - "{% data variables.product.prodname_registry %} npm 注册表不再在元数据响应中返回时间值。这样可以大幅改善性能。我们继续拥有将时间值作为元数据响应的一部分返回所需的所有数据,并将在以后解决现有性能问题后恢复返回该值。" + - 特定于处理预接收挂钩的资源限制可能导致部分预接收挂钩失败。 + - '{% data reusables.release-notes.ghas-3.4-secret-scanning-known-issue %}' diff --git a/translations/zh-CN/data/release-notes/enterprise-server/3-2/16.yml b/translations/zh-CN/data/release-notes/enterprise-server/3-2/16.yml new file mode 100644 index 0000000000..8112ab2044 --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/3-2/16.yml @@ -0,0 +1,26 @@ +date: '2022-07-21' +sections: + security_fixes: + - "中****:防止服务器端请求伪造 (SSRF) 可能通过向 Memcached 注入任意数据来强制 Subversion (SVN) 桥执行远程代码的攻击。" + - "将 Grafana 更新到版本 7.5.16,这样可以解决各种安全漏洞,包括 [CVE-2020-13379](https://github.com/advisories/GHSA-wc9w-wvq2-ffm9) 和 [CVE-2022-21702](https://github.com/grafana/grafana/security/advisories/GHSA-xc3p-28hw-q24g)。" + - 包已更新到最新安全版本。 + bugs: + - 修复了使用解压缩工具解压缩时项目压缩存档中的文件权限为 000 的问题。现在这些文件的权限将设置为 644,就像在 GitHub.com 中那样。 + - 在某些情况下,collectd 守护进程可能会消耗过多内存。 + - 在某些情况下,旋转日志文件备份可能会累积并消耗过多存储。 + - 在升级到新功能版本并运行后续配置之后,Elasticsearch 可能在重新生成索引时记录过多异常。 + - 在某些情况下,受保护的分支需要多个批准的审查,一个拉取请求可以合并少于所需数量的批准审查。 + - 在使用 LDAP 身份验证的实例中,当用户名和密码的文本字段都可见时,sudo 模式的身份验证提示在默认情况下将光标错误地放置在密码字段中。 + changes: + - "`ghe-set-password` 命令行实用程序在以恢复模式启动实例时自动启动所需的服务。" + - 将收集 `aqueduct` 后台进程指标进行 Collectd 转发并显示在管理控制台中。 + - 数据库迁移和配置运行日志 `/data/user/common/ghe-config.log` 的位置现在显示在详细描述正在进行的迁移的页面上。 + known_issues: + - "在新建的没有任何用户的 {% data variables.product.prodname_ghe_server %} 实例上,攻击者可以创建第一个管理员用户。" + - 自定义防火墙规则在升级过程中被删除。 + - "[通过 Web 界面上传](https://github.com/blog/2105-upload-files-to-your-repositories)的 Git LFS 跟踪文件被错误地直接添加到存储库。" + - 如果问题包含文件路径长于 255 个字符的同一存储库中 blob 的永久链接,则问题无法关闭。 + - "对 {% data variables.product.prodname_github_connect %} 启用“用户可以搜索 GitHub.com”后,专用和内部存储库中的问题不包括在 {% data variables.product.prodname_dotcom_the_website %} 搜索结果中。" + - "{% data variables.product.prodname_registry %} npm 注册表不再在元数据响应中返回时间值。这样可以大幅改善性能。作为元数据响应的一部分,我们继续拥有返回时间值所需的所有数据,并将在以后解决现有性能问题后恢复返回这个值。" + - 特定于处理预接收挂钩的资源限制可能导致部分预接收挂钩失败。 + - '{% data reusables.release-notes.ghas-3.4-secret-scanning-known-issue %}' diff --git a/translations/zh-CN/data/release-notes/enterprise-server/3-2/17.yml b/translations/zh-CN/data/release-notes/enterprise-server/3-2/17.yml new file mode 100644 index 0000000000..38943c2361 --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/3-2/17.yml @@ -0,0 +1,18 @@ +date: '2022-08-11' +sections: + security_fixes: + - | + **CRITICAL**: GitHub Enterprise Server's Elasticsearch container used a version of OpenJDK 8 that was vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. The vulnerability is tracked as [CVE-2022-34169](https://github.com/advisories/GHSA-9339-86wc-4qgf). + - | + **HIGH**: Previously installed apps on user accounts were automatically granted permission to access an organization on scoped access tokens after the user account was transformed into an organization account. This vulnerability was reported via the [GitHub Bug Bounty program](https://bounty.github.com). + bugs: + - When a custom dormancy threshold was set for the instance, suspending all dormant users did not reliably respect the threshold. For more information about dormancy, see "[Managing dormant users](/admin/user-management/managing-users-in-your-enterprise/managing-dormant-users)." + known_issues: + - On a freshly set up {% data variables.product.prodname_ghe_server %} instance without any users, an attacker could create the first admin user. + - Custom firewall rules are removed during the upgrade process. + - Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. + - Issues cannot be closed if they contain a permalink to a blob in the same repository, where the blob's file path is longer than 255 characters. + - When "Users can search GitHub.com" is enabled with {% data variables.product.prodname_github_connect %}, issues in private and internal repositories are not included in {% data variables.product.prodname_dotcom_the_website %} search results. + - The {% data variables.product.prodname_registry %} npm registry no longer returns a time value in metadata responses. This was done to allow for substantial performance improvements. We continue to have all the data necessary to return a time value as part of the metadata response and will resume returning this value in the future once we have solved the existing performance issues. + - Resource limits that are specific to processing pre-receive hooks may cause some pre-receive hooks to fail. + - '{% data reusables.release-notes.ghas-3.4-secret-scanning-known-issue %}' diff --git a/translations/zh-CN/data/release-notes/enterprise-server/3-2/18.yml b/translations/zh-CN/data/release-notes/enterprise-server/3-2/18.yml new file mode 100644 index 0000000000..f14a33838f --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/3-2/18.yml @@ -0,0 +1,16 @@ +date: '2022-08-30' +sections: + bugs: + - 管理控制台和 `/home/admin/.ssh/authorized_keys` 文件中可能会出现重复的管理 SSH 密钥。 + - 在某些情况下,尽管不是线程安全的,但由于同时使用的库,可能会导致后台任务停止。 + changes: + - "由于并行日志清理,支持包的生成速度更快。有关支持包的详细信息,请参阅“[将数据提供给 GitHub 支持](/support/contacting-github-support/providing-data-to-github-support)”。" + known_issues: + - "在新建的没有任何用户的 {% data variables.product.prodname_ghe_server %} 实例上,攻击者可以创建第一个管理员用户。" + - 自定义防火墙规则在升级过程中被删除。 + - "[通过 Web 界面上传](https://github.com/blog/2105-upload-files-to-your-repositories)的 Git LFS 跟踪文件被错误地直接添加到存储库。" + - 如果问题包含文件路径长于 255 个字符的同一存储库中 blob 的永久链接,则问题无法关闭。 + - "对 {% data variables.product.prodname_github_connect %} 启用“用户可以搜索 GitHub.com”后,专用和内部存储库中的问题不包括在 {% data variables.product.prodname_dotcom_the_website %} 搜索结果中。" + - "{% data variables.product.prodname_registry %} npm 注册表不再在元数据响应中返回时间值。这样可以大幅改善性能。作为元数据响应的一部分,我们继续拥有返回时间值所需的所有数据,并将在以后解决现有性能问题后恢复返回这个值。" + - 特定于处理预接收挂钩的资源限制可能导致部分预接收挂钩失败。 + - '{% data reusables.release-notes.ghas-3.4-secret-scanning-known-issue %}' diff --git a/translations/zh-CN/data/release-notes/enterprise-server/3-2/2.yml b/translations/zh-CN/data/release-notes/enterprise-server/3-2/2.yml new file mode 100644 index 0000000000..ca97d64172 --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/3-2/2.yml @@ -0,0 +1,23 @@ +date: '2021-10-28' +sections: + security_fixes: + - '明文密码可能会出现在某些日志文件中。' + - '多个已知弱 SSH 公钥已添加到拒绝列表中,无法再进行注册。此外,已知会生成弱 SSH 密钥的 GitKraken 版本(7.6.x、7.7.x 和 8.0.0)已被阻止注册新的公钥。' + - '包已更新到最新的安全版本。' + bugs: + - '如果业务流程协调程序运行不正常,企业服务器在群集模式下的还原可能会失败。' + - '代码空间链接显示在组织设置中。' + - '拥有许多组织的用户无法使用应用程序的多个部分。' + - '修复了 https://docs.github.com 链接。' + changes: + - '具有多个引用的存储库的浏览和作业性能优化。' + known_issues: + - 在存储库中保存新版本后,`/releases` 页面显示 500 错误。此问题的修复程序预计将在 3.2.3 中发布。 + - "在新建的没有任何用户的 {% data variables.product.prodname_ghe_server %} 上,攻击者可以创建第一个管理员用户。" + - 自定义防火墙规则在升级过程中被删除。 + - "[通过 Web 界面上传](https://github.com/blog/2105-upload-files-to-your-repositories)的 Git LFS 跟踪文件被错误地直接添加到存储库。" + - 如果问题包含同一存储库中 blob 的永久链接并且该 blob 的文件路径长于 255 个字符,则问题无法关闭。 + - 在 GitHub Connect 中启用了“用户可以搜索 GitHub.com”时,专用和内部存储库中的问题不包括在 GitHub.com 搜索结果中。 + - "{% data variables.product.prodname_registry %} npm 注册表不再在元数据响应中返回时间值。这样做是为了大幅改善性能。我们继续拥有将时间值作为元数据响应的一部分返回所需的所有数据,并将在以后解决现有性能问题后恢复返回该值。" + - 特定于处理预接收挂钩的资源限制可能导致部分预接收挂钩失败。 + - '{% data reusables.release-notes.ghas-3.4-secret-scanning-known-issue %}' diff --git a/translations/zh-CN/data/release-notes/enterprise-server/3-2/3.yml b/translations/zh-CN/data/release-notes/enterprise-server/3-2/3.yml new file mode 100644 index 0000000000..cf4f2569ed --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/3-2/3.yml @@ -0,0 +1,31 @@ +date: '2021-11-09' +sections: + security_fixes: + - "在 {% data variables.product.prodname_ghe_server %} 上发现了在构建 {% data variables.product.prodname_pages %} 时出现的路径遍历漏洞,攻击者可利用该漏洞读取系统文件。要利用此漏洞,攻击者需要获得在 {% data variables.product.prodname_ghe_server %} 实例上创建和构建 {% data variables.product.prodname_pages %} 站点的权限。此漏洞影响 3.3 之前的所有 {% data variables.product.prodname_ghe_server %} 版本,并在 3.0.19、3.1.11 和 3.2.3 中修复。该漏洞通过 {% data variables.product.company_short %} Bug 悬赏计划报告,编号为 CVE-2021-22870。" + - 包已更新到最新的安全版本。 + bugs: + - "部分 Git 操作在升级 {% data variables.product.prodname_ghe_server %} 3.x 群集后由于 HAProxy 配置而失败。" + - 在群集模式下,Unicorn 辅助角色计数可能会设置错误。 + - 在群集模式下,Resqued 辅助角色计数可能会设置错误。 + - 如果 Ubuntu Uncomplicated Firewall (UFW) 处于不活动状态,客户端可能无法在日志中清楚地看到它。 + - "当 LDAP 配置中存在 UTF8 字符时,从 {% data variables.product.prodname_ghe_server %} 2.x 到 3.x 的升级会失败。" + - 某些页面和与 Git 相关的后台作业可能无法在具有某些群集配置的群集模式下运行。 + - 服务器统计信息的文档链接已损坏。 + - "创建新标记时,[推送](/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#push) Webhook 有效负载不显示正确的 `head_commit` 对象。现在,创建新标记时,推送 Webhook 有效负载始终包括 `head_commit` 对象,其中包含新标记指向的提交数据。因此,`head_commit` 对象将始终包含有效负载 `after` 提交的提交数据。" + - "企业审核日志页面不会显示 {% data variables.product.prodname_secret_scanning %} 的审核事件。" + - 副本修复的作业超时时间不足。 + - 查看版本时,存储库的发布页面将返回 500 错误。 + - '在查看文件时,不会警告用户有潜在危险的双向 Unicode 字符。有关详细信息,请参阅 {% data variables.product.prodname_blog %} 中的“[有关双向 Unicode 文本的警告](https://github.co/hiddenchars)”。' + - Hookshot Go 发送了 Collectd 无法处理的分布类型指标,这导致解析错误激增。 + - "公共存储库显示来自 {% data variables.product.prodname_secret_scanning %} 的意外结果,类型为“未知令牌”。" + changes: + - 已添加 Kafka 配置改进。删除存储库时,现在会立即从存储帐户中删除包文件以释放空间。`DestroyDeletedPackageVersionsJob` 现在从存储帐户中删除过期包的包文件以及元数据记录。 + known_issues: + - "在新建的没有任何用户的 {% data variables.product.prodname_ghe_server %} 上,攻击者可以创建第一个管理员用户。" + - 自定义防火墙规则在升级过程中被删除。 + - "[通过 Web 界面上传](https://github.com/blog/2105-upload-files-to-your-repositories)的 Git LFS 跟踪文件被错误地直接添加到存储库。" + - 如果问题包含文件路径长于 255 个字符的同一存储库中 blob 的永久链接,则问题无法关闭。 + - 对 GitHub Connect 启用“用户可以搜索 GitHub.com”后,专用和内部存储库中的问题不包括在 GitHub.com 搜索结果中。 + - "{% data variables.product.prodname_registry %} npm 注册表不再在元数据响应中返回时间值。这样做是为了大幅改善性能。作为元数据响应的一部分,我们继续拥有返回时间值所需的所有数据,并将在我们解决现有性能问题后恢复返回这个值。" + - 特定于处理预接收挂钩的资源限制可能会导致某些预接收挂钩失败。 + - '{% data reusables.release-notes.ghas-3.4-secret-scanning-known-issue %}' diff --git a/translations/zh-CN/data/release-notes/enterprise-server/3-2/4.yml b/translations/zh-CN/data/release-notes/enterprise-server/3-2/4.yml new file mode 100644 index 0000000000..72cbad67f6 --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/3-2/4.yml @@ -0,0 +1,30 @@ +date: '2021-11-23' +intro: 由于影响多个客户的重大错误,已禁用下载。修复程序将在下一个补丁中提供。 +sections: + security_fixes: + - 包已更新到最新的安全版本。 + bugs: + - 如果已启用 GitHub Actions,运行 `ghe-repl-start` 或 `ghe-repl-status` 可能会在连接到数据库时返回错误。 + - 如果未定义 `PATH`,预接收挂钩会失败。 + - '如果曾将实例配置为副本,运行 `ghe-repl-setup` 会返回错误:“无法创建目录 /data/user/elasticsearch:文件已存在”。' + - '运行 `ghe-support-bundle` 返回错误:“应为整数表达式”。' + - '设置高可用性副本后,`ghe-repl-status` 在输出中包含错误:“命令中未关闭的意外操作”。' + - 在大型群集环境中,某部分前端节点可能无法使用身份验证后端。 + - 在 GHES 群集的后端节点上,一些关键服务可能不可用。 + - "`/repos` API 返回给用户的存储库权限不会返回完整的列表。" + - 在某些情况下,GraphQL 架构中的 `Team` 对象上的 `childTeams` 连接会产生不正确的结果。 + - 在高可用性配置中,存储库维护在人员工具中总是显示为失败,即使成功了也是如此。 + - 用户定义的模式不会检测 `package.json` 或 `yarn.lock` 等文件中的机密。 + changes: + - 在使用 `ghe-cluster-suport-bundle` 创建群集支持包时,现在会默认关闭额外一层的外部 `gzip` 压缩。使用 `ghe-cluster-suport-bundle -c` 命令行选项可以选择应用此外部压缩。 + - 我们在管理控制台添加了额外的文本,以提醒用户移动应用的数据收集,目的是改善体验。 + - "{% data variables.product.prodname_github_connect %} 数据连接记录现在会列出已启用的 {% data variables.product.prodname_github_connect %} 功能。[更新时间:2021-12-09]" + known_issues: + - "在新建的没有任何用户的 {% data variables.product.prodname_ghe_server %} 上,攻击者可以创建第一个管理员用户。" + - 自定义防火墙规则在升级过程中被删除。 + - "[通过 Web 界面上传](https://github.com/blog/2105-upload-files-to-your-repositories)的 Git LFS 跟踪文件被错误地直接添加到存储库。" + - 如果问题包含同一存储库中 blob 的永久链接并且该 blob de 文件路径长于 255 个字符,则问题无法关闭。 + - 在 GitHub Connect 中启用了“用户可以搜索 GitHub.com”时,专用和内部存储库中的问题不包括在 GitHub.com 搜索结果中。 + - "{% data variables.product.prodname_registry %} npm 注册表不再在元数据响应中返回时间值。这样做是为了大幅改善性能。我们继续拥有将时间值作为元数据响应的一部分返回所需的所有数据,并将在以后解决现有性能问题后恢复返回该值。" + - 特定于处理预接收挂钩的资源限制可能导致部分预接收挂钩失败。 + - '{% data reusables.release-notes.ghas-3.4-secret-scanning-known-issue %}' diff --git a/translations/zh-CN/data/release-notes/enterprise-server/3-2/5.yml b/translations/zh-CN/data/release-notes/enterprise-server/3-2/5.yml new file mode 100644 index 0000000000..e3b6aef065 --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/3-2/5.yml @@ -0,0 +1,28 @@ +date: '2021-12-07' +sections: + security_fixes: + - 支持包可以包含敏感文件,前提是它们满足一组特定条件。 + - "在 GitHub Enterprise Server 中发现了一个 UI 虚假陈述漏洞,该漏洞允许在 GitHub 应用程序的用户授权 Web 流期间授予比在审批期间向用户显示的更多权限。此漏洞影响 GitHub Enterprise Server 3.3 之前的所有版本,已在 3.2.5、3.1.13 和 3.0.21 中修复。此漏洞通过 GitHub Bug 赏金计划报告,编号为 [CVE-2021-41598](https://www.cve.org/CVERecord?id=CVE-2021-41598)。" + - "在 GitHub Enterprise Server 中发现了一个在构建 GitHub Pages 站点时可以利用的远程代码执行漏洞。此漏洞影响 GitHub Enterprise Server 3.3 之前的所有版本,已在 3.0.21、3.1.13 和 3.2.5 中修复。此漏洞通过 GitHub Bug 赏金计划报告,编号为 [CVE-2021-41599](https://www.cve.org/CVERecord?id=CVE-2021-41599)。更新时间:2022 年 2 月 17 日。" + bugs: + - 在某些未启用操作的情况下,`ghe-support-bundle` 报告了意外消息“无法找到 MS SQL 容器”。 + - 由于 `/data/user/tmp/pages` 中存在权限问题,`ghe-config-apply` 的运行有时可能会失败。 + - 管理控制台中的错误配置导致了调度错误。 + - Docker 会在日志轮换后保持日志文件打开。 + - 由于对不兼容 UTF-8 的 `blob_path` 值的错误处理,迁移可能会停滞。 + - GraphQL 请求未在预接收挂钩环境中设置 GITHUB_USER_IP 变量。 + - 组织审计日志上的分页链接不会保留查询参数。 + - 在热补丁期间,如果多次运行转换,则可能会出现重复的哈希。 + changes: + - 阐明了文档中对 Actions 路径样式的解释。 + - 更新支持联系 URL 以使用当前支持站点 support.github.com。 + - 运行 `ghe-mssql-diagnostic` 时提供了其他疑难解答。 + known_issues: + - "在新建的没有任何用户的 {% data variables.product.prodname_ghe_server %} 上,攻击者可以创建第一个管理员用户。" + - 自定义防火墙规则在升级过程中被删除。 + - "[通过 Web 界面上传](https://github.com/blog/2105-upload-files-to-your-repositories)的 Git LFS 跟踪文件被错误地直接添加到存储库。" + - 如果问题包含同一存储库中 blob 的永久链接并且该 blob 的文件路径长于 255 个字符,则问题无法关闭。 + - 在 GitHub Connect 中启用了“用户可以搜索 GitHub.com”时,专用和内部存储库中的问题不包括在 GitHub.com 搜索结果中。 + - "{% data variables.product.prodname_registry %} npm 注册表不再在元数据响应中返回时间值。这样做是为了大幅改善性能。我们继续拥有将时间值作为元数据响应的一部分返回所需的所有数据,并将在以后解决现有性能问题后恢复返回该值。" + - 特定于处理预接收挂钩的资源限制可能导致部分预接收挂钩失败。 + - '{% data reusables.release-notes.ghas-3.4-secret-scanning-known-issue %}' diff --git a/translations/zh-CN/data/release-notes/enterprise-server/3-2/6.yml b/translations/zh-CN/data/release-notes/enterprise-server/3-2/6.yml new file mode 100644 index 0000000000..239c0e710b --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/3-2/6.yml @@ -0,0 +1,14 @@ +date: '2021-12-13' +sections: + security_fixes: + - '{% octicon "alert" aria-label="The alert icon" %} 严重:****在 Log4j 库中发现远程代码执行漏洞,该漏洞会影响 3.3.1 之前的所有 {% data variables.product.prodname_ghe_server %} 版本,漏洞编号为 [CVE-2021-44228](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228)。Log4j 库用于在 {% data variables.product.prodname_ghe_server %} 实例上运行的开源服务。已在 {% data variables.product.prodname_ghe_server %} 3.0.22、3.1.14、3.2.6 和 3.3.1 中修复该漏洞。 有关详细信息,请参阅 GitHub 博客[文章](https://github.blog/2021-12-13-githubs-response-to-log4j-vulnerability-cve-2021-44228/)。' + - '2021 年 12 月 17 日更新****:此版本中的修复也能缓解在该版本之后发布的 [CVE-2021-45046](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45046)。无需再升级 {% data variables.product.prodname_ghe_server %},即可缓解 CVE-2021-44228 和 CVE-2021-45046。' + known_issues: + - "在新建的没有任何用户的 {% data variables.product.prodname_ghe_server %} 上,攻击者可以创建第一个管理员用户。" + - 自定义防火墙规则在升级过程中被删除。 + - "[通过 Web 界面上传](https://github.com/blog/2105-upload-files-to-your-repositories)的 Git LFS 跟踪文件被错误地直接添加到存储库。" + - 如果问题包含文件路径长于 255 个字符的同一存储库中 Blob 的永久链接,则问题无法关闭。 + - 在 GitHub Connect 中启用了“用户可以搜索 GitHub.com”时,专用和内部存储库中的问题不包括在 GitHub.com 搜索结果中。 + - "{% data variables.product.prodname_registry %} npm 注册表不再在元数据响应中返回时间值。这样可以大幅改善性能。我们继续拥有将时间值作为元数据响应的一部分返回所需的所有数据,并将在以后解决现有性能问题后恢复返回该值。" + - 特定于处理预接收挂钩的资源限制可能导致部分预接收挂钩失败。 + - '{% data reusables.release-notes.ghas-3.4-secret-scanning-known-issue %}' diff --git a/translations/zh-CN/data/release-notes/enterprise-server/3-2/7.yml b/translations/zh-CN/data/release-notes/enterprise-server/3-2/7.yml new file mode 100644 index 0000000000..fdb9db199d --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/3-2/7.yml @@ -0,0 +1,23 @@ +date: '2022-01-18' +sections: + security_fixes: + - '包已更新到最新的安全版本。在这些更新中,Log4j 已更新至版本 2.17.1。注意:以前在 3.3.1、3.2.6、3.1.14 和 3.0.22 中发布的缓解措施已经足够解决这些 GitHub Enterprise Server 版本中 CVE-2021-44228、CVE-2021-45046、CVE-2021-45105 和 CVE-2021-44832 的影响。' + - 清理生成的支持包中的更多机密 + - 包已更新到最新的安全版本。 + bugs: + - 操作自托管运行器在从较旧的 GHES 安装升级后将无法自我更新或运行新作业。 + - 将 MinIO 配置为 GitHub 包的 Blob 存储时,无法验证存储设置。 + - 由于 `/data/user/tmp/pages` 中存在权限问题,运行 `ghe-config-apply` 有时可能会失败。 + - 在低分辨率的浏览器中滚动,可能无法找到管理控制台中的保存按钮。 + - Collectd 版本升级后,IOPS 和存储流量监视图未更新。 + - 一些与 Webhook 相关的作业可能会产生大量的日志。 + - 多个文档链接导致“404 找不到”错误。 + known_issues: + - "在新建的没有任何用户的 {% data variables.product.prodname_ghe_server %} 上,攻击者可以创建第一个管理员用户。" + - 自定义防火墙规则在升级过程中被删除。 + - "[通过 Web 界面上传](https://github.com/blog/2105-upload-files-to-your-repositories)的 Git LFS 跟踪文件被错误地直接添加到存储库。" + - 如果问题包含同一存储库中 blob 的永久链接并且该 blob 的文件路径长于 255 个字符,则问题无法关闭。 + - 在 GitHub Connect 中启用了“用户可以搜索 GitHub.com”时,专用和内部存储库中的问题不包括在 GitHub.com 搜索结果中。 + - "{% data variables.product.prodname_registry %} npm 注册表不再在元数据响应中返回时间值。这样做是为了大幅改善性能。我们继续拥有将时间值作为元数据响应的一部分返回所需的所有数据,并将在以后解决现有性能问题后恢复返回该值。" + - 特定于处理预接收挂钩的资源限制可能导致部分预接收挂钩失败。 + - '{% data reusables.release-notes.ghas-3.4-secret-scanning-known-issue %}' diff --git a/translations/zh-CN/data/release-notes/enterprise-server/3-2/8.yml b/translations/zh-CN/data/release-notes/enterprise-server/3-2/8.yml new file mode 100644 index 0000000000..5f00f51c99 --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/3-2/8.yml @@ -0,0 +1,26 @@ +date: '2022-02-01' +sections: + security_fixes: + - 包已更新到最新安全版本。 + bugs: + - 在 MySQL 机密轮换后,页面将不可用,直到手动重启 `nginx`。 + - "如果启用 {% data variables.product.prodname_actions %},迁移可能会失败。" + - 使用 ISO 8601 日期设置维护计划时,由于时区未转换为 UTC,因此实际计划时间将不匹配。 + - 有关 `cloud-config.service` 的虚假错误消息将输出到控制台。 + - 使用 `ghe-cluster-each` 安装热补丁后,版本号将无法正确更新。 + - Webhook 表清理作业可能同时运行,从而导致资源争用且作业运行时间增加。 + - 从主节点运行时,副本节点上的 `ghe-repl-teardown` 不会将副本节点从 MSSQL 可用性组中删除。 + - 使用 CAS 身份验证并启用“重新激活暂停的用户”选项时,暂停的用户不会自动重新激活。 + - 以下功能无法正常使用:仅限对在经过验证或批准的域上具有电子邮件的用户发送基于电子邮件的通知。 + - 与“安全警报”设置相关的长期数据库迁移可能会延迟升级完成。 + changes: + - GitHub Connect 数据连接记录现在包括活动和休眠用户数量计数以及配置的休眠期。 + known_issues: + - "在新建的没有任何用户的 {% data variables.product.prodname_ghe_server %} 上,攻击者可以创建第一个管理员用户。" + - 自定义防火墙规则在升级过程中被删除。 + - "[通过 Web 界面上传](https://github.com/blog/2105-upload-files-to-your-repositories)的 Git LFS 跟踪文件被错误地直接添加到存储库。" + - 如果问题包含同一存储库中文件路径长于 255 个字符的 blob 的永久链接,则无法关闭。 + - 在 GitHub Connect 中启用了“用户可以搜索 GitHub.com”时,专用和内部存储库中的问题不包括在 GitHub.com 搜索结果中。 + - "{% data variables.product.prodname_registry %} npm 注册表不再在元数据响应中返回时间值。这样可以大幅改善性能。我们继续拥有将时间值作为元数据响应的一部分返回所需的所有数据,并将在以后解决现有性能问题后恢复返回该值。" + - 特定于处理预接收挂钩的资源限制可能导致部分预接收挂钩失败。 + - '{% data reusables.release-notes.ghas-3.4-secret-scanning-known-issue %}' diff --git a/translations/zh-CN/data/release-notes/enterprise-server/3-2/9.yml b/translations/zh-CN/data/release-notes/enterprise-server/3-2/9.yml new file mode 100644 index 0000000000..3230434c37 --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/3-2/9.yml @@ -0,0 +1,20 @@ +date: '2022-02-17' +sections: + security_fixes: + - 用户可以注册名为“saml”的用户或组织。 + - 包已更新到最新安全版本。 + bugs: + - 使用 Azure Blob 存储时,无法验证 GitHub Packages 存储设置并将其保存在管理控制台中。 + - mssql.backup.cadence 配置选项的 ghe-config-check 失败,并发出无效字符集警告。 + - 修复从 memcached 获取超过 2^16 个密钥时的 SystemStackError(堆栈太深)。 + changes: + - 机密扫描将跳过扫描 ZIP 和其他存档文件的机密。 + known_issues: + - "在新建的没有任何用户的 {% data variables.product.prodname_ghe_server %} 实例上,攻击者可以创建第一个管理员用户。" + - 自定义防火墙规则在升级过程中被删除。 + - "[通过 Web 界面上传](https://github.com/blog/2105-upload-files-to-your-repositories)的 Git LFS 跟踪文件被错误地直接添加到存储库。" + - 如果问题包含同一存储库中文件路径长于 255 个字符的 blob 的永久链接,则无法关闭。 + - 在 GitHub Connect 中启用了“用户可以搜索 GitHub.com”时,专用和内部存储库中的问题不包括在 GitHub.com 搜索结果中。 + - "{% data variables.product.prodname_registry %} npm 注册表不再在元数据响应中返回时间值。这样可以大幅改善性能。我们继续拥有将时间值作为元数据响应的一部分返回所需的所有数据,并将在以后解决现有性能问题后恢复返回该值。" + - 特定于处理预接收挂钩的资源限制可能导致部分预接收挂钩失败。 + - '{% data reusables.release-notes.ghas-3.4-secret-scanning-known-issue %}' diff --git a/translations/zh-CN/data/release-notes/enterprise-server/3-3/0.yml b/translations/zh-CN/data/release-notes/enterprise-server/3-3/0.yml new file mode 100644 index 0000000000..f321bb7caa --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/3-3/0.yml @@ -0,0 +1,305 @@ +date: '2021-12-07' +intro: For upgrade instructions, see "[Upgrading {% data variables.product.prodname_ghe_server %}](/admin/enterprise-management/updating-the-virtual-machine-and-physical-resources/upgrading-github-enterprise-server)."

**Note:** We are aware of an issue where {% data variables.product.prodname_actions %} may fail to start automatically following the upgrade to {% data variables.product.prodname_ghe_server %} 3.3. To resolve, connect to the appliance via SSH and run the `ghe-actions-start` command. +sections: + features: + - heading: Security Manager role + notes: + # https://github.com/github/releases/issues/1610 + - | + Organization owners can now grant teams the access to manage security alerts and settings on their repositories. The "security manager" role can be applied to any team and grants the team's members the following access: + + - Read access on all repositories in the organization. + - Write access on all security alerts in the organization. + - Access to the organization-level security tab. + - Write access on security settings at the organization level. + - Write access on security settings at the repository level. + + The security manager role is available as a public beta and subject to change. For more information, see "[Managing security managers in your organization](/organizations/managing-peoples-access-to-your-organization-with-roles/managing-security-managers-in-your-organization)." [Updated 2022-07-29] + + - heading: 'Ephemeral self-hosted runners for GitHub Actions & new webhooks for auto-scaling' + notes: + # https://github.com/github/releases/issues/1378 + - | + {% data variables.product.prodname_actions %} now supports ephemeral (single job) self-hosted runners and a new [`workflow_job`](/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#workflow_job) webhook to make autoscaling runners easier. + + Ephemeral runners are good for self-managed environments where each job is required to run on a clean image. After a job is run, ephemeral runners are automatically unregistered from {% data variables.product.product_location %}, allowing you to perform any post-job management. + + You can combine ephemeral runners with the new `workflow_job` webhook to automatically scale self-hosted runners in response to {% data variables.product.prodname_actions %} job requests. + + For more information, see "[Autoscaling with self-hosted runners](/actions/hosting-your-own-runners/autoscaling-with-self-hosted-runners)" and "[Webhook events and payloads](/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#workflow_job)." + + - heading: 'Dark high contrast theme' + notes: + # https://github.com/github/releases/issues/1539 + - | + A dark high contrast theme, with greater contrast between foreground and background elements, is now available on {% data variables.product.prodname_ghe_server %} 3.3. This release also includes improvements to the color system across all {% data variables.product.company_short %} themes. + + ![Animated image of switching between dark default theme and dark high contrast on the appearance settings page](https://user-images.githubusercontent.com/334891/123645834-ad096c00-d7f4-11eb-85c9-b2c92b00d70a.gif) + + For more information about changing your theme, see "[Managing your theme settings](/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/managing-your-theme-settings)." + + changes: + - heading: Administration Changes + notes: + # https://github.com/github/releases/issues/1666 + - '{% data variables.product.prodname_ghe_server %} 3.3 includes improvements to the maintenance of repositories, especially for repositories that contain many unreachable objects. Note that the first maintenance cycle after upgrading to {% data variables.product.prodname_ghe_server %} 3.3 may take longer than usual to complete.' + + # https://github.com/github/releases/issues/1533 + - '{% data variables.product.prodname_ghe_server %} 3.3 includes the public beta of a repository cache for geographically-distributed teams and CI infrastructure. The repository cache keeps a read-only copy of your repositories available in additional geographies, which prevents clients from downloading duplicate Git content from your primary instance. For more information, see "[About repository caching](/admin/enterprise-management/caching-repositories/about-repository-caching)."' + + # https://github.com/github/releases/issues/1616 + - '{% data variables.product.prodname_ghe_server %} 3.3 includes improvements to the user impersonation process. An impersonation session now requires a justification for the impersonation, actions are recorded in the audit log as being performed as an impersonated user, and the user who is impersonated will receive an email notification that they have been impersonated by an enterprise administrator. For more information, see "[Impersonating a user](/enterprise-server@3.3/admin/user-management/managing-users-in-your-enterprise/impersonating-a-user)."' + + # https://github.com/github/releases/issues/1609 + - A new stream processing service has been added to facilitate the growing set of events that are published to the audit log, including events associated with Git and {% data variables.product.prodname_actions %} activity. + + # https://github.com/github/docs-content/issues/5801 + - The {% data variables.product.prodname_github_connect %} data connection record now includes a list of enabled {% data variables.product.prodname_github_connect %} features. [Updated 2021-12-09] + + - heading: Token Changes + notes: + # https://github.com/github/releases/issues/1390 + - | + An expiration date can now be set for new and existing personal access tokens. Setting an expiration date on personal access tokens is highly recommended to prevent older tokens from leaking and compromising security. Token owners will receive an email when it's time to renew a token that's about to expire. Tokens that have expired can be regenerated, giving users a duplicate token with the same properties as the original. + + When using a personal access token with the {% data variables.product.company_short %} API, a new `GitHub-Authentication-Token-Expiration` header is included in the response, which indicates the token's expiration date. For more information, see "[Creating a personal access token](/github/authenticating-to-github/keeping-your-account-and-data-secure/creating-a-personal-access-token)." + + - heading: 'Notifications changes' + notes: + # https://github.com/github/releases/issues/1625 + - 'Notification emails from discussions now include `(Discussion #xx)` in the subject, so you can recognize and filter emails that reference discussions.' + + - heading: 'Repositories changes' + notes: + # https://github.com/github/releases/issues/1735 + - Public repositories now have a `Public` label next to their names like private and internal repositories. This change makes it easier to identify public repositories and avoid accidentally committing private code. + + # https://github.com/github/releases/issues/1733 + - If you specify the exact name of a branch when using the branch selector menu, the result now appears at the top of the list of matching branches. Previously, exact branch name matches could appear at the bottom of the list. + + # https://github.com/github/releases/issues/1673 + - When viewing a branch that has a corresponding open pull request, {% data variables.product.prodname_ghe_server %} now links directly to the pull request. Previously, there would be a prompt to contribute using branch comparison or to open a new pull request. + + # https://github.com/github/releases/issues/1670 + - You can now click a button to copy the full raw contents of a file to the clipboard. Previously, you would need to open the raw file, select all, and then copy. To copy the contents of a file, navigate to the file and click {% octicon "copy" aria-label="The copy icon" %} in the toolbar. Note that this feature is currently only available in some browsers. + + # https://github.com/github/releases/issues/1571 + - When creating a new release, you can now select or create the tag using a dropdown selector, rather than specifying the tag in a text field. For more information, see "[Managing releases in a repository](/repositories/releasing-projects-on-github/managing-releases-in-a-repository)." + + # https://github.com/github/releases/issues/1752 + - A warning is now displayed when viewing a file that contains bidirectional Unicode text. Bidirectional Unicode text can be interpreted or compiled differently than it appears in a user interface. For example, hidden bidirectional Unicode characters can be used to swap segments of text in a file. For more information about replacing these characters, see the [{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-10-31-warning-about-bidirectional-unicode-text/). + + # https://github.com/github/releases/issues/1416 + - You can now use `CITATION.cff` files to let others know how you would like them to cite your work. `CITATION.cff` files are plain text files with human- and machine-readable citation information. {% data variables.product.prodname_ghe_server %} parses this information into common citation formats such as [APA](https://apastyle.apa.org) and [BibTeX](https://en.wikipedia.org/wiki/BibTeX). For more information, see "[About CITATION files](/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-citation-files)." + + - heading: 'Markdown changes' + notes: + # https://github.com/github/releases/issues/1645 + - | + You can use new keyboard shortcuts for quotes and lists in Markdown files, issues, pull requests, and comments. + + * To add quotes, use cmd shift . on Mac, or ctrl shift . on Windows and Linux. + * To add an ordered list, use cmd shift 7 on Mac, or ctrl shift 7 on Windows and Linux. + * To add an unordered list, use cmd shift 8 on Mac, or ctrl shift 8 on Windows and Linux. + + See "[Keyboard shortcuts](/get-started/using-github/keyboard-shortcuts)" for a full list of available shortcuts. + + # https://github.com/github/releases/issues/1684 + - You can now use footnote syntax in any Markdown field. Footnotes are displayed as superscript links that you can click to jump to the referenced information, which is displayed in a new section at the bottom of the document. For more information about the syntax, see "[Basic writing and formatting syntax](/github/writing-on-github/getting-started-with-writing-and-formatting-on-github/basic-writing-and-formatting-syntax#footnotes)." + + # https://github.com/github/releases/issues/1647 + - When viewing Markdown files, you can now click {% octicon "code" aria-label="The code icon" %} in the toolbar to view the source of a Markdown file. Previously, you needed to use the blame view to link to specific line numbers in the source of a Markdown file. + + # https://github.com/github/releases/issues/1600 + - You can now add images and videos to Markdown files in gists by pasting them into the Markdown body or selecting them from the dialog at the bottom of the Markdown file. For information about supported file types, see "[Attaching files](https://docs.github.com/en/github/writing-on-github/working-with-advanced-formatting/attaching-files)." + + # https://github.com/github/releases/issues/1523 + - '{% data variables.product.prodname_ghe_server %} now automatically generates a table of contents for Wikis, based on headings.' + + # https://github.com/github/releases/issues/1626 + - When dragging and dropping files into a Markdown editor, such as images and videos, {% data variables.product.prodname_ghe_server %} now uses the mouse pointer location instead of the cursor location when placing the file. + + - heading: 'Issues and pull requests changes' + notes: + # https://github.com/github/releases/issues/1504 + - You can now search issues by label using a logical OR operator. To filter issues using logical OR, use the comma syntax. For example, `label:"good first issue","bug"` will list all issues with a label of `good first issue` or `bug`. For more information, see "[Filtering and searching issues and pull requests](/issues/tracking-your-work-with-issues/filtering-and-searching-issues-and-pull-requests#about-search-terms)." + + # https://github.com/github/releases/issues/1685 + - | + Improvements have been made to help teams manage code review assignments. You can now: + + - Limit assignment to only direct members of the team. + - Continue with automatic assignment even if one or more members of the team are already requested. + - Keep a team assigned to review even if one or more members is newly assigned. + + The timeline and reviewers sidebar on the pull request page now indicate if a review request was automatically assigned to one or more team members. + + For more information, see the [{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-09-29-new-code-review-assignment-settings-and-team-filtering-improvements/). + - You can now filter pull request searches to only include pull requests you are directly requested to review. + # https://github.com/github/releases/issues/1683 + - Filtered files in pull requests are now completely hidden from view, and are no longer shown as collapsed in the "Files Changed" tab. The "File Filter" menu has also been simplified. For more information, see "[Filtering files in a pull request](/github/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/filtering-files-in-a-pull-request)." + + - heading: 'GitHub Actions changes' + notes: + # https://github.com/github/releases/issues/1593 + - You can now create "composite actions" which combine multiple workflow steps into one action, and includes the ability to reference other actions. This makes it easier to reduce duplication in workflows. Previously, an action could only use scripts in its YAML definition. For more information, see "[Creating a composite action](/actions/creating-actions/creating-a-composite-action)." + + # https://github.com/github/releases/issues/1694 + - Managing self-hosted runners at the enterprise level no longer requires using personal access tokens with the `admin:enterprise` scope. You can instead use the new `manage_runners:enterprise` scope to restrict the permissions on your tokens. Tokens with this scope can authenticate to [many REST API endpoints](/rest/reference/enterprise-admin#list-self-hosted-runner-groups-for-an-enterprise) to manage your enterprise's self-hosted runners. + + # https://github.com/github/releases/issues/1157 + - | + The audit log now includes additional events for {% data variables.product.prodname_actions %}. Audit log entries are now recorded for the following events: + + * A self-hosted runner is registered or removed. + * A self-hosted runner is added to a runner group, or removed from a runner group. + * A runner group is created or removed. + * A workflow run is created or completed. + * A workflow job is prepared. Importantly, this log includes the list of secrets that were provided to the runner. + + For more information, see "[Security hardening for {% data variables.product.prodname_actions %}](/actions/security-guides/security-hardening-for-github-actions#auditing-github-actions-events)." + + # https://github.com/github/releases/issues/1588 + - '{% data variables.product.prodname_ghe_server %} 3.3 contains performance improvements for job concurrency with {% data variables.product.prodname_actions %}. For more information about the new performance targets for a range of CPU and memory configurations, see "[Getting started with {% data variables.product.prodname_actions %} for {% data variables.product.prodname_ghe_server %}](/admin/github-actions/enabling-github-actions-for-github-enterprise-server/getting-started-with-github-actions-for-github-enterprise-server#review-hardware-considerations)."' + + # https://github.com/github/releases/issues/1556 + - To mitigate insider man in the middle attacks when using actions resolved through {% data variables.product.prodname_github_connect %} to {% data variables.product.prodname_dotcom_the_website %} from {% data variables.product.prodname_ghe_server %}, the actions namespace (`owner/name`) is retired on use. Retiring the namespace prevents that namespace from being created on your {% data variables.product.prodname_ghe_server %} instance, and ensures all workflows referencing the action will download it from {% data variables.product.prodname_dotcom_the_website %}. + + - heading: 'GitHub Packages changes' + notes: + # https://github.com/github/docs-content/issues/5554 + - When a repository is deleted, any associated package files are now immediately deleted from your {% data variables.product.prodname_registry %} external storage. + + - heading: 'Dependabot and Dependency graph changes' + notes: + # https://github.com/github/releases/issues/1141 + - Dependency review is out of beta and is now generally available for {% data variables.product.prodname_GH_advanced_security %} customers. Dependency review provides an easy-to-understand view of dependency changes and their security impact in the "Files changed" tab of pull requests. It informs you of which dependencies were added, removed, or updated, along with vulnerability information. For more information, see "[Reviewing dependency changes in a pull request](/github/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-dependency-changes-in-a-pull-request)." + + # https://github.com/github/releases/issues/1630 + - '{% data variables.product.prodname_dependabot %} is now available as a private beta, offering both version updates and security updates for several popular ecosystems. {% data variables.product.prodname_dependabot %} on {% data variables.product.prodname_ghe_server %} requires {% data variables.product.prodname_actions %} and a pool of self-hosted runners configured for {% data variables.product.prodname_dependabot %} use. {% data variables.product.prodname_dependabot %} on {% data variables.product.prodname_ghe_server %} also requires {% data variables.product.prodname_github_connect %} to be enabled. To learn more and sign up for the beta, contact the GitHub Sales team.' + + - heading: 'Code scanning and secret scanning changes' + notes: + # https://github.com/github/releases/issues/1724 + - The depth of {% data variables.product.prodname_codeql %}'s analysis has been improved by adding support for more [libraries and frameworks](https://codeql.github.com/docs/codeql-overview/supported-languages-and-frameworks/) and increasing the coverage of our existing library and framework models. [JavaScript](https://github.com/github/codeql/tree/main/javascript) analysis now supports most common templating languages, and [Java](https://github.com/github/codeql/tree/main/java) now covers more than three times the endpoints of previous {% data variables.product.prodname_codeql %} versions. As a result, {% data variables.product.prodname_codeql %} can now detect even more potential sources of untrusted user data, steps through which that data flows, and potentially dangerous sinks where the data could end up. This results in an overall improvement of the quality of {% data variables.product.prodname_code_scanning %} alerts. + + # https://github.com/github/releases/issues/1639 + - '{% data variables.product.prodname_codeql %} now supports scanning standard language features in Java 16, such as records and pattern matching. {% data variables.product.prodname_codeql %} is able to analyze code written in Java version 7 through 16. For more information about supported languages and frameworks, see the [{% data variables.product.prodname_codeql %} documentation](https://codeql.github.com/docs/codeql-overview/supported-languages-and-frameworks/#id5).' + + # https://github.com/github/releases/issues/1655 + - | + Improvements have been made to the {% data variables.product.prodname_code_scanning %} `on:push` trigger when code is pushed to a pull request. If an `on:push` scan returns results that are associated with a pull request, {% data variables.product.prodname_code_scanning %} will now show these alerts on the pull request. + + Some other CI/CD systems can be exclusively configured to trigger a pipeline when code is pushed to a branch, or even exclusively for every commit. Whenever such an analysis pipeline is triggered and results are uploaded to the SARIF API, {% data variables.product.prodname_code_scanning %} will also try to match the analysis results to an open pull request. If an open pull request is found, the results will be published as described above. For more information, see the [{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-09-27-showing-code-scanning-alerts-on-pull-requests/). + + # https://github.com/github/releases/issues/1546 + - You can now use the new pull request filter on the {% data variables.product.prodname_code_scanning %} alerts page to find all the {% data variables.product.prodname_code_scanning %} alerts associated with a pull request. A new "View all branch alerts" link on the pull request "Checks" tab allows you to directly view {% data variables.product.prodname_code_scanning %} alerts with the specific pull request filter already applied. For more information, see the [{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-08-23-pull-request-filter-for-code-scanning-alerts/). + + # https://github.com/github/releases/issues/1562 + - User defined patterns for {% data variables.product.prodname_secret_scanning %} is out of beta and is now generally available for {% data variables.product.prodname_GH_advanced_security %} customers. Also new in this release is the ability to edit custom patterns defined at the repository, organization, and enterprise levels. After editing and saving a pattern, {% data variables.product.prodname_secret_scanning %} searches for matches both in a repository's entire Git history and in any new commits. Editing a pattern will close alerts previously associated with the pattern if they no longer match the updated version. Other improvements, such as dry-runs, are planned in future releases. For more information, see "[Defining custom patterns for secret scanning](/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning)." + + - heading: API and webhook changes + notes: + # https://github.com/github/releases/issues/1744 + - Most REST API previews have graduated and are now an official part of the API. Preview headers are no longer required for most REST API endpoints, but will still function as expected if you specify a graduated preview in the `Accept` header of a request. For previews that still require specifying the preview in the `Accept` header of a request, see "[API previews](/rest/overview/api-previews)." + + # https://github.com/github/releases/issues/1513 + - You can now use the REST API to configure custom autolinks to external resources. The REST API now provides beta `GET`/`POST`/`DELETE` endpoints which you can use to view, add, or delete custom autolinks associated with a repository. For more information, see "[Autolinks](/rest/reference/repos#autolinks)." + + # https://github.com/github/releases/issues/1578 + - You can now use the REST API to sync a forked repository with its upstream repository. For more information, see "[Branches](/rest/reference/branches#sync-a-fork-branch-with-the-upstream-repository)" in the REST API documentation. + + # https://github.com/github/releases/issues/1527 + - Enterprise administrators on GitHub Enterprise Server can now use the REST API to enable or disable Git LFS for a repository. For more information, see "[Repositories](/rest/reference/repos#git-lfs)." + + # https://github.com/github/releases/issues/1476 + - You can now use the REST API to query the audit log for an enterprise. While audit log forwarding provides the ability to retain and analyze data with your own toolkit and determine patterns over time, the new endpoint can help you perform limited analysis on recent events. For more information, see "[{% data variables.product.prodname_enterprise %} administration](/rest/reference/enterprise-admin#get-the-audit-log-for-an-enterprise)" in the REST API documentation. + + # https://github.com/github/releases/issues/1485 + - GitHub App user-to-server API requests can now read public resources using the REST API. This includes, for example, the ability to list a public repository's issues and pull requests, and to access a public repository's comments and content. + + # https://github.com/github/releases/issues/1734 + - When creating or updating a repository, you can now configure whether forking is allowed using the REST and GraphQL APIs. Previously, APIs for creating and updating repositories didn't include the fields `allow_forking` (REST) or `forkingAllowed` (GraphQL). For more information, see "[Repositories](/rest/reference/repos)" in the REST API documentation and "[Repositories](/graphql/reference/objects#repository)" in the GraphQL API documentation. + + # https://github.com/github/releases/issues/1637 + - | + A new GraphQL mutation [`createCommitOnBranch`](/graphql/reference/mutations#createcommitonbranch) makes it easier to add, update, and delete files in a branch of a repository. Compared to the REST API, you do not need to manually create blobs and trees before creating the commit. This allows you to add, update, or delete multiple files in a single API call. + + Commits authored using the new API are automatically GPG signed and are [marked as verified](/github/authenticating-to-github/managing-commit-signature-verification/about-commit-signature-verification) in the {% data variables.product.prodname_ghe_server %} UI. GitHub Apps can use the mutation to author commits directly or [on behalf of users](/developers/apps/building-github-apps/identifying-and-authorizing-users-for-github-apps#user-to-server-requests). + + # https://github.com/github/releases/issues/1665 + - When a new tag is created, the [push](/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#push) webhook payload now always includes a `head_commit` object that contains the data of the commit that the new tag points to. As a result, the `head_commit` object will always contain the commit data of the payload's `after` commit. + + - heading: 'Performance Changes' + notes: + # https://github.com/github/releases/issues/1823 + - Page loads and jobs are now significantly faster for repositories with many Git refs. + + # No security/bug fixes for the RC release + # security_fixes: + # - PLACEHOLDER + + # bugs: + # - PLACEHOLDER + + known_issues: + - After upgrading to {% data variables.product.prodname_ghe_server %} 3.3, {% data variables.product.prodname_actions %} may fail to start automatically. To resolve this issue, connect to the appliance via SSH and run the `ghe-actions-start` command. + - On a freshly set up {% data variables.product.prodname_ghe_server %} instance without any users, an attacker could create the first admin user. + - Custom firewall rules are removed during the upgrade process. + - Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. + - Issues cannot be closed if they contain a permalink to a blob in the same repository, where the blob's file path is longer than 255 characters. + - When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. + - The {% data variables.product.prodname_registry %} npm registry no longer returns a time value in metadata responses. This was done to allow for substantial performance improvements. We continue to have all the data necessary to return a time value as part of the metadata response and will resume returning this value in the future once we have solved the existing performance issues. + - Resource limits that are specific to processing pre-receive hooks may cause some pre-receive hooks to fail. + - '{% data variables.product.prodname_actions %} storage settings cannot be validated and saved in the {% data variables.enterprise.management_console %} when "Force Path Style" is selected, and must instead be configured with the `ghe-actions-precheck` command line utility.' + - '{% data variables.product.prodname_ghe_server %} 3.3 instances installed on Azure and provisioned with 32+ CPU cores would fail to launch, due to a bug present in the current Linux kernel. [Updated: 2022-04-08]' + - '{% data reusables.release-notes.ghas-3.4-secret-scanning-known-issue %}' + deprecations: + - heading: Deprecation of GitHub Enterprise Server 2.22 + notes: + - '**{% data variables.product.prodname_ghe_server %} 2.22 was discontinued on September 23, 2021**. This means that no patch releases will be made, even for critical security issues, after this date. For better performance, improved security, and new features, [upgrade to the newest version of {% data variables.product.prodname_ghe_server %}](/enterprise-server@3.3/admin/enterprise-management/upgrading-github-enterprise-server) as soon as possible.' + - heading: Deprecation of GitHub Enterprise Server 3.0 + notes: + - '**{% data variables.product.prodname_ghe_server %} 3.0 will be discontinued on February 16, 2022**. This means that no patch releases will be made, even for critical security issues, after this date. For better performance, improved security, and new features, [upgrade to the newest version of {% data variables.product.prodname_ghe_server %}](/enterprise-server@3.3/admin/enterprise-management/upgrading-github-enterprise-server) as soon as possible.' + + - heading: Deprecation of XenServer Hypervisor support + notes: + # https://github.com/github/docs-content/issues/4439 + - Starting with {% data variables.product.prodname_ghe_server %} 3.3, {% data variables.product.prodname_ghe_server %} on XenServer is deprecated and is no longer supported. Please contact [GitHub Support](https://support.github.com) with questions or concerns. + + - heading: Deprecation of OAuth Application API endpoints and API authentication using query parameters + notes: + # https://github.com/github/releases/issues/1316 + - | + To prevent accidental logging or exposure of `access_tokens`, we discourage the use of OAuth Application API endpoints and the use of API authentication using query parameters. View the following posts to see the proposed replacements: + + * [Replacement OAuth Application API endpoints](https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/#changes-to-make) + * [Replacement authentication using headers instead of query param](https://developer.github.com/changes/2020-02-10-deprecating-auth-through-query-param/#changes-to-make) + + These endpoints and authentication route are planned to be removed from {% data variables.product.prodname_ghe_server %} in {% data variables.product.prodname_ghe_server %} 3.4. + + - heading: Deprecation of the CodeQL runner + notes: + # https://github.com/github/releases/issues/1632 + - The {% data variables.product.prodname_codeql %} runner is being deprecated. {% data variables.product.prodname_ghe_server %} 3.3 will be the final release series that supports the {% data variables.product.prodname_codeql %} runner. Starting with {% data variables.product.prodname_ghe_server %} 3.4, the {% data variables.product.prodname_codeql %} runner will be removed and no longer supported. The {% data variables.product.prodname_codeql %} CLI version 2.6.2 or greater is a feature-complete replacement for the {% data variables.product.prodname_codeql %} runner. For more information, see the [{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-09-21-codeql-runner-deprecation/). + + - heading: Deprecation of custom bit-cache extensions + notes: + # https://github.com/github/releases/issues/1415 + - | + Starting in {% data variables.product.prodname_ghe_server %} 3.1, support for {% data variables.product.company_short %}'s proprietary bit-cache extensions began to be phased out. These extensions are now deprecated in {% data variables.product.prodname_ghe_server %} 3.3. + + Any repositories that were already present and active on {% data variables.product.product_location %} running version 3.1 or 3.2 will have been automatically updated. + + Repositories which were not present and active before upgrading to {% data variables.product.prodname_ghe_server %} 3.3 may not perform optimally until a repository maintenance task is run and has successfully completed. + + To start a repository maintenance task manually, browse to `https:///stafftools/repositories///network` for each affected repository and click the **Schedule** button. + + - heading: Change to the format of authentication tokens affects GitHub Connect + notes: + # https://github.com/github/releases/issues/1235 + - | + GitHub Connect will no longer work after June 3rd for instances running GitHub Enterprise Server 3.1 or older, due to the format of GitHub authentication tokens changing. To continue using GitHub Connect, upgrade to GitHub Enterprise Server 3.2 or later. For more information, see the [GitHub Blog](https://github.blog/2022-05-20-action-needed-by-github-connect-customers-using-ghes-3-1-and-older-to-adopt-new-authentication-token-format-updates/). [Updated: 2022-06-14] + + backups: + - '{% data variables.product.prodname_ghe_server %} 3.3 requires at least [GitHub Enterprise Backup Utilities 3.3.0](https://github.com/github/backup-utils) for [Backups and Disaster Recovery](/admin/configuration/configuring-your-enterprise/configuring-backups-on-your-appliance).' diff --git a/translations/zh-CN/data/release-notes/enterprise-server/3-3/1.yml b/translations/zh-CN/data/release-notes/enterprise-server/3-3/1.yml new file mode 100644 index 0000000000..f1a151b0f5 --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/3-3/1.yml @@ -0,0 +1,17 @@ +date: '2021-12-13' +sections: + security_fixes: + - '{% octicon "alert" aria-label="The alert icon" %} 严重:****在 Log4j 库中发现远程代码执行漏洞,该漏洞会影响 3.3.1 之前的所有 {% data variables.product.prodname_ghe_server %} 版本,漏洞编号为 [CVE-2021-44228](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228)。Log4j 库用于在 {% data variables.product.prodname_ghe_server %} 实例上运行的开源服务。已在 {% data variables.product.prodname_ghe_server %} 3.0.22、3.1.14、3.2.6 和 3.3.1 中修复该漏洞。 有关详细信息,请参阅 GitHub 博客[文章](https://github.blog/2021-12-13-githubs-response-to-log4j-vulnerability-cve-2021-44228/)。' + - '2021 年 12 月 17 日更新****:此版本中的修复也能缓解在该版本之后发布的 [CVE-2021-45046](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45046)。无需再升级 {% data variables.product.prodname_ghe_server %},即可缓解 CVE-2021-44228 和 CVE-2021-45046。' + known_issues: + - "升级到 {% data variables.product.prodname_ghe_server %} 3.3 后,{% data variables.product.prodname_actions %} 可能无法自动启动。若要解决此问题,请通过 SSH 连接到设备并运行 `ghe-actions-start` 命令。" + - "在没有任何用户的新建 {% data variables.product.prodname_ghe_server %} 实例上,攻击者可以创建第一个管理员用户。" + - 自定义防火墙规则在升级过程中被移除。 + - "[通过 Web 界面上传](https://github.com/blog/2105-upload-files-to-your-repositories)的 Git LFS 跟踪文件被错误地直接添加到存储库。" + - 如果问题包含同一存储库中 blob 的永久链接并且该 blob de 文件路径长于 255 个字符,则问题无法关闭。 + - 在 GitHub Connect 中启用了“用户可以搜索 GitHub.com”时,专用和内部存储库中的问题不包括在 GitHub.com 搜索结果中。 + - "{% data variables.product.prodname_registry %} npm 注册表不再在元数据响应中返回时间值。这样做是为了大幅改善性能。我们继续拥有将时间值作为元数据响应的一部分返回所需的所有数据,并将在以后解决现有性能问题后恢复返回该值。" + - 特定于处理预接收挂钩的资源限制可能导致部分预接收挂钩失败。 + - '选择“强制路径样式”时,无法验证 {% data variables.product.prodname_actions %} 存储设置并将其保存在 {% data variables.enterprise.management_console %} 中,而必须使用 `ghe-actions-precheck` 命令行实用程序进行配置。' + - '由于当前 Linux 内核中存在 bug,安装在 Azure 上并预配了 32 个以上 CPU 内核的 {% data variables.product.prodname_ghe_server %} 3.3 实例将无法启动。[更新时间:2022-04-08]' + - '{% data reusables.release-notes.ghas-3.4-secret-scanning-known-issue %}' diff --git a/translations/zh-CN/data/release-notes/enterprise-server/3-3/10.yml b/translations/zh-CN/data/release-notes/enterprise-server/3-3/10.yml new file mode 100644 index 0000000000..5dd515f1ce --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/3-3/10.yml @@ -0,0 +1,22 @@ +date: '2022-06-28' +sections: + security_fixes: + - "中****:确保 `github.company.com` 和 `github-company.com` 不会被内部服务评估为相同的主机名,从而防止潜在的服务器端安全性伪造 (SSRF) 攻击。" + - "低****:即使外部防火墙规则阻止了 HTTP 访问,攻击者也可以使用路径遍历攻击通过 HTTP 访问管理控制台。" + - 包已更新到最新安全版本。 + bugs: + - 在某些情况下,网站管理员未自动添加为企业所有者。 + - 将一个分支合并到默认分支之后,文件的“历史记录”链接仍然会链接到前一个分支,而不是目标分支。 + changes: + - 如果某些字段(如名称)的值过长,则创建或更新检查运行或检查套件可能返回“500 内部服务器错误”。 + known_issues: + - "升级到 {% data variables.product.prodname_ghe_server %} 3.3 后,{% data variables.product.prodname_actions %} 可能无法自动启动。若要解决此问题,请通过 SSH 连接到设备并运行 `ghe-actions-start` 命令。" + - "在新建的没有任何用户的 {% data variables.product.prodname_ghe_server %} 实例上,攻击者可以创建第一个管理员用户。" + - 自定义防火墙规则在升级过程中被删除。 + - "[通过 Web 界面上传](https://github.com/blog/2105-upload-files-to-your-repositories)的 Git LFS 跟踪文件被错误地直接添加到存储库。" + - 如果问题包含文件路径长于 255 个字符的同一存储库中 blob 的永久链接,则问题无法关闭。 + - "对 {% data variables.product.prodname_github_connect %} 启用“用户可以搜索 GitHub.com”后,专用和内部存储库中的问题不包括在 {% data variables.product.prodname_dotcom_the_website %} 搜索结果中。" + - "{% data variables.product.prodname_registry %} npm 注册表不再在元数据响应中返回时间值。这样可以大幅改善性能。作为元数据响应的一部分,我们继续拥有返回时间值所需的所有数据,并将在以后解决现有性能问题后恢复返回这个值。" + - 特定于处理预接收挂钩的资源限制可能导致部分预接收挂钩失败。 + - '选择“强制路径样式”时,无法验证 {% data variables.product.prodname_actions %} 存储设置并将其保存在 {% data variables.enterprise.management_console %} 中,而必须使用 `ghe-actions-precheck` 命令行实用程序进行配置。' + - '{% data reusables.release-notes.ghas-3.4-secret-scanning-known-issue %}' diff --git a/translations/zh-CN/data/release-notes/enterprise-server/3-3/11.yml b/translations/zh-CN/data/release-notes/enterprise-server/3-3/11.yml new file mode 100644 index 0000000000..af05faae67 --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/3-3/11.yml @@ -0,0 +1,32 @@ +date: '2022-07-21' +sections: + security_fixes: + - "中****:防止服务器端请求伪造 (SSRF) 可能通过向 Memcached 注入任意数据来强制 Subversion (SVN) 桥执行远程代码的攻击。" + - "中****:通过利用 GitHub Enterprise Server Web 界面中下拉 UI 元素中的跨站脚本 (XSS) 漏洞来防止攻击者执行 Javascript 代码。" + - "将 Grafana 更新到版本 7.5.16,这样可以解决各种安全漏洞,包括 [CVE-2020-13379](https://github.com/advisories/GHSA-wc9w-wvq2-ffm9) 和 [CVE-2022-21702](https://github.com/grafana/grafana/security/advisories/GHSA-xc3p-28hw-q24g)。" + - 包已更新到最新的安全版本。 + - "中****:在 GitHub Enterprise Server 中发现了一个存储型 XSS 漏洞,该漏洞允许注入任意属性。此注入被 Github 内容安全策略 (CSP) 阻止。此漏洞通过 GitHub Bug 赏金计划报告,已分配 [CVE-2022-23733](https://www.cve.org/CVERecord?id=CVE-2022-23733)。[更新时间:2022-07-31]" + + + bugs: + - 修复了使用解压缩工具解压缩时项目压缩存档中的文件权限为 000 的问题。现在这些文件的权限将设置为 644,就像在 GitHub.com 中那样。 + - 在某些情况下,collectd 守护进程可能会消耗过多内存。 + - 在某些情况下,旋转日志文件备份可能会累积并消耗过多存储。 + - 在升级到新功能版本并运行后续配置之后,Elasticsearch 可能在重新生成索引时记录过多异常。 + - 在某些情况下,受保护的分支需要多个批准的审查,一个拉取请求可以合并少于所需数量的批准审查。 + - 在使用 LDAP 身份验证的实例中,当用户名和密码的文本字段都可见时,sudo 模式的身份验证提示在默认情况下将光标错误地放置在密码字段中。 + changes: + - "`ghe-set-password` 命令行实用程序在以恢复模式启动实例时自动启动所需的服务。" + - 将收集 `aqueduct` 后台进程指标进行 Collectd 转发并显示在管理控制台中。 + - 数据库迁移和配置运行日志 `/data/user/common/ghe-config.log` 的位置现在显示在详细描述正在进行的迁移的页面上。 + known_issues: + - "升级到 {% data variables.product.prodname_ghe_server %} 3.3 后,{% data variables.product.prodname_actions %} 可能无法自动启动。若要解决此问题,请通过 SSH 连接到设备并运行 `ghe-actions-start` 命令。" + - "在新建的没有任何用户的 {% data variables.product.prodname_ghe_server %} 实例上,攻击者可以创建第一个管理员用户。" + - 自定义防火墙规则在升级过程中被删除。 + - "[通过 Web 界面上传](https://github.com/blog/2105-upload-files-to-your-repositories)的 Git LFS 跟踪文件被错误地直接添加到存储库。" + - 如果问题包含文件路径长于 255 个字符的同一存储库中 Blob 的永久链接,则问题无法关闭。 + - "对 {% data variables.product.prodname_github_connect %} 启用“用户可以搜索 GitHub.com”后,专用和内部存储库中的问题不包括在 {% data variables.product.prodname_dotcom_the_website %} 搜索结果中。" + - "{% data variables.product.prodname_registry %} npm 注册表不再在元数据响应中返回时间值。这样可以大幅改善性能。我们继续拥有将时间值作为元数据响应的一部分返回所需的所有数据,并将在以后解决现有性能问题后恢复返回该值。" + - 特定于处理预接收挂钩的资源限制可能导致部分预接收挂钩失败。 + - '选择“强制路径样式”时,无法验证 {% data variables.product.prodname_actions %} 存储设置并将其保存在 {% data variables.enterprise.management_console %} 中,而必须使用 `ghe-actions-precheck` 命令行实用程序进行配置。' + - '{% data reusables.release-notes.ghas-3.4-secret-scanning-known-issue %}' diff --git a/translations/zh-CN/data/release-notes/enterprise-server/3-3/12.yml b/translations/zh-CN/data/release-notes/enterprise-server/3-3/12.yml new file mode 100644 index 0000000000..6f96ac3ca8 --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/3-3/12.yml @@ -0,0 +1,22 @@ +date: '2022-08-11' +sections: + security_fixes: + - | + **CRITICAL**: GitHub Enterprise Server's Elasticsearch container used a version of OpenJDK 8 that was vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. The vulnerability is tracked as [CVE-2022-34169](https://github.com/advisories/GHSA-9339-86wc-4qgf). + - | + **HIGH**: Previously installed apps on user accounts were automatically granted permission to access an organization on scoped access tokens after the user account was transformed into an organization account. This vulnerability was reported via the [GitHub Bug Bounty program](https://bounty.github.com). + bugs: + - When a custom dormancy threshold was set for the instance, suspending all dormant users did not reliably respect the threshold. For more information about dormancy, see "[Managing dormant users](/admin/user-management/managing-users-in-your-enterprise/managing-dormant-users)." + changes: + - The enterprise audit log now includes more user-generated events, such as `project.create`. The REST API also returns additional user-generated events, such as `repo.create`. For more information, see "[Accessing the audit log for your enterprise](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/accessing-the-audit-log-for-your-enterprise)" and "[Using the audit log API for your enterprise](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/using-the-audit-log-api-for-your-enterprise#querying-the-audit-log-rest-api)." + known_issues: + - After upgrading to {% data variables.product.prodname_ghe_server %} 3.3, {% data variables.product.prodname_actions %} may fail to start automatically. To resolve this issue, connect to the appliance via SSH and run the `ghe-actions-start` command. + - On a freshly set up {% data variables.product.prodname_ghe_server %} instance without any users, an attacker could create the first admin user. + - Custom firewall rules are removed during the upgrade process. + - Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. + - Issues cannot be closed if they contain a permalink to a blob in the same repository, where the blob's file path is longer than 255 characters. + - When "Users can search GitHub.com" is enabled with {% data variables.product.prodname_github_connect %}, issues in private and internal repositories are not included in {% data variables.product.prodname_dotcom_the_website %} search results. + - The {% data variables.product.prodname_registry %} npm registry no longer returns a time value in metadata responses. This was done to allow for substantial performance improvements. We continue to have all the data necessary to return a time value as part of the metadata response and will resume returning this value in the future once we have solved the existing performance issues. + - Resource limits that are specific to processing pre-receive hooks may cause some pre-receive hooks to fail. + - '{% data variables.product.prodname_actions %} storage settings cannot be validated and saved in the {% data variables.enterprise.management_console %} when "Force Path Style" is selected, and must instead be configured with the `ghe-actions-precheck` command line utility.' + - '{% data reusables.release-notes.ghas-3.4-secret-scanning-known-issue %}' diff --git a/translations/zh-CN/data/release-notes/enterprise-server/3-3/13.yml b/translations/zh-CN/data/release-notes/enterprise-server/3-3/13.yml new file mode 100644 index 0000000000..fc0b9b4e75 --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/3-3/13.yml @@ -0,0 +1,23 @@ +date: '2022-08-30' +sections: + bugs: + - 解锁存储库以进行临时访问后,站点管理员无法管理存储库中安全产品的设置。 + - 管理控制台和 `/home/admin/.ssh/authorized_keys` 文件中可能会出现重复的管理 SSH 密钥。 + - 在某些情况下,运行 `ghe-cluster-config-apply` 可以将空配置复制到群集中的现有节点。 + - 在某些情况下,以 `ghe-config-apply` 开始的配置运行未完成,或返回了 `Container count mismatch` 错误。 + - 在 GitHub Enterprise Server 实例上更新自签名 TLS 证书后,Web 界面中某些页面上的 UI 元素没有显示。 + - 在某些情况下,尽管不是线程安全的,但由于同时使用的库,可能会导致后台任务停止。 + changes: + - "由于并行日志清理,支持包的生成速度更快。有关支持包的详细信息,请参阅“[将数据提供给 GitHub 支持](/support/contacting-github-support/providing-data-to-github-support)”。" + - "企业审核日志现在包含更多用户生成的事件,例如 `project.create`。REST API 还返回其他用户生成的事件,例如 `repo.create`。有关详细信息,请参阅“[访问企业的审核日志](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/accessing-the-audit-log-for -your-enterprise)”和“[使用企业的审核日志 API](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/using-the-audit- log-api-for-your-enterprise#querying-the-audit-log-rest-api)”。" + known_issues: + - "升级到 {% data variables.product.prodname_ghe_server %} 3.3 后,{% data variables.product.prodname_actions %} 可能无法自动启动。若要解决此问题,请通过 SSH 连接到设备并运行 `ghe-actions-start` 命令。" + - "在新建的没有任何用户的 {% data variables.product.prodname_ghe_server %} 实例上,攻击者可以创建第一个管理员用户。" + - 自定义防火墙规则在升级过程中被删除。 + - "[通过 Web 界面上传](https://github.com/blog/2105-upload-files-to-your-repositories)的 Git LFS 跟踪文件被错误地直接添加到存储库。" + - 如果问题包含文件路径长于 255 个字符的同一存储库中 blob 的永久链接,则问题无法关闭。 + - "对 {% data variables.product.prodname_github_connect %} 启用“用户可以搜索 GitHub.com”后,专用和内部存储库中的问题不包括在 {% data variables.product.prodname_dotcom_the_website %} 搜索结果中。" + - "{% data variables.product.prodname_registry %} npm 注册表不再在元数据响应中返回时间值。这样可以大幅改善性能。作为元数据响应的一部分,我们继续拥有返回时间值所需的所有数据,并将在以后解决现有性能问题后恢复返回这个值。" + - 特定于处理预接收挂钩的资源限制可能导致部分预接收挂钩失败。 + - '选择“强制路径样式”时,无法验证 {% data variables.product.prodname_actions %} 存储设置并将其保存在 {% data variables.enterprise.management_console %} 中,而必须使用 `ghe-actions-precheck` 命令行实用程序进行配置。' + - '{% data reusables.release-notes.ghas-3.4-secret-scanning-known-issue %}' diff --git a/translations/zh-CN/data/release-notes/enterprise-server/3-3/2.yml b/translations/zh-CN/data/release-notes/enterprise-server/3-3/2.yml new file mode 100644 index 0000000000..7987ea5ef9 --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/3-3/2.yml @@ -0,0 +1,32 @@ +date: '2022-01-18' +sections: + security_fixes: + - '包已更新到最新的安全版本。在这些更新中,Log4j 已更新至版本 2.17.1。注意:以前在 3.3.1、3.2.6、3.1.14 和 3.0.22 中发布的缓解措施已经足够解决这些 GitHub Enterprise Server 版本中 CVE-2021-44228、CVE-2021-45046、CVE-2021-45105 和 CVE-2021-44832 的影响。' + - 清理生成的支持包中的更多机密 + - 具有安全管理员角色的团队中的用户现在将收到有关他们所监视的存储库的安全警报的通知。 + - 达到最大团队数量后,安全管理员组件将显示一个不那么激进的警告。 + - 当尝试从存储库中删除安全管理员团队时,存储库管理访问页面应返回 403。 + - 包已更新到最新的安全版本。 + bugs: + - 操作自托管运行器在从较旧的 GHES 安装升级后将无法自我更新或运行新作业。 + - 将 MinIO 配置为 GitHub 包的 Blob 存储时,无法验证存储设置。 + - 选择“强制路径样式”时,无法验证 GitHub Actions 存储设置并将其保存在管理控制台中。 + - 在设置了维护模式的更新后,操作将保持停止状态。 + - 由于 `/data/user/tmp/pages` 中存在权限问题,运行 `ghe-config-apply` 有时可能会失败。 + - 在低分辨率的浏览器中滚动,可能无法找到管理控制台中的保存按钮。 + - Collectd 版本升级后,IOPS 和存储流量监视图未更新。 + - 一些与 Webhook 相关的作业可能会产生大量的日志。 + - 账单导航项在站点管理员页面中可见。 + - 多个文档链接导致“404 找不到”错误。 + known_issues: + - "升级到 {% data variables.product.prodname_ghe_server %} 3.3 后,{% data variables.product.prodname_actions %} 可能无法自动启动。若要解决此问题,请通过 SSH 连接到设备并运行 `ghe-actions-start` 命令。" + - "在新建的没有任何用户的 {% data variables.product.prodname_ghe_server %} 实例上,攻击者可以创建第一个管理员用户。" + - 自定义防火墙规则在升级过程中被删除。 + - "[通过 Web 界面上传](https://github.com/blog/2105-upload-files-to-your-repositories)的 Git LFS 跟踪文件被错误地直接添加到存储库。" + - 如果问题包含文件路径长于 255 个字符的同一存储库中 blob 的永久链接,则问题无法关闭。 + - 在 GitHub Connect 中启用了“用户可以搜索 GitHub.com”时,专用和内部存储库中的问题不包括在 GitHub.com 搜索结果中。 + - "{% data variables.product.prodname_registry %} npm 注册表不再在元数据响应中返回时间值。这样可以大幅改善性能。我们继续拥有将时间值作为元数据响应的一部分返回所需的所有数据,并将在以后解决现有性能问题后恢复返回该值。" + - 特定于处理预接收挂钩的资源限制可能导致部分预接收挂钩失败。 + - '选择“强制路径样式”时,无法验证 {% data variables.product.prodname_actions %} 存储设置并将其保存在 {% data variables.enterprise.management_console %} 中,而必须使用 `ghe-actions-precheck` 命令行实用程序进行配置。' + - '由于当前 Linux 内核中存在 bug,安装在 Azure 上并预配了 32 个以上 CPU 内核的 {% data variables.product.prodname_ghe_server %} 3.3 实例将无法启动。[更新时间:2022-04-08]' + - '{% data reusables.release-notes.ghas-3.4-secret-scanning-known-issue %}' diff --git a/translations/zh-CN/data/release-notes/enterprise-server/3-3/3.yml b/translations/zh-CN/data/release-notes/enterprise-server/3-3/3.yml new file mode 100644 index 0000000000..03a43eed09 --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/3-3/3.yml @@ -0,0 +1,30 @@ +date: '2022-02-01' +sections: + security_fixes: + - '**中**:机密扫描 API 可能会为请求范围外的存储库返回警报。' + - 包已更新到最新的安全版本。 + bugs: + - 在 MySQL 机密轮换后,页面将不可用,直到手动重启 `nginx`。 + - "如果启用 {% data variables.product.prodname_actions %},迁移可能会失败。" + - 使用 ISO 8601 日期设置维护计划时,由于时区未转换为 UTC,因此实际计划时间将不匹配。 + - 有关 `cloud-config.service` 的虚假错误消息将输出到控制台。 + - 使用 `ghe-cluster-each` 安装热补丁后,版本号将无法正确更新。 + - Webhook 表清理作业可能同时运行,从而导致资源争用且作业运行时间增加。 + - 从主节点运行时,副本节点上的 `ghe-repl-teardown` 不会将副本节点从 MSSQL 可用性组中删除。 + - 以下功能无法正常使用:仅限对在经过验证或批准的域上具有电子邮件的用户发送基于电子邮件的通知。 + - 使用 CAS 身份验证并启用“重新激活暂停的用户”选项时,暂停的用户不会自动重新激活。 + - 与“安全警报”设置相关的长期数据库迁移可能会延迟升级完成。 + changes: + - GitHub Connect 数据连接记录现在包括活动和休眠用户数量计数以及配置的休眠期。 + known_issues: + - "升级到 {% data variables.product.prodname_ghe_server %} 3.3 后,{% data variables.product.prodname_actions %} 可能无法自动启动。若要解决此问题,请通过 SSH 连接到设备并运行 `ghe-actions-start` 命令。" + - "在新建的没有任何用户的 {% data variables.product.prodname_ghe_server %} 实例上,攻击者可以创建第一个管理员用户。" + - 自定义防火墙规则在升级过程中被删除。 + - "[通过 Web 界面上传](https://github.com/blog/2105-upload-files-to-your-repositories)的 Git LFS 跟踪文件被错误地直接添加到存储库。" + - 如果问题包含文件路径长于 255 个字符的同一存储库中 blob 的永久链接,则问题无法关闭。 + - 在 GitHub Connect 中启用了“用户可以搜索 GitHub.com”时,专用和内部存储库中的问题不包括在 GitHub.com 搜索结果中。 + - "{% data variables.product.prodname_registry %} npm 注册表在元数据响应中不再返回时间值。这样可以大幅改善性能。我们继续拥有将时间值作为元数据响应的一部分返回所需的所有数据,并将在以后解决现有性能问题后恢复返回该值。" + - 特定于处理预接收挂钩的资源限制可能导致部分预接收挂钩失败。 + - '选择“强制路径样式”时,无法验证 {% data variables.product.prodname_actions %} 存储设置并将其保存在 {% data variables.enterprise.management_console %} 中,而必须使用 `ghe-actions-precheck` 命令行实用程序进行配置。' + - '由于当前 Linux 内核中存在 bug,安装在 Azure 上并预配了 32 个以上 CPU 内核的 {% data variables.product.prodname_ghe_server %} 3.3 实例将无法启动。[更新时间:2022-04-08]' + - '{% data reusables.release-notes.ghas-3.4-secret-scanning-known-issue %}' diff --git a/translations/zh-CN/data/release-notes/enterprise-server/3-3/4.yml b/translations/zh-CN/data/release-notes/enterprise-server/3-3/4.yml new file mode 100644 index 0000000000..554a8318c1 --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/3-3/4.yml @@ -0,0 +1,25 @@ +date: '2022-02-17' +sections: + security_fixes: + - 用户可以注册名为“saml”的用户或组织。 + - 包已更新到最新安全版本。 + bugs: + - 使用 Azure Blob 存储时,无法验证 GitHub Packages 存储设置并将其保存在管理控制台中。 + - mssql.backup.cadence 配置选项的 ghe-config-check 失败,并发出无效字符集警告。 + - 修复从 memcached 获取超过 2^16 个密钥时的 SystemStackError(堆栈太深)。 + - 网站上的许多选择菜单呈现不正确,无法使用。 + changes: + - 现在可以在没有漏洞数据的情况下启用依赖项关系图,允许客户查看正在使用的依赖项和版本。启用依赖项关系图而不启用 GitHub Connect 不会**提供漏洞信息。 + - 机密扫描将跳过扫描 ZIP 和其他存档文件的机密。 + known_issues: + - "升级到 {% data variables.product.prodname_ghe_server %} 3.3 后,{% data variables.product.prodname_actions %} 可能无法自动启动。若要解决此问题,请通过 SSH 连接到设备并运行 `ghe-actions-start` 命令。" + - "在新建的没有任何用户的 {% data variables.product.prodname_ghe_server %} 实例上,攻击者可以创建第一个管理员用户。" + - 自定义防火墙规则在升级过程中被删除。 + - "[通过 Web 界面上传](https://github.com/blog/2105-upload-files-to-your-repositories)的 Git LFS 跟踪文件被错误地直接添加到存储库。" + - 如果问题包含文件路径长于 255 个字符的同一存储库中 blob 的永久链接,则问题无法关闭。 + - 在 GitHub Connect 中启用了“用户可以搜索 GitHub.com”时,专用和内部存储库中的问题不包括在 GitHub.com 搜索结果中。 + - "{% data variables.product.prodname_registry %} npm 注册表不再在元数据响应中返回时间值。这样可以大幅改善性能。作为元数据响应的一部分,我们继续拥有返回时间值所需的所有数据,并将在以后解决现有性能问题后恢复返回这个值。" + - 特定于处理预接收挂钩的资源限制可能导致部分预接收挂钩失败。 + - '选择“强制路径样式”时,无法验证 {% data variables.product.prodname_actions %} 存储设置并将其保存在 {% data variables.enterprise.management_console %} 中,而必须使用 `ghe-actions-precheck` 命令行实用程序进行配置。' + - '由于当前 Linux 内核中存在 bug,安装在 Azure 上并预配了 32 个以上 CPU 内核的 {% data variables.product.prodname_ghe_server %} 3.3 实例将无法启动。[更新时间:2022-04-08]' + - '{% data reusables.release-notes.ghas-3.4-secret-scanning-known-issue %}' diff --git a/translations/zh-CN/data/release-notes/enterprise-server/3-3/5.yml b/translations/zh-CN/data/release-notes/enterprise-server/3-3/5.yml new file mode 100644 index 0000000000..786a23168f --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/3-3/5.yml @@ -0,0 +1,19 @@ +date: '2022-03-01' +sections: + security_fixes: + - "高:在 GitHub 的 Markdown 分析程序中发现了可能会导致信息泄漏和 RCE 的整数溢出漏洞。该漏洞由 Google Project Zero 的成员 Felix Wilhelm 通过 GitHub Bug 悬赏计划报告,编号为 CVE-2022-24724。" + bugs: + - 如果高可用性副本的时钟与主要副本不同步,升级有时会失败。 + - "在 2020 年 9 月 1 日之后创建的 OAuth 应用程序无法使用[检查授权](https://docs.github.com/en/enterprise-server@3.3/rest/reference/apps#check-an-authorization) API 终结点。" + known_issues: + - "升级到 {% data variables.product.prodname_ghe_server %} 3.3 后,{% data variables.product.prodname_actions %} 可能无法自动启动。若要解决此问题,请通过 SSH 连接到设备并运行 `ghe-actions-start` 命令。" + - "在新建的没有任何用户的 {% data variables.product.prodname_ghe_server %} 实例上,攻击者可以创建第一个管理员用户。" + - 自定义防火墙规则在升级过程中被删除。 + - "[通过 Web 界面上传](https://github.com/blog/2105-upload-files-to-your-repositories)的 Git LFS 跟踪文件被错误地直接添加到存储库。" + - 如果问题包含文件路径长于 255 个字符的同一存储库中 blob 的永久链接,则问题无法关闭。 + - 在 GitHub Connect 中启用了“用户可以搜索 GitHub.com”时,专用和内部存储库中的问题不包括在 GitHub.com 搜索结果中。 + - "{% data variables.product.prodname_registry %} npm 注册表不再在元数据响应中返回时间值。这样可以大幅改善性能。作为元数据响应的一部分,我们继续拥有返回时间值所需的所有数据,并将在以后解决现有性能问题后恢复返回这个值。" + - 特定于处理预接收挂钩的资源限制可能导致部分预接收挂钩失败。 + - '选择“强制路径样式”时,无法验证 {% data variables.product.prodname_actions %} 存储设置并将其保存在 {% data variables.enterprise.management_console %} 中,而必须使用 `ghe-actions-precheck` 命令行实用程序进行配置。' + - '由于当前 Linux 内核中存在 bug,安装在 Azure 上并预配了 32 个以上 CPU 内核的 {% data variables.product.prodname_ghe_server %} 3.3 实例将无法启动。[更新时间:2022-04-08]' + - '{% data reusables.release-notes.ghas-3.4-secret-scanning-known-issue %}' diff --git a/translations/zh-CN/data/release-notes/enterprise-server/3-3/6.yml b/translations/zh-CN/data/release-notes/enterprise-server/3-3/6.yml new file mode 100644 index 0000000000..00812d469b --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/3-3/6.yml @@ -0,0 +1,50 @@ +date: '2022-04-04' +sections: + security_fixes: + - '中:在 {% data variables.product.prodname_ghe_server %} 管理控制台中发现了一个允许绕过 CSRF 保护的路径遍历漏洞。此漏洞影响 3.5 之前的所有 {% data variables.product.prodname_ghe_server %} 版本,并在 3.1.19、3.2.11、3.3.6 和 3.4.1 中修复。该漏洞通过 {% data variables.product.prodname_dotcom %} Bug 悬赏计划报告,编号为 CVE-2022-23732。' + - '中:在 `yajil` 的 1.x 分支和 2.x 分支中发现了一个整数溢出漏洞,该漏洞在处理大型 (~2GB) 输入时会导致随后的堆内存损坏。此漏洞是内部报告的,编号为 CVE-2022-24795。' + - "如果启用了 {% data variables.product.prodname_actions %},支持包可能包含敏感文件。" + - 包已更新到最新的安全版本。 + bugs: + - "启用 {% data variables.product.prodname_dependabot %} 时,一个错误导致某些安全公告暂时读取为不再适用。" + - "如果升级 {% data variables.product.prodname_ghe_server %} 后存在旧配置选项,Minio 进程的 CPU 使用率会很高。" + - 显示了在管理控制台的“隐私”设置中启用 `TLS 1.0` 和 `TLS 1.1` 的选项,尽管在早期版本中删除了这些协议版本。 + - "在 HA 环境中,在首次启用 {% data variables.product.prodname_actions %} 后,配置 MSSQL 复制可能需要额外的手动步骤。" + - 经过热补丁,内部配置文件的子集更新会更可靠。 + - "`ghe-run-migrations` 脚本有时无法正确生成临时证书名称。" + - 在群集环境中,Git LFS 操作可能会因跨多个 Web 节点的内部 API 调用失败而失败。 + - 由于 `syscall` 权限不足,使用 `gpg --import` 的预接收挂钩超时。 + - 在某些群集拓扑中,Webhook 交付信息不可用。 + - 在运行迁移时,Elasticsearch 运行状况检查不允许出现黄色群集状态。 + - 存储库将在 Web UI 中显示非功能性讨论选项卡。 + - 由于用户将其用户帐户转换为组织帐户而创建的组织未添加到全局企业帐户中。 + - 指向无法访问页面的链接已被删除。 + - "{% data variables.product.prodname_actions %} 部署图在呈现待处理作业时会显示错误。" + - 由于大量不必要的后台作业排队,一些实例遇到了高 CPU 使用率。 + - 尝试同步之前已同步的 GPG 密钥时,LDAP 用户同步作业会失败。 + - 跟踪用户的拉取请求仪表板中的拉取请求链接将导致存储库标头无法加载。 + - 将团队添加为拉取请求的审阅者时,有时会显示不正确的团队成员数量。 + - 尝试删除通过 SCIM 组外部管理的成员时,删除团队成员资格 API 终结点将响应错误。 + - "大量休眠用户可能会导致 {% data variables.product.prodname_github_connect %} 配置失败。" + - 站点管理员 Web UI 中的“功能和 beta 版本注册”页面无法正确使用。 + - 站点页脚中的“站点管理员模式”链接在单击时未更改状态。 + - '`spokesctl cache-policy rm` 命名不再失败且显示消息 `error: failed to delete cache policy`。' + changes: + - 增加了 Memcached 连接上限,可更好地适应大型群集拓扑。 + - 依赖项关系图 API 以前使用静态定义的端口运行。 + - 与群集相关的 Elasticsearch 分片设置的默认分片计数已更新。 + - 在“人员”页面上按组织角色筛选企业成员时,改进了下拉菜单项的文本。 + - “会审”和“维护”团队角色在存储库迁移期间保留。 + - 企业所有者提出的 Web 请求的性能已得到改进。 + known_issues: + - "升级到 {% data variables.product.prodname_ghe_server %} 3.3 后,{% data variables.product.prodname_actions %} 可能无法自动启动。若要解决此问题,请通过 SSH 连接到设备并运行 `ghe-actions-start` 命令。" + - "在新建的没有任何用户的 {% data variables.product.prodname_ghe_server %} 实例上,攻击者可以创建第一个管理员用户。" + - 自定义防火墙规则在升级过程中被删除。 + - "[通过 Web 界面上传](https://github.com/blog/2105-upload-files-to-your-repositories)的 Git LFS 跟踪文件被错误地直接添加到存储库。" + - 如果问题包含文件路径长于 255 个字符的同一存储库中 blob 的永久链接,则问题无法关闭。 + - "对 {% data variables.product.prodname_github_connect %} 启用“用户可以搜索 GitHub.com”后,专用和内部存储库中的问题不包括在 {% data variables.product.prodname_dotcom_the_website %} 搜索结果中。" + - "{% data variables.product.prodname_registry %} npm 注册表不再在元数据响应中返回时间值。这样可以大幅改善性能。我们继续拥有将时间值作为元数据响应的一部分返回所需的所有数据,并将在以后解决现有性能问题后恢复返回该值。" + - 特定于处理预接收挂钩的资源限制可能导致部分预接收挂钩失败。 + - '选择“强制路径样式”时,无法验证 {% data variables.product.prodname_actions %} 存储设置并将其保存在 {% data variables.enterprise.management_console %} 中,而必须使用 `ghe-actions-precheck` 命令行实用程序进行配置。' + - '由于当前 Linux 内核中存在 bug,安装在 Azure 上并预配了 32 个以上 CPU 内核的 {% data variables.product.prodname_ghe_server %} 3.3 实例将无法启动。[更新时间:2022-04-08]' + - '{% data reusables.release-notes.ghas-3.4-secret-scanning-known-issue %}' diff --git a/translations/zh-CN/data/release-notes/enterprise-server/3-3/7.yml b/translations/zh-CN/data/release-notes/enterprise-server/3-3/7.yml new file mode 100644 index 0000000000..4bacfb9b5b --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/3-3/7.yml @@ -0,0 +1,32 @@ +date: '2022-04-20' +sections: + security_fixes: + - 包已更新到最新的安全版本。 + bugs: + - 从存储库中删除清单文件时,不会从存储库的“依赖项关系图”页面中删除该清单。 + - "解决了一个可能导致检索生成工件和下载 {% data variables.product.prodname_actions %} 的日志存档始终失败的回归问题。在某些情况下,我们停止解析使用 `localhost` 的内部通信的 URL,反而错误地使用了实例主机名。" + - 在某些情况下,使用升级包升级高可用性对中的节点可能会导致 Elasticsearch 进入不一致状态。 + - 扩展名为 `.backup` 的轮换日志文件将累积在包含系统日志的目录中。 + - 在某些群集拓扑中,命令行实用程序 `ghe-spokesctl` 和 `ghe-btop` 无法运行。 + - 由于 `elasticsearch-upgrade` 服务并行运行多次,因此 Elasticsearch 索引可能会在包升级期间重复。 + - 在拉取请求和提交视图中,对于 Git LFS 跟踪的某些文件,丰富的差异将无法加载。 + - "将用户帐户转换为组织帐户时,如果用户帐户是 {% data variables.product.prodname_ghe_server %} 企业帐户的所有者,则转换后的组织将无法正确显示在企业所有者列表中。" + - 当与 OAuth 应用程序 ID 匹配的集成已存在时,使用企业管理 REST API 创建模拟 OAuth 标记会导致错误。 + - 当检测到的机密中存在 UTF8 字符时,机密扫描 REST API 将返回 `500` 响应代码。 + - 即使数据在本地缓存位置可用,存储库缓存服务器也可以提供来自非缓存位置的数据。 + changes: + - 除了配置日志之外,停止 config apply 运行的配置错误现在会输出到终端。 + - 尝试缓存大于 Memcached 中允许的最大值的值时,会引发错误,但不会报告密钥。 + - "如果在实例上启用了 {% data variables.product.prodname_GH_advanced_security %} 功能,则在处理存储库贡献的批次时,后台作业的性能会有所提高。" + known_issues: + - "升级到 {% data variables.product.prodname_ghe_server %} 3.3 后,{% data variables.product.prodname_actions %} 可能无法自动启动。若要解决此问题,请通过 SSH 连接到设备并运行 `ghe-actions-start` 命令。" + - "在新建的没有任何用户的 {% data variables.product.prodname_ghe_server %} 实例上,攻击者可以创建第一个管理员用户。" + - 自定义防火墙规则在升级过程中被删除。 + - "[通过 Web 界面上传](https://github.com/blog/2105-upload-files-to-your-repositories)的 Git LFS 跟踪文件被错误地直接添加到存储库。" + - 如果问题包含文件路径长于 255 个字符的同一存储库中 blob 的永久链接,则问题无法关闭。 + - "对 {% data variables.product.prodname_github_connect %} 启用“用户可以搜索 GitHub.com”后,专用和内部存储库中的问题不包括在 {% data variables.product.prodname_dotcom_the_website %} 搜索结果中。" + - "{% data variables.product.prodname_registry %} npm 注册表不再在元数据响应中返回时间值。这样做是为了大幅改善性能。作为元数据响应的一部分,我们继续拥有返回时间值所需的所有数据,并将在我们解决现有性能问题后恢复返回这个值。" + - 特定于处理预接收挂钩的资源限制可能导致部分预接收挂钩失败。 + - '选择“强制路径样式”时,无法验证 {% data variables.product.prodname_actions %} 存储设置并将其保存在 {% data variables.enterprise.management_console %} 中,而必须使用 `ghe-actions-precheck` 命令行实用程序进行配置。' + - '由于当前 Linux 内核中存在 bug,安装在 Azure 上并预配了 32 个以上 CPU 内核的 {% data variables.product.prodname_ghe_server %} 3.3 实例将无法启动。[更新时间:2022-04-08]' + - '{% data reusables.release-notes.ghas-3.4-secret-scanning-known-issue %}' diff --git a/translations/zh-CN/data/release-notes/enterprise-server/3-3/8.yml b/translations/zh-CN/data/release-notes/enterprise-server/3-3/8.yml new file mode 100644 index 0000000000..952d8f1a3a --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/3-3/8.yml @@ -0,0 +1,34 @@ +date: '2022-05-17' +sections: + security_fixes: + - '**中:**发现了 nginx 解析器中的一个安全问题,可以从 DNS 服务器伪造 UDP 数据包的攻击者可能导致 1 字节内存覆盖,从而导致工作进程崩溃或其他潜在的破坏性影响。该漏洞的编号为 [CVE-2021-23017](https://nvd.nist.gov/vuln/detail/CVE-2021-23017)。' + - "更新了 `actions/checkout@v2` 和 `actions/checkout@v3` 操作以解决 [Git 安全措施实施博客文章](https://github.blog/2022-04-12-git-security-vulnerability-announced/)中公布的新漏洞。" + - 包已更新到最新的安全版本。 + bugs: + - 在某些群集拓扑中,`ghe-cluster-status` 命令会在 `/tmp` 中留下空目录。 + - SNMP 错误地将大量 `Cannot statfs` 错误消息记录到 syslog + - 对于配置了 SAML 身份验证和启用内置回退的实例,内置用户在尝试从退出登录后生成的页面登录时会陷入“登录”循环。 + - "尝试从 `/stafftools/repositories/:owner/:repo/disk` 页面查看 `git fsck` 输出将失败并显示“500 内部服务器错误”。" + - 使用 SAML 加密断言时,某些断言未正确将 SSH 密钥标记为已验证。 + - 上传到问题评论的视频将无法正确呈现。 + - 在存储库页面上使用文件查找器时,在搜索字段中键入退格键会多次列出搜索结果并导致呈现问题。 + - 使用 GitHub Enterprise Importer 导入存储库时,由于项目时间线事件配置不正确,某些问题将无法导入。 + - 使用 `ghe-migrator` 时,迁移将无法在问题和拉取请求中导入视频文件附件。 + - '当存储库具有包含非 ASCII 字符的标记时,发布页面将返回 500 错误。[更新时间:2022-06-10]' + changes: + - 在高可用性配置中,阐明管理控制台中的复制概述页面仅显示当前复制配置,而不是当前复制状态。 + - "启用 {% data variables.product.prodname_registry %} 时,阐明当前不支持使用共享访问签名 (SAS) 令牌作为连接字符串。" + - 支持包现在包括存储在 MySQL 中的表的行数。 + - 在确定要在哪些存储库网络上计划维护时,我们不再计入无法访问对象的大小。 + - "`run_started_at` 响应字段现在包含在[工作流运行 API](/rest/actions/workflow-runs) 和 `workflow_run` 事件 Webhook 有效负载中。" + known_issues: + - "升级到 {% data variables.product.prodname_ghe_server %} 3.3 后,{% data variables.product.prodname_actions %} 可能无法自动启动。若要解决此问题,请通过 SSH 连接到设备并运行 `ghe-actions-start` 命令。" + - "在新建的没有任何用户的 {% data variables.product.prodname_ghe_server %} 实例上,攻击者可以创建第一个管理员用户。" + - 自定义防火墙规则在升级过程中被删除。 + - "Git LFS 跟踪的[通过 Web 界面上传的](https://github.com/blog/2105-upload-files-to-your-repositories) 文件被错误地直接添加到存储库。" + - 如果问题包含文件路径长于 255 个字符的同一存储库中 blob 的永久链接,则问题无法关闭。 + - "对 {% data variables.product.prodname_github_connect %} 启用“用户可以搜索 GitHub.com”后,专用和内部存储库中的问题不包括在 {% data variables.product.prodname_dotcom_the_website %} 搜索结果中。" + - "{% data variables.product.prodname_registry %} npm 注册表不再在元数据响应中返回时间值。这样可以大幅改善性能。作为元数据响应的一部分,我们继续拥有返回时间值所需的所有数据,并将在解决现有性能问题后恢复返回该值。" + - 特定于处理预接收挂钩的资源限制可能导致部分预接收挂钩失败。 + - '选择“强制路径样式”时,无法验证 {% data variables.product.prodname_actions %} 存储设置并将其保存在 {% data variables.enterprise.management_console %} 中,而必须使用 `ghe-actions-precheck` 命令行实用程序进行配置。' + - '{% data reusables.release-notes.ghas-3.4-secret-scanning-known-issue %}' diff --git a/translations/zh-CN/data/release-notes/enterprise-server/3-3/9.yml b/translations/zh-CN/data/release-notes/enterprise-server/3-3/9.yml new file mode 100644 index 0000000000..5c427b58ae --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/3-3/9.yml @@ -0,0 +1,26 @@ +date: '2022-06-09' +sections: + security_fixes: + - 包已更新到最新安全版本。 + bugs: + - "如果主机名字符串以“.”开头(句点字符),则 {% data variables.product.prodname_ghe_server %} 配置文件中用于验证主机名的内部脚本将返回错误。" + - 在主节点的主机名超过 60 个字符的 HA 配置中,MySQL 将无法配置 + - "`--gateway` 参数已添加到 `ghe-setup-network` 命令,以允许使用命令行配置网络设置时传递网关地址。" + - 删除的图像附件将返回 `500 内部服务器错误` 而非 `404 未找到` 错误。 + - 站点管理员仪表板中报告的“跨整个实例的最大提交者”的计算不正确。 + - "使用 {% data variables.product.prodname_enterprise_backup_utilities %} 执行还原时,存储库复制的数据库输入不正确导致数据库损坏。" + changes: + - 优化了生成群集支持包时包含的指标。 + - 在 Elasticsearch 报告有效的标黄状态的 HA 配置中,之前修复中引入的更改将阻止 `ghe-repl-stop` 命令,并且不允许停止复制。当服务处于正常或有效标黄状态时,使用 `ghe-repo-stop --force` 将强制 Elasticsearch 停止运行。 + - "使用 `ghe-migrator` 或从 {% data variables.product.prodname_dotcom_the_website %} 导出时,迁移将无法导出拉取请求附件。" + known_issues: + - "升级到 {% data variables.product.prodname_ghe_server %} 3.3 后,{% data variables.product.prodname_actions %} 可能无法自动启动。若要解决此问题,请通过 SSH 连接到设备并运行 `ghe-actions-start` 命令。" + - "在新建的没有任何用户的 {% data variables.product.prodname_ghe_server %} 实例上,攻击者可以创建第一个管理员用户。" + - 自定义防火墙规则在升级过程中被删除。 + - "[通过 Web 界面上传](https://github.com/blog/2105-upload-files-to-your-repositories)的 Git LFS 跟踪文件被错误地直接添加到存储库。" + - 如果问题包含文件路径长于 255 个字符的同一存储库中 blob 的永久链接,则问题无法关闭。 + - "对 {% data variables.product.prodname_github_connect %} 启用“用户可以搜索 GitHub.com”后,专用和内部存储库中的问题不包括在 {% data variables.product.prodname_dotcom_the_website %} 搜索结果中。" + - "{% data variables.product.prodname_registry %} npm 注册表不再在元数据响应中返回时间值。这样可以大幅改善性能。作为元数据响应的一部分,我们继续拥有返回时间值所需的所有数据,并将在以后解决现有性能问题后恢复返回这个值。" + - 特定于处理预接收挂钩的资源限制可能导致部分预接收挂钩失败。 + - '选择“强制路径样式”时,无法验证 {% data variables.product.prodname_actions %} 存储设置并将其保存在 {% data variables.enterprise.management_console %} 中,而必须使用 `ghe-actions-precheck` 命令行实用程序进行配置。' + - '{% data reusables.release-notes.ghas-3.4-secret-scanning-known-issue %}' diff --git a/translations/zh-CN/data/release-notes/enterprise-server/3-4/0.yml b/translations/zh-CN/data/release-notes/enterprise-server/3-4/0.yml new file mode 100644 index 0000000000..0ff37f4058 --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/3-4/0.yml @@ -0,0 +1,314 @@ +date: '2022-03-15' +intro: | + + For upgrade instructions, see "[Upgrading {% data variables.product.prodname_ghe_server %}](/admin/enterprise-management/updating-the-virtual-machine-and-physical-resources/upgrading-github-enterprise-server)." + + > This release is dedicated to our colleague and friend John, a Hubber who was always there to help. You will be greatly missed. + > + > **John "Ralph" Wiebalk 1986–2021** + +sections: + features: + - heading: Secret scanning REST API now returns locations + notes: + # https://github.com/github/releases/issues/1642 + - | + {% data variables.product.prodname_GH_advanced_security %} customers can now use the REST API to retrieve commit details of secrets detected in private repository scans. The new endpoint returns details of a secret's first detection within a file, including the secret's location and commit SHA. For more information, see "[Secret scanning](/rest/reference/secret-scanning)" in the REST API documentation. + + - heading: Export license data of committer-based billing for GitHub Advanced Security + notes: + # https://github.com/github/releases/issues/1757 + - | + Enterprise and organization owners can now export their {% data variables.product.prodname_GH_advanced_security %} license usage data to a CSV file. The {% data variables.product.prodname_advanced_security %} billing data can also be retrieved via billing endpoints in the REST API. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-11-11-export-github-advanced-security-license-usage-data/)." + + - heading: GitHub Actions reusable workflows in public beta + notes: + # https://github.com/github/releases/issues/1541 + - | + You can now reuse entire workflows as if they were an action. This feature is available in public beta. Instead of copying and pasting workflow definitions across repositories, you can now reference an existing workflow with a single line of configuration. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-10-05-github-actions-dry-your-github-actions-configuration-by-reusing-workflows/)." + + - heading: Dependabot security and version updates in public beta + notes: + # https://github.com/github/releases/issues/2004 + - | + {% data variables.product.prodname_dependabot %} is now available in {% data variables.product.prodname_ghe_server %} 3.4 as a public beta, offering both version updates and security updates for several popular ecosystems. {% data variables.product.prodname_dependabot %} on {% data variables.product.prodname_ghe_server %} requires {% data variables.product.prodname_actions %} and a pool of self-hosted runners configured for {% data variables.product.prodname_dependabot %} use. {% data variables.product.prodname_dependabot %} on {% data variables.product.prodname_ghe_server %} also requires {% data variables.product.prodname_github_connect %} and {% data variables.product.prodname_dependabot %} to be enabled by an administrator. Beta feedback and suggestions can be shared in the [{% data variables.product.prodname_dependabot %} Feedback GitHub discussion](https://github.com/community/community/discussions/categories/dependabot). For more information and to try the beta, see "[Setting up {% data variables.product.prodname_dependabot %} security and version updates on your enterprise](/admin/github-actions/enabling-github-actions-for-github-enterprise-server/setting-up-dependabot-updates)." + + - heading: SAML authentication supports encrypted assertions + notes: + # https://github.com/github/releases/issues/1946 + - | + If you use SAML authentication for {% data variables.product.prodname_ghe_server %}, you can now configure encrypted assertions from your IdP to improve security. Encrypted assertions add an additional layer of encryption when your IdP transmits information to {% data variables.product.product_location %}. For more information, see "[Using SAML](/admin/identity-and-access-management/authenticating-users-for-your-github-enterprise-server-instance/using-saml#enabling-encrypted-assertions)." + + - heading: Edit files within pull requests in GitHub Mobile for iOS + notes: + # https://github.com/github/releases/issues/2514 + - | + In GitHub Mobile for iOS 1.80.0 and later, users can now edit files within a pull request's topic branch. Support for editing files will come to GitHub Mobile for Android in a future release. [Updated: 2022-09-13] + + changes: + - heading: Administration Changes + notes: + # https://github.com/github/releases/issues/1657 + - Users can now choose the number of spaces a tab is equal to, by setting their preferred tab size in the "Appearance" settings of their user account. All code with a tab indent will render using the preferred tab size. + + # https://github.com/github/releases/issues/2062 + - The {% data variables.product.prodname_github_connect %} data connection record now includes a count of the number of active and dormant users and the configured dormancy period. + + # https://github.com/github/releases/issues/1722 + - You can now give users access to enterprise-specific links by adding custom footers to {% data variables.product.prodname_ghe_server %}. For more information, see "[Configuring custom footers](/admin/configuration/configuring-your-enterprise/configuring-custom-footers)." + + - heading: Performance Changes + notes: + # https://github.com/github/releases/issues/2031 + - WireGuard, used to secure communication between {% data variables.product.prodname_ghe_server %} instances in a High Availability configuration, has been migrated to the Kernel implementation. + + - heading: Notification Changes + notes: + # https://github.com/github/releases/issues/1801 + - Organization owners can now unsubscribe from email notifications when new deploy keys are added to repositories belonging to their organizations. For more information, see "[Configuring notifications](/account-and-profile/managing-subscriptions-and-notifications-on-github/setting-up-notifications/configuring-notifications)." + + # https://github.com/github/releases/issues/1714 + - 'Notification emails from newly created issues and pull requests now include `(Issue #xx)` or `(PR #xx)` in the email subject, so you can recognize and filter emails that reference these types of issues.' + + - heading: Organization Changes + notes: + # https://github.com/github/releases/issues/1509 + - Organizations can now display a `README.md` file on their profile Overview. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-09-14-readmes-for-organization-profiles/)." + + # https://github.com/github/releases/issues/1883 + - Members of organizations can now view a list of their enterprise owners under the organization's "People" tab. The enterprise owners list is also now accessible using the GraphQL API. For more information, see the "[`enterpriseOwners`](/graphql/reference/objects#organization)" field under the Organization object in the GraphQL API documentation. + + - heading: Repositories changes + notes: + # https://github.com/github/releases/issues/1944 + - | + A "Manage Access" section is now shown on the "Collaborators and teams" page in your repository settings. The new section makes it easier for repository administrators to see and manage who has access to their repository, and the level of access granted to each user. Administrators can now: + + * Search all members, teams and collaborators who have access to the repository. + * View when members have mixed role assignments, granted to them directly as individuals or indirectly via a team. This is visualized through a new "mixed roles" warning, which displays the highest level role the user is granted if their permission level is higher than their assigned role. + * Manage access to popular repositories reliably, with page pagination and fewer timeouts when large groups of users have access. + + # https://github.com/github/releases/issues/1748 + - '{% data variables.product.prodname_ghe_server %} 3.4 includes improvements to the repository invitation experience, such as notifications for private repository invites, a UI prompt when visiting a private repository you have a pending invitation for, and a banner on a public repository overview page when there is an pending invitation.' + + # https://github.com/github/releases/issues/1739 + - You can now use single-character prefixes for custom autolinks. Autolink prefixes also now allow `.`, `-`, `_`, `+`, `=`, `:`, `/`, and `#` characters, as well as alphanumerics. For more information about custom autolinks, see "[Configuring autolinks to reference external resources](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/configuring-autolinks-to-reference-external-resources)." + + # https://github.com/github/releases/issues/1776 + - A `CODE_OF_CONDUCT.md` file in the root of a repository is now highlighted in the "About" sidebar on the repository overview page. + + - heading: 'Releases changes' + notes: + # https://github.com/github/releases/issues/1723 + - '{% data variables.product.prodname_ghe_server %} 3.4 includes improvements to the Releases UI, such as automatically generated release notes which display a summary of all the pull requests for a given release. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-10-20-improvements-to-github-releases-generally-available/)."' + + # https://github.com/github/releases/issues/1606 + - When a release is published, an avatar list is now displayed at the bottom of the release. Avatars for all user accounts mentioned in the release notes are shown. For more information, see "[Managing releases in a repository](/repositories/releasing-projects-on-github/managing-releases-in-a-repository)." + + - heading: 'Markdown changes' + notes: + # https://github.com/github/releases/issues/1779 + - You can now use the new "Accessibility" settings page to manage your keyboard shortcuts. You can choose to disable keyboard shortcuts that only use single characters like S, G C, and . (the period key). For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-11-16-managing-keyboard-shortcuts-using-accessibility-settings/)." + + # https://github.com/github/releases/issues/1727 + - You can now choose to use a fixed-width font in Markdown-enabled fields, like issue comments and pull request descriptions. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-10-12-fixed-width-font-support-in-markdown-enabled-fields/)." + + # https://github.com/github/releases/issues/1761 + - You can now paste a URL on selected text to quickly create a Markdown link. This works in all Markdown-enabled fields, such as issue comments and pull request descriptions. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-11-10-linkify-selected-text-on-url-paste/)." + + # https://github.com/github/releases/issues/1758 + - An image URL can now be appended with a theme context, such as `#gh-dark-mode-only`, to define how the Markdown image is displayed to a viewer. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-11-24-specify-theme-context-for-images-in-markdown/)." + + # https://github.com/github/releases/issues/1686 + - When creating or editing a gist file with the Markdown (`.md`) file extension, you can now use the "Preview" or "Preview Changes" tab to display a Markdown rendering of the file contents. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-11-17-preview-the-markdown-rendering-of-gists/)." + + # https://github.com/github/releases/issues/1754 + - When typing the name of a {% data variables.product.prodname_dotcom %} user in issues, pull requests and discussions, the @mention suggester now ranks existing participants higher than other {% data variables.product.prodname_dotcom %} users, so that it's more likely the user you're looking for will be listed. + + # https://github.com/github/releases/issues/1636 + - Right-to-left languages are now supported natively in Markdown files, issues, pull requests, discussions, and comments. + + - heading: 'Issues and pull requests changes' + notes: + # https://github.com/github/releases/issues/1731 + - The diff setting to hide whitespace changes in the pull request "Files changed" tab is now retained for your user account for that pull request. The setting you have chosen is automatically reapplied if you navigate away from the page and then revisit the "Files changed" tab of the same pull request. + + # https://github.com/github/releases/issues/1663 + - When using auto assignment for pull request code reviews, you can now choose to only notify requested team members independently of your auto assignment settings. This setting is useful in scenarios where many users are auto assigned but not all users require notification. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-11-10-team-member-pull-request-review-notifications-can-be-configured-independently-of-auto-assignment/)." + + - heading: 'Branches changes' + notes: + # https://github.com/github/releases/issues/1526 + - Organization and repository administrators can now trigger webhooks to listen for changes to branch protection rules on their repositories. For more information, see the "[branch_protection_rule](/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#branch_protection_rule)" event in the webhooks events and payloads documentation. + + # https://github.com/github/releases/issues/1759 + - When configuring protected branches, you can now enforce that a required status check is provided by a specific {% data variables.product.prodname_github_app %}. If a status is then provided by a different application, or by a user via a commit status, merging is prevented. This ensures all changes are validated by the intended application. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-12-01-ensure-required-status-checks-provided-by-the-intended-app/)." + + # https://github.com/github/releases/issues/1911 + - Only users with administrator permissions are now able to rename protected branches and modify branch protection rules. Previously, with the exception of the default branch, a collaborator could rename a branch and consequently any non-wildcard branch protection rules that applied to that branch were also renamed. For more information, see "[Renaming a branch](/repositories/configuring-branches-and-merges-in-your-repository/managing-branches-in-your-repository/renaming-a-branch)" and "[Managing a branch protection rule](/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/managing-a-branch-protection-rule)." + + # https://github.com/github/releases/issues/1845 + - Administrators can now allow only specific users and teams to bypass pull request requirements. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-11-19-allow-bypassing-required-pull-requests/)." + + # https://github.com/github/releases/issues/1850 + - Administrators can now allow only specific users and teams to force push to a repository. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-12-21-specify-who-can-force-push-to-a-repository/)." + + # https://github.com/github/releases/issues/1796 + - When requiring pull requests for all changes to a protected branch, administrators can now choose if approved reviews are also a requirement. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-11-10-require-pull-requests-without-requiring-reviews/)." + + - heading: 'GitHub Actions changes' + notes: + # https://github.com/github/releases/issues/1906 + - '{% data variables.product.prodname_actions %} workflows triggered by {% data variables.product.prodname_dependabot %} for the `create`, `deployment`, and `deployment_status` events now always receive a read-only token and no secrets. Similarly, workflows triggered by {% data variables.product.prodname_dependabot %} for the `pull_request_target` event on pull requests where the base ref was created by {% data variables.product.prodname_dependabot %}, now always receive a read-only token and no secrets. These changes are designed to prevent potentially malicious code from executing in a privileged workflow. For more information, see "[Automating {% data variables.product.prodname_dependabot %} with {% data variables.product.prodname_actions %}](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/automating-dependabot-with-github-actions)."' + + # https://github.com/github/releases/issues/1667 + - Workflow runs on `push` and `pull_request` events triggered by {% data variables.product.prodname_dependabot %} will now respect the permissions specified in your workflows, allowing you to control how you manage automatic dependency updates. The default token permissions will remain read-only. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-10-06-github-actions-workflows-triggered-by-dependabot-prs-will-respect-permissions-key-in-workflows/)." + + # https://github.com/github/releases/issues/1668 + - '{% data variables.product.prodname_actions %} workflows triggered by {% data variables.product.prodname_dependabot %} will now be sent the {% data variables.product.prodname_dependabot %} secrets. You can now pull from private package registries in your CI using the same secrets you have configured for {% data variables.product.prodname_dependabot %} to use, improving how {% data variables.product.prodname_actions %} and {% data variables.product.prodname_dependabot %} work together. For more information, see "[Automating {% data variables.product.prodname_dependabot %} with {% data variables.product.prodname_actions %}](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/automating-dependabot-with-github-actions)."' + + # https://github.com/github/releases/issues/1615 + - You can now manage runner groups and see the status of your self-hosted runners using new Runners and Runner Groups pages in the UI. The Actions settings page for your repository or organization now shows a summary view of your runners, and allows you to deep dive into a specific runner to edit it or see what job it may be currently running. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-09-20-github-actions-experience-refresh-for-the-management-of-self-hosted-runners/)." + + # https://github.com/github/releases/issues/1785 + - 'Actions authors can now have their action run in Node.js 16 by specifying [`runs.using` as `node16` in the action''s `action.yml`](/actions/creating-actions/metadata-syntax-for-github-actions#runs-for-javascript-actions). This is in addition to the existing Node.js 12 support; actions can continue to specify `runs.using: node12` to use the Node.js 12 runtime.' + + # https://github.com/github/releases/issues/1799 + - 'For manually triggered workflows, {% data variables.product.prodname_actions %} now supports the `choice`, `boolean`, and `environment` input types in addition to the default `string` type. For more information, see "[`on.workflow_dispatch.inputs`](/actions/using-workflows/workflow-syntax-for-github-actions#onworkflow_dispatchinputs)."' + + # https://github.com/github/releases/issues/1782 + - Actions written in YAML, also known as composite actions, now support `if` conditionals. This lets you prevent specific steps from executing unless a condition has been met. Like steps defined in workflows, you can use any supported context and expression to create a conditional. + + # https://github.com/github/releases/issues/1919 + - The search order behavior for self-hosted runners has now changed, so that the first available matching runner at any level will run the job in all cases. This allows jobs to be sent to self-hosted runners much faster, especially for organizations and enterprises with lots of self-hosted runners. Previously, when running a job that required a self-hosted runner, {% data variables.product.prodname_actions %} would look for self-hosted runners in the repository, organization, and enterprise, in that order. + + # https://github.com/github/releases/issues/1753 + - Runner labels for {% data variables.product.prodname_actions %} self-hosted runners can now be listed, added and removed using the REST API. For more information about using the new APIs at a repository, organization, or enterprise level, see "[Repositories](/rest/reference/actions#list-labels-for-a-self-hosted-runner-for-a-repository)", "[Organizations](/rest/reference/actions#add-custom-labels-to-a-self-hosted-runner-for-an-organization)", and "[Enterprises](/rest/reference/enterprise-admin#list-labels-for-a-self-hosted-runner-for-an-enterprise)" in the REST API documentation. + + - heading: 'Dependabot and Dependency graph changes' + notes: + # https://github.com/github/releases/issues/1520 + - Dependency graph now supports detecting Python dependencies in repositories that use the Poetry package manager. Dependencies will be detected from both `pyproject.toml` and `poetry.lock` manifest files. + + # https://github.com/github/releases/issues/1921 + - When configuring {% data variables.product.prodname_dependabot %} security and version updates on GitHub Enterprise Server, we recommend you also enable {% data variables.product.prodname_dependabot %} in {% data variables.product.prodname_github_connect %}. This will allow {% data variables.product.prodname_dependabot %} to retrieve an updated list of dependencies and vulnerabilities from {% data variables.product.prodname_dotcom_the_website %}, by querying for information such as the changelogs of the public releases of open source code that you depend upon. For more information, see "[Enabling the dependency graph and Dependabot alerts for your enterprise](/admin/configuration/configuring-github-connect/enabling-the-dependency-graph-and-dependabot-alerts-for-your-enterprise)." + + # https://github.com/github/releases/issues/1717 + - '{% data variables.product.prodname_dependabot_alerts %} alerts can now be dismissed using the GraphQL API. For more information, see the "[dismissRepositoryVulnerabilityAlert](/graphql/reference/mutations#dismissrepositoryvulnerabilityalert)" mutation in the GraphQL API documentation.' + + - heading: 'Code scanning and secret scanning changes' + notes: + # https://github.com/github/releases/issues/1802 + - The {% data variables.product.prodname_codeql %} CLI now supports including markdown-rendered query help in SARIF files, so that the help text can be viewed in the {% data variables.product.prodname_code_scanning %} UI when the query generates an alert. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-11-23-display-help-text-for-your-custom-codeql-queries-in-code-scanning/)." + + # https://github.com/github/releases/issues/1790 + - The {% data variables.product.prodname_codeql %} CLI and {% data variables.product.prodname_vscode %} extension now support building databases and analyzing code on machines powered by Apple Silicon, such as Apple M1. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-11-10-codeql-now-supports-apple-silicon-m1/)." + + # https://github.com/github/releases/issues/1732 + - | + The depth of {% data variables.product.prodname_codeql %}'s analysis has been improved by adding support for more [libraries and frameworks](https://codeql.github.com/docs/codeql-overview/supported-languages-and-frameworks/) from the Python ecosystem. As a result, {% data variables.product.prodname_codeql %} can now detect even more potential sources of untrusted user data, steps through which that data flows, and potentially dangerous sinks where the data could end up. This results in an overall improvement of the quality of {% data variables.product.prodname_code_scanning %} alerts. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-11-24-codeql-code-scanning-now-recognizes-more-python-libraries-and-frameworks/)." + + # https://github.com/github/releases/issues/1567 + - Code scanning with {% data variables.product.prodname_codeql %} now includes beta support for analyzing code in all common Ruby versions, up to and including 3.02. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-10-27-codeql-code-scanning-adds-beta-support-for-ruby/)." + + # https://github.com/github/releases/issues/1764 + - | + Several improvements have been made to the {% data variables.product.prodname_code_scanning %} API: + + * The `fixed_at` timestamp has been added to alerts. This timestamp is the first time that the alert was not detected in an analysis. + * Alert results can now be sorted using `sort` and `direction` on either `created`, `updated` or `number`. For more information, see "[List code scanning alerts for a repository](/rest/reference/code-scanning#list-code-scanning-alerts-for-a-repository)." + * A `Last-Modified` header has been added to the alerts and alert endpoint response. For more information, see [`Last-Modified`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Last-Modified) in the Mozilla documentation. + * The `relatedLocations` field has been added to the SARIF response when you request a code scanning analysis. The field may contain locations which are not the primary location of the alert. See an example in the [SARIF spec](https://docs.oasis-open.org/sarif/sarif/v2.1.0/cs01/sarif-v2.1.0-cs01.html#_Toc16012616) and for more information see "[Get a code scanning analysis for a repository](/rest/reference/code-scanning#get-a-code-scanning-analysis-for-a-repository)." + * Both `help` and `tags` data have been added to the webhook response alert rule object. For more information, see "[Code scanning alert webhooks events and payloads](/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#code_scanning_alert)." + * Personal access tokens with the `public_repo` scope now have write access for code scanning endpoints on public repos, if the user has permission. + + For more information, see "[Code scanning](/rest/reference/code-scanning)" in the REST API documentation. + + # https://github.com/github/releases/issues/1943 + - '{% data variables.product.prodname_GH_advanced_security %} customers can now use the REST API to retrieve private repository secret scanning results at the enterprise level. The new endpoint supplements the existing repository-level and organization-level endpoints. For more information, see "[Secret scanning](/rest/reference/secret-scanning)" in the REST API documentation.' + + - heading: Mobile changes + notes: + # https://github.com/github/mobile/issues/2440 + # https://github.com/github/enterprise2/pull/28057 + - Support for {% data variables.product.prodname_mobile %} is now enabled by default for new {% data variables.product.prodname_ghe_server %} instances. If you have not explicitly disabled or enabled {% data variables.product.prodname_mobile %}, {% data variables.product.prodname_mobile %} will be enabled when you upgrade to {% data variables.product.prodname_ghe_server %} 3.4.0 or later. If you previously disabled or enabled {% data variables.product.prodname_mobile %} for your instance, your preference will be preserved upon upgrade. For more information, see "[Managing {% data variables.product.prodname_mobile %} for your enterprise](/admin/configuration/configuring-your-enterprise/managing-github-mobile-for-your-enterprise)." + + # No security/bug fixes for the GA release + # security_fixes: + # - PLACEHOLDER + + # bugs: + # - PLACEHOLDER + + known_issues: + - On a freshly set up {% data variables.product.prodname_ghe_server %} instance without any users, an attacker could create the first admin user. + - Custom firewall rules are removed during the upgrade process. + - Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. + - Issues cannot be closed if they contain a permalink to a blob in the same repository, where the blob's file path is longer than 255 characters. + - When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. + - The {% data variables.product.prodname_registry %} npm registry no longer returns a time value in metadata responses. This was done to allow for substantial performance improvements. We continue to have all the data necessary to return a time value as part of the metadata response and will resume returning this value in the future once we have solved the existing performance issues. + - Resource limits that are specific to processing pre-receive hooks may cause some pre-receive hooks to fail. + - Actions services needs to be restarted after restoring appliance from backup taken on a different host. + - | + After registering a self-hosted runner with the `--ephemeral` parameter on more than one level (for example, both enterprise and organization), the runner may get stuck in an idle state and require re-registration. [Updated: 2022-06-17] + - | + When using SAML encrypted assertions with {% data variables.product.prodname_ghe_server %} 3.4.0 and 3.4.1, a new XML attribute `WantAssertionsEncrypted` in the `SPSSODescriptor` contains an invalid attribute for SAML metadata. IdPs that consume this SAML metadata endpoint may encounter errors when validating the SAML metadata XML schema. A fix will be available in the next patch release. [Updated: 2022-04-11] + + To work around this problem, you can take one of the two following actions. + - Reconfigure the IdP by uploading a static copy of the SAML metadata without the `WantAssertionsEncrypted` attribute. + - Copy the SAML metadata, remove `WantAssertionsEncrypted` attribute, host it on a web server, and reconfigure the IdP to point to that URL. + - '{% data reusables.release-notes.ghas-3.4-secret-scanning-known-issue %}' + deprecations: + - heading: Deprecation of GitHub Enterprise Server 3.0 + notes: + - '**{% data variables.product.prodname_ghe_server %} 3.0 was discontinued on February 16, 2022**. This means that no patch releases will be made, even for critical security issues, after this date. For better performance, improved security, and new features, [upgrade to the newest version of {% data variables.product.prodname_ghe_server %}](/enterprise-server@3.4/admin/enterprise-management/upgrading-github-enterprise-server) as soon as possible.' + - heading: Deprecation of GitHub Enterprise Server 3.1 + notes: + - '**{% data variables.product.prodname_ghe_server %} 3.1 will be discontinued on June 3, 2022**. This means that no patch releases will be made, even for critical security issues, after this date. For better performance, improved security, and new features, [upgrade to the newest version of {% data variables.product.prodname_ghe_server %}](/enterprise-server@3.4/admin/enterprise-management/upgrading-github-enterprise-server) as soon as possible.' + + - heading: Deprecation of XenServer Hypervisor support + notes: + # https://github.com/github/docs-content/issues/4439 + - Starting in {% data variables.product.prodname_ghe_server %} 3.3, {% data variables.product.prodname_ghe_server %} on XenServer was deprecated and is no longer supported. Please contact [GitHub Support](https://support.github.com) with questions or concerns. + + - heading: Deprecation of the Content Attachments API preview + notes: + # + - Due to low usage, we have deprecated the Content References API preview in {% data variables.product.prodname_ghe_server %} 3.4. The API was previously accessible with the `corsair-preview` header. Users can continue to navigate to external URLs without this API. Any registered usages of the Content References API will no longer receive a webhook notification for URLs from your registered domain(s) and we no longer return valid response codes for attempted updates to existing content attachments. + + - heading: Deprecation of the Codes of Conduct API preview + notes: + # https://github.com/github/releases/issues/1708 + - 'The Codes of Conduct API preview, which was accessible with the `scarlet-witch-preview` header, is deprecated and no longer accessible in {% data variables.product.prodname_ghe_server %} 3.4. We instead recommend using the "[Get community profile metrics](/rest/reference/repos#get-community-profile-metrics)" endpoint to retrieve information about a repository''s code of conduct. For more information, see the "[Deprecation Notice: Codes of Conduct API preview](https://github.blog/changelog/2021-10-06-deprecation-notice-codes-of-conduct-api-preview/)" in the {% data variables.product.prodname_dotcom %} changelog.' + + - heading: Deprecation of OAuth Application API endpoints and API authentication using query parameters + notes: + # https://github.com/github/releases/issues/1316 + - | + Starting with {% data variables.product.prodname_ghe_server %} 3.4, the [deprecated version of the OAuth Application API endpoints](https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/#endpoints-affected) have been removed. If you encounter 404 error messages on these endpoints, convert your code to the versions of the OAuth Application API that do not have `access_tokens` in the URL. We've also disabled the use of API authentication using query parameters. We instead recommend using [API authentication in the request header](https://developer.github.com/changes/2020-02-10-deprecating-auth-through-query-param/#changes-to-make). + + - heading: Deprecation of the CodeQL runner + notes: + # https://github.com/github/releases/issues/1632 + - The {% data variables.product.prodname_codeql %} runner is deprecated in {% data variables.product.prodname_ghe_server %} 3.4 and is no longer supported. The deprecation only affects users who use {% data variables.product.prodname_codeql %} code scanning in third party CI/CD systems; {% data variables.product.prodname_actions %} users are not affected. We strongly recommend that customers migrate to the {% data variables.product.prodname_codeql %} CLI, which is a feature-complete replacement for the {% data variables.product.prodname_codeql %} runner. For more information, see the [{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-09-21-codeql-runner-deprecation/). + + - heading: Deprecation of custom bit-cache extensions + notes: + # https://github.com/github/releases/issues/1415 + - | + Starting in {% data variables.product.prodname_ghe_server %} 3.1, support for {% data variables.product.company_short %}'s proprietary bit-cache extensions began to be phased out. These extensions are deprecated in {% data variables.product.prodname_ghe_server %} 3.3 onwards. + + Any repositories that were already present and active on {% data variables.product.product_location %} running version 3.1 or 3.2 will have been automatically updated. + + Repositories which were not present and active before upgrading to {% data variables.product.prodname_ghe_server %} 3.3 may not perform optimally until a repository maintenance task is run and has successfully completed. + + To start a repository maintenance task manually, browse to `https:///stafftools/repositories///network` for each affected repository and click the Schedule button. + + - heading: Change to the format of authentication tokens affects GitHub Connect + notes: + # https://github.com/github/releases/issues/1235 + - | + GitHub Connect will no longer work after June 3rd for instances running GitHub Enterprise Server 3.1 or older, due to the format of GitHub authentication tokens changing. For more information, see the [GitHub changelog](https://github.blog/2022-05-20-action-needed-by-github-connect-customers-using-ghes-3-1-and-older-to-adopt-new-authentication-token-format-updates/). [Updated: 2022-06-14] + + backups: + - '{% data variables.product.prodname_ghe_server %} 3.4 requires at least [GitHub Enterprise Backup Utilities 3.4.0](https://github.com/github/backup-utils) for [Backups and Disaster Recovery](/admin/configuration/configuring-your-enterprise/configuring-backups-on-your-appliance).' diff --git a/translations/zh-CN/data/release-notes/enterprise-server/3-4/1.yml b/translations/zh-CN/data/release-notes/enterprise-server/3-4/1.yml new file mode 100644 index 0000000000..85b5feeb65 --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/3-4/1.yml @@ -0,0 +1,105 @@ +date: '2022-04-04' +sections: + security_fixes: + - 'MEDIUM: A path traversal vulnerability was identified in {% data variables.product.prodname_ghe_server %} Management Console that allowed the bypass of CSRF protections. This vulnerability affected all versions of {% data variables.product.prodname_ghe_server %} prior to 3.5 and was fixed in versions 3.1.19, 3.2.11, 3.3.6, 3.4.1. This vulnerability was reported via the {% data variables.product.prodname_dotcom %} Bug Bounty program and has been assigned CVE-2022-23732.' + - 'MEDIUM: An integer overflow vulnerability was identified in the 1.x branch and the 2.x branch of `yajil` which leads to subsequent heap memory corruption when dealing with large (~2GB) inputs. This vulnerability was reported internally and has been assigned CVE-2022-24795. ' + - Support bundles could include sensitive files if {% data variables.product.prodname_actions %} was enabled. + - Packages have been updated to the latest security versions. + bugs: + - A workflow run may not complete if it uses composite-actions. + - When enabling {% data variables.product.prodname_dependabot %}, an error caused some security advisories to temporarily read as no-longer applicable. + - Minio processes would have high CPU usage if an old configuration option was present after upgrading {% data variables.product.prodname_ghe_server %}. + - The options to enable `TLS 1.0` and `TLS 1.1` in the Privacy settings of the Management Console were shown, although removal of those protocol versions occurred in an earlier release. + - In a HA environment, configuring MSSQL replication could require additional manual steps after enabling {% data variables.product.prodname_actions %} for the first time. + - A subset of internal configuration files are more reliably updated after a hotpatch. + - The `ghe-run-migrations` script would sometimes fail to generate temporary certificate names correctly. + - Pre-receive hooks that used `gpg --import` timed out due to insufficient `syscall` privileges. + - In some cluster topologies, webhook delivery information was not available. + - The {% data variables.product.prodname_actions %} deployment graph would display an error when rendering a pending job. + - Elasticsearch health checks would not allow a yellow cluster status when running migrations. + - When using the [Migrations API](/rest/reference/migrations), queued export jobs were not processed. + - Repositories would display a non-functional Discussions tab in the web UI. + - Organizations created as a result of a user transforming their user account into an organization were not added to the global enterprise account. + - LDAP user sync jobs would fail when trying to sync GPG keys that had been synced previously. + - Links to inaccessible pages were removed. + - Some instances experienced high CPU usage due to large amounts unnecessary background jobs being queued. + - Empty repositories didnt sync correctly to cache servers. + - Adding a team as a reviewer to a pull request would sometimes show the incorrect number of members on that team. + - The remove team membership API endpoint would respond with an error when attempting to remove member externally managed via a SCIM Group. + - A large number of dormant users could cause a {% data variables.product.prodname_github_connect %} configuration to fail. + - The "Feature & beta enrollments" page in the Site admin web UI was incorrectly available. + - The "Site admin mode" link in the site footer did not change state when clicked. + changes: + - Memcached connection limits were increased to better accommodate large cluster topologies. + - The Dependency Graph API previously ran with a statically defined port. + - The default shard counts for cluster-related Elasticsearch shard settings have been updated. + - The [Migrations API](/rest/reference/migrations) now generates exports of repositories. + - When filtering enterprise members by organization role on the "People" page, the text for the dropdown menu items has been improved. + - The “Triage” and “Maintain” team roles are preserved during repository migrations. + - Using ghe-migrator or exporting from GitHub.com, an export would not include Pull Request attachments. + - Performance has been improved for web requests made by enterprise owners. + known_issues: + - On a freshly set up {% data variables.product.prodname_ghe_server %} instance without any users, an attacker could create the first admin user. + - Custom firewall rules are removed during the upgrade process. + - Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. + - Issues cannot be closed if they contain a permalink to a blob in the same repository, where the blob's file path is longer than 255 characters. + - When "Users can search GitHub.com" is enabled with {% data variables.product.prodname_github_connect %}, issues in private and internal repositories are not included in {% data variables.product.prodname_dotcom_the_website %} search results. + - The {% data variables.product.prodname_registry %} npm registry no longer returns a time value in metadata responses. This was done to allow for substantial performance improvements. We continue to have all the data necessary to return a time value as part of the metadata response and will resume returning this value in the future once we have solved the existing performance issues. + - Resource limits that are specific to processing pre-receive hooks may cause some pre-receive hooks to fail. + - | + After registering a self-hosted runner with the `--ephemeral` parameter on more than one level (for example, both enterprise and organization), the runner may get stuck in an idle state and require re-registration. [Updated: 2022-06-17] + - | + When using SAML encrypted assertions with {% data variables.product.prodname_ghe_server %} 3.4.0 and 3.4.1, a new XML attribute `WantAssertionsEncrypted` in the `SPSSODescriptor` contains an invalid attribute for SAML metadata. IdPs that consume this SAML metadata endpoint may encounter errors when validating the SAML metadata XML schema. A fix will be available in the next patch release. [Updated: 2022-04-11] + + To work around this problem, you can take one of the two following actions. + - Reconfigure the IdP by uploading a static copy of the SAML metadata without the `WantAssertionsEncrypted` attribute. + - Copy the SAML metadata, remove `WantAssertionsEncrypted` attribute, host it on a web server, and reconfigure the IdP to point to that URL. + - '{% data reusables.release-notes.ghas-3.4-secret-scanning-known-issue %}' + deprecations: + - heading: Deprecation of GitHub Enterprise Server 3.0 + notes: + - '**{% data variables.product.prodname_ghe_server %} 3.0 was discontinued on February 16, 2022**. This means that no patch releases will be made, even for critical security issues, after this date. For better performance, improved security, and new features, [upgrade to the newest version of {% data variables.product.prodname_ghe_server %}](/enterprise-server@3.4/admin/enterprise-management/upgrading-github-enterprise-server) as soon as possible.' + - heading: Deprecation of GitHub Enterprise Server 3.1 + notes: + - '**{% data variables.product.prodname_ghe_server %} 3.1 will be discontinued on June 3, 2022**. This means that no patch releases will be made, even for critical security issues, after this date. For better performance, improved security, and new features, [upgrade to the newest version of {% data variables.product.prodname_ghe_server %}](/enterprise-server@3.4/admin/enterprise-management/upgrading-github-enterprise-server) as soon as possible.' + + - heading: Deprecation of XenServer Hypervisor support + notes: + # https://github.com/github/docs-content/issues/4439 + - Starting in {% data variables.product.prodname_ghe_server %} 3.3, {% data variables.product.prodname_ghe_server %} on XenServer was deprecated and is no longer supported. Please contact [GitHub Support](https://support.github.com) with questions or concerns. + + - heading: Deprecation of the Content Attachments API preview + notes: + # + - Due to low usage, we have deprecated the Content References API preview in {% data variables.product.prodname_ghe_server %} 3.4. The API was previously accessible with the `corsair-preview` header. Users can continue to navigate to external URLs without this API. Any registered usages of the Content References API will no longer receive a webhook notification for URLs from your registered domain(s) and we no longer return valid response codes for attempted updates to existing content attachments. + + - heading: Deprecation of the Codes of Conduct API preview + notes: + # https://github.com/github/releases/issues/1708 + - 'The Codes of Conduct API preview, which was accessible with the `scarlet-witch-preview` header, is deprecated and no longer accessible in {% data variables.product.prodname_ghe_server %} 3.4. We instead recommend using the "[Get community profile metrics](/rest/reference/repos#get-community-profile-metrics)" endpoint to retrieve information about a repository''s code of conduct. For more information, see the "[Deprecation Notice: Codes of Conduct API preview](https://github.blog/changelog/2021-10-06-deprecation-notice-codes-of-conduct-api-preview/)" in the {% data variables.product.prodname_dotcom %} changelog.' + + - heading: Deprecation of OAuth Application API endpoints and API authentication using query parameters + notes: + # https://github.com/github/releases/issues/1316 + - | + Starting with {% data variables.product.prodname_ghe_server %} 3.4, the [deprecated version of the OAuth Application API endpoints](https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/#endpoints-affected) have been removed. If you encounter 404 error messages on these endpoints, convert your code to the versions of the OAuth Application API that do not have `access_tokens` in the URL. We've also disabled the use of API authentication using query parameters. We instead recommend using [API authentication in the request header](https://developer.github.com/changes/2020-02-10-deprecating-auth-through-query-param/#changes-to-make). + + - heading: Deprecation of the CodeQL runner + notes: + # https://github.com/github/releases/issues/1632 + - The {% data variables.product.prodname_codeql %} runner is deprecated in {% data variables.product.prodname_ghe_server %} 3.4 and is no longer supported. The deprecation only affects users who use {% data variables.product.prodname_codeql %} code scanning in third party CI/CD systems; {% data variables.product.prodname_actions %} users are not affected. We strongly recommend that customers migrate to the {% data variables.product.prodname_codeql %} CLI, which is a feature-complete replacement for the {% data variables.product.prodname_codeql %} runner. For more information, see the [{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-09-21-codeql-runner-deprecation/). + + - heading: Deprecation of custom bit-cache extensions + notes: + # https://github.com/github/releases/issues/1415 + - | + Starting in {% data variables.product.prodname_ghe_server %} 3.1, support for {% data variables.product.company_short %}'s proprietary bit-cache extensions began to be phased out. These extensions are deprecated in {% data variables.product.prodname_ghe_server %} 3.3 onwards. + + Any repositories that were already present and active on {% data variables.product.product_location %} running version 3.1 or 3.2 will have been automatically updated. + + Repositories which were not present and active before upgrading to {% data variables.product.prodname_ghe_server %} 3.3 may not perform optimally until a repository maintenance task is run and has successfully completed. + + To start a repository maintenance task manually, browse to `https:///stafftools/repositories///network` for each affected repository and click the Schedule button. + + backups: + - '{% data variables.product.prodname_ghe_server %} 3.4 requires at least [GitHub Enterprise Backup Utilities 3.4.0](https://github.com/github/backup-utils) for [Backups and Disaster Recovery](/admin/configuration/configuring-your-enterprise/configuring-backups-on-your-appliance).' diff --git a/translations/zh-CN/data/release-notes/enterprise-server/3-4/2.yml b/translations/zh-CN/data/release-notes/enterprise-server/3-4/2.yml new file mode 100644 index 0000000000..be2036c2f4 --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/3-4/2.yml @@ -0,0 +1,86 @@ +date: '2022-04-20' +sections: + security_fixes: + - Packages have been updated to the latest security versions. + bugs: + - Resolved a regression that could lead to consistent failures to retrieve artifacts and download log archives for {% data variables.product.prodname_actions %}. In some circumstances we stopped resolving URLs for internal communications that used `localhost`, and instead incorrectly used the instance hostname. + - When a manifest file was deleted from a repository, the manifest would not be removed from the repository's "Dependency graph" page. + - Upgrading the nodes in a high availability pair with an upgrade package could cause Elasticsearch to enter an inconsistent state in some cases. + - Rotated log files with the extension `.backup` would accumulate in directories containing system logs. + - In some cluster topologies, the command line utilities `ghe-spokesctl` and `ghe-btop` failed to run. + - Elasticsearch indices could be duplicated during a package upgrade, due to an `elasticsearch-upgrade` service running multiple times in parallel. + - Repository cache servers could serve data from non-cache locations even when the data was available in the local cache location. + - When converting a user account to an organization, if the user account was an owner of the {% data variables.product.prodname_ghe_server %} enterprise account, the converted organization would incorrectly appear in the enterprise owner list. + - The `/stafftools/users/ip_addresses/:address` page responded with a `500 Internal Server Error` when attempting to display the page for an IPv6 address. + - Creating an impersonation OAuth token using the Enterprise Administration REST API resulted in an error when an integration matching the OAuth Application ID already existed. + + changes: + - Added support for replica domain names that are more than 63 characters. + - Configuration errors that halt a config apply run are now output to the terminal in addition to the configuration log. + - If {% data variables.product.prodname_GH_advanced_security %} features are enabled on your instance, the performance of background jobs has improved when processing batches for repository contributions. + + known_issues: + - On a freshly set up {% data variables.product.prodname_ghe_server %} instance without any users, an attacker could create the first admin user. + - Custom firewall rules are removed during the upgrade process. + - Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. + - Issues cannot be closed if they contain a permalink to a blob in the same repository, where the blob's file path is longer than 255 characters. + - When "Users can search GitHub.com" is enabled with {% data variables.product.prodname_github_connect %}, issues in private and internal repositories are not included in {% data variables.product.prodname_dotcom_the_website %} search results. + - The {% data variables.product.prodname_registry %} npm registry no longer returns a time value in metadata responses. This was done to allow for substantial performance improvements. We continue to have all the data necessary to return a time value as part of the metadata response and will resume returning this value in the future once we have solved the existing performance issues. + - Resource limits that are specific to processing pre-receive hooks may cause some pre-receive hooks to fail. + - | + After registering a self-hosted runner with the `--ephemeral` parameter on more than one level (for example, both enterprise and organization), the runner may get stuck in an idle state and require re-registration. [Updated: 2022-06-17] + - After upgrading to {% data variables.product.prodname_ghe_server %} 3.4, releases may appear to be missing from repositories. This can occur when the required Elasticsearch index migrations have not successfully completed. + - '{% data reusables.release-notes.ghas-3.4-secret-scanning-known-issue %}' + deprecations: + - heading: Deprecation of GitHub Enterprise Server 3.0 + notes: + - '**{% data variables.product.prodname_ghe_server %} 3.0 was discontinued on February 16, 2022**. This means that no patch releases will be made, even for critical security issues, after this date. For better performance, improved security, and new features, [upgrade to the newest version of {% data variables.product.prodname_ghe_server %}](/enterprise-server@3.4/admin/enterprise-management/upgrading-github-enterprise-server) as soon as possible.' + - heading: Deprecation of GitHub Enterprise Server 3.1 + notes: + - '**{% data variables.product.prodname_ghe_server %} 3.1 will be discontinued on June 3, 2022**. This means that no patch releases will be made, even for critical security issues, after this date. For better performance, improved security, and new features, [upgrade to the newest version of {% data variables.product.prodname_ghe_server %}](/enterprise-server@3.4/admin/enterprise-management/upgrading-github-enterprise-server) as soon as possible.' + + - heading: Deprecation of XenServer Hypervisor support + notes: + # https://github.com/github/docs-content/issues/4439 + - Starting in {% data variables.product.prodname_ghe_server %} 3.3, {% data variables.product.prodname_ghe_server %} on XenServer was deprecated and is no longer supported. Please contact [GitHub Support](https://support.github.com) with questions or concerns. + + - heading: Deprecation of the Content Attachments API preview + notes: + # + - Due to low usage, we have deprecated the Content References API preview in {% data variables.product.prodname_ghe_server %} 3.4. The API was previously accessible with the `corsair-preview` header. Users can continue to navigate to external URLs without this API. Any registered usages of the Content References API will no longer receive a webhook notification for URLs from your registered domain(s) and we no longer return valid response codes for attempted updates to existing content attachments. + + - heading: Deprecation of the Codes of Conduct API preview + notes: + # https://github.com/github/releases/issues/1708 + - 'The Codes of Conduct API preview, which was accessible with the `scarlet-witch-preview` header, is deprecated and no longer accessible in {% data variables.product.prodname_ghe_server %} 3.4. We instead recommend using the "[Get community profile metrics](/rest/reference/repos#get-community-profile-metrics)" endpoint to retrieve information about a repository''s code of conduct. For more information, see the "[Deprecation Notice: Codes of Conduct API preview](https://github.blog/changelog/2021-10-06-deprecation-notice-codes-of-conduct-api-preview/)" in the {% data variables.product.prodname_dotcom %} changelog.' + + - heading: Deprecation of OAuth Application API endpoints and API authentication using query parameters + notes: + # https://github.com/github/releases/issues/1316 + - | + Starting with {% data variables.product.prodname_ghe_server %} 3.4, the [deprecated version of the OAuth Application API endpoints](https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/#endpoints-affected) have been removed. If you encounter 404 error messages on these endpoints, convert your code to the versions of the OAuth Application API that do not have `access_tokens` in the URL. We've also disabled the use of API authentication using query parameters. We instead recommend using [API authentication in the request header](https://developer.github.com/changes/2020-02-10-deprecating-auth-through-query-param/#changes-to-make). + + - heading: Deprecation of the CodeQL runner + notes: + # https://github.com/github/releases/issues/1632 + - The {% data variables.product.prodname_codeql %} runner is deprecated in {% data variables.product.prodname_ghe_server %} 3.4 and is no longer supported. The deprecation only affects users who use {% data variables.product.prodname_codeql %} code scanning in third party CI/CD systems; {% data variables.product.prodname_actions %} users are not affected. We strongly recommend that customers migrate to the {% data variables.product.prodname_codeql %} CLI, which is a feature-complete replacement for the {% data variables.product.prodname_codeql %} runner. For more information, see the [{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-09-21-codeql-runner-deprecation/). + + - heading: Deprecation of custom bit-cache extensions + notes: + # https://github.com/github/releases/issues/1415 + - | + Starting in {% data variables.product.prodname_ghe_server %} 3.1, support for {% data variables.product.company_short %}'s proprietary bit-cache extensions began to be phased out. These extensions are deprecated in {% data variables.product.prodname_ghe_server %} 3.3 onwards. + + Any repositories that were already present and active on {% data variables.product.product_location %} running version 3.1 or 3.2 will have been automatically updated. + + Repositories which were not present and active before upgrading to {% data variables.product.prodname_ghe_server %} 3.3 may not perform optimally until a repository maintenance task is run and has successfully completed. + + To start a repository maintenance task manually, browse to `https:///stafftools/repositories///network` for each affected repository and click the Schedule button. + + - heading: Theme picker for GitHub Pages has been removed + notes: + - | + The theme picker for GitHub Pages has been removed from the Pages settings. For more information about configuration of themes for GitHub Pages, see "[Adding a theme to your GitHub Pages site using Jekyll](/pages/setting-up-a-github-pages-site-with-jekyll/adding-a-theme-to-your-github-pages-site-using-jekyll)." + + backups: + - '{% data variables.product.prodname_ghe_server %} 3.4 requires at least [GitHub Enterprise Backup Utilities 3.4.0](https://github.com/github/backup-utils) for [Backups and Disaster Recovery](/admin/configuration/configuring-your-enterprise/configuring-backups-on-your-appliance).' diff --git a/translations/zh-CN/data/release-notes/enterprise-server/3-4/3.yml b/translations/zh-CN/data/release-notes/enterprise-server/3-4/3.yml new file mode 100644 index 0000000000..a15e8170ba --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/3-4/3.yml @@ -0,0 +1,40 @@ +date: '2022-05-17' +sections: + security_fixes: + - '**MEDIUM:** A security issue in nginx resolver was identified, where an attacker who could forge UDP packets from the DNS server could cause 1-byte memory overwrite, resulting in worker process crashes or other potentially damaging impacts. The vulnerability has been assigned [CVE-2021-23017](https://nvd.nist.gov/vuln/detail/CVE-2021-23017).' + - Updated the `actions/checkout@v2` and `actions/checkout@v3` actions to address new vulnerabilities announced in the [Git security enforcement blog post](https://github.blog/2022-04-12-git-security-vulnerability-announced/). + - Packages have been updated to the latest security versions. + bugs: + - In some cluster topologies, the `ghe-cluster-status` command left behind empty directories in `/tmp`. + - SNMP incorrectly logged a high number of `Cannot statfs` error messages to syslog. + - When adding custom patterns and providing non-UTF8 test strings, match highlighting was incorrect. + - LDAP users with an underscore character (`_`) in their user names can now login successfully. + - For instances configured with SAML authentication and built-in fallback enabled, built-in users would get stuck in a “login” loop when attempting to sign in from the page generated after logging out. + - After enabling SAML encrypted assertions with Azure as identity provider, the sign in page would fail with a `500` error. + - Character key shortcut preferences weren't respected. + - Attempts to view the `git fsck` output from the `/stafftools/repositories/:owner/:repo/disk` page would fail with a `500 Internal Server Error`. + - When using SAML encrypted assertions, some assertions were not correctly marking SSH keys as verified. + - Videos uploaded to issue comments would not be rendered properly. + - When using GitHub Enterprise Importer to import a repository, some issues would fail to import due to incorrectly configured project timeline events. + - When using `ghe-migrator`, a migration would fail to import video file attachments in issues and pull requests. + - 'The Releases page would return a 500 error when the repository has tags that contain non-ASCII characters. [Updated: 2022-06-10]' + - 'Upgrades would sometimes fail while migrating dependency graph data. [Updated: 2022-06-30]' + changes: + - In high availability configurations, clarify that the replication overview page in the Management Console only displays the current replication configuration, not the current replication status. + - The Nomad allocation timeout for Dependency Graph has been increased to ensure post-upgrade migrations can complete. + - When enabling {% data variables.product.prodname_registry %}, clarify that using a Shared Access Signature (SAS) token as connection string is not currently supported. + - Support bundles now include the row count of tables stored in MySQL. + - When determining which repository networks to schedule maintenance on, we no longer count the size of unreachable objects. + - The `run_started_at` response field is now included in the [Workflow runs API](/rest/actions/workflow-runs) and the `workflow_run` event webhook payload. + known_issues: + - On a freshly set up {% data variables.product.prodname_ghe_server %} instance without any users, an attacker could create the first admin user. + - Custom firewall rules are removed during the upgrade process. + - Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. + - Issues cannot be closed if they contain a permalink to a blob in the same repository, where the blob's file path is longer than 255 characters. + - When "Users can search GitHub.com" is enabled with {% data variables.product.prodname_github_connect %}, issues in private and internal repositories are not included in {% data variables.product.prodname_dotcom_the_website %} search results. + - The {% data variables.product.prodname_registry %} npm registry no longer returns a time value in metadata responses. This was done to allow for substantial performance improvements. We continue to have all the data necessary to return a time value as part of the metadata response and will resume returning this value in the future once we have solved the existing performance issues. + - Resource limits that are specific to processing pre-receive hooks may cause some pre-receive hooks to fail. + - | + After registering a self-hosted runner with the `--ephemeral` parameter on more than one level (for example, both enterprise and organization), the runner may get stuck in an idle state and require re-registration. [Updated: 2022-06-17] + - After upgrading to {% data variables.product.prodname_ghe_server %} 3.4 releases may appear to be missing from repositories. This can occur when the required Elasticsearch index migrations have not successfully completed. + - '{% data reusables.release-notes.ghas-3.4-secret-scanning-known-issue %}' \ No newline at end of file diff --git a/translations/zh-CN/data/release-notes/enterprise-server/3-4/4.yml b/translations/zh-CN/data/release-notes/enterprise-server/3-4/4.yml new file mode 100644 index 0000000000..ebf7d67692 --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/3-4/4.yml @@ -0,0 +1,31 @@ +date: '2022-06-09' +sections: + security_fixes: + - Packages have been updated to the latest security versions. + bugs: + - An internal script to validate hostnames in the {% data variables.product.prodname_ghe_server %} configuration file would return an error if the hostname string started with a "." (period character). + - In HA configurations where the primary node's hostname was longer than 60 characters, MySQL would fail to be configured. + - When {% data variables.product.prodname_actions %} was enabled but TLS was disabled on {% data variables.product.prodname_ghe_server %} 3.4.1 and later, applying a configuration update would fail. + - The `--gateway` argument was added to the `ghe-setup-network` command, to allow passing the gateway address when configuring network settings using the command line. + - The [{% data variables.product.prodname_GH_advanced_security %} billing API](/rest/enterprise-admin/billing#get-github-advanced-security-active-committers-for-an-enterprise) endpoints were not enabled and accessible. + - Image attachments that were deleted would return a `500 Internal Server Error` instead of a `404 Not Found` error. + - In environments configured with a repository cache server, the `ghe-repl-status` command incorrectly showed gists as being under-replicated. + - The "Get a commit" and "Compare two commits" endpoints in the [Commit API](/rest/commits/commits) would return a `500` error if a file path in the diff contained an encoded and escaped unicode character. + - The calculation of "maximum committers across entire instance" reported in the site admin dashboard was incorrect. + - An incorrect database entry for repository replicas caused database corruption when performing a restore using {% data variables.product.prodname_enterprise_backup_utilities %}. + - The activity timeline for secret scanning alerts wasn't displayed. + changes: + - Optimised the inclusion of metrics when generating a cluster support bundle. + - In HA configurations where Elasticsearch reported a valid yellow status, changes introduced in a previous fix would block the `ghe-repl-stop` command and not allow replication to be stopped. Using `ghe-repo-stop --force` will now force Elasticsearch to stop when the service is in a normal or valid yellow status. + known_issues: + - On a freshly set up {% data variables.product.prodname_ghe_server %} instance without any users, an attacker could create the first admin user. + - Custom firewall rules are removed during the upgrade process. + - Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. + - Issues cannot be closed if they contain a permalink to a blob in the same repository, where the blob's file path is longer than 255 characters. + - When "Users can search GitHub.com" is enabled with {% data variables.product.prodname_github_connect %}, issues in private and internal repositories are not included in {% data variables.product.prodname_dotcom_the_website %} search results. + - The {% data variables.product.prodname_registry %} npm registry no longer returns a time value in metadata responses. This was done to allow for substantial performance improvements. We continue to have all the data necessary to return a time value as part of the metadata response and will resume returning this value in the future once we have solved the existing performance issues. + - Resource limits that are specific to processing pre-receive hooks may cause some pre-receive hooks to fail. + - | + After registering a self-hosted runner with the `--ephemeral` parameter on more than one level (for example, both enterprise and organization), the runner may get stuck in an idle state and require re-registration. [Updated: 2022-06-17] + - After upgrading to {% data variables.product.prodname_ghe_server %} 3.4, releases may appear to be missing from repositories. This can occur when the required Elasticsearch index migrations have not successfully completed. + - '{% data reusables.release-notes.ghas-3.4-secret-scanning-known-issue %}' \ No newline at end of file diff --git a/translations/zh-CN/data/release-notes/enterprise-server/3-4/5.yml b/translations/zh-CN/data/release-notes/enterprise-server/3-4/5.yml new file mode 100644 index 0000000000..f72408ff77 --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/3-4/5.yml @@ -0,0 +1,30 @@ +date: '2022-06-28' +sections: + security_fixes: + - "**MEDIUM**: Prevents an attack where an `org` query string parameter can be specified for a GitHub Enterprise Server URL that then gives access to another organization's active committers." + - "**MEDIUM**: Ensures that `github.company.com` and `github-company.com` are not evaluated by internal services as identical hostnames, preventing a potential server-side security forgery (SSRF) attack." + - "**LOW**: An attacker could access the Management Console with a path traversal attack via HTTP even if external firewall rules blocked HTTP access." + - Packages have been updated to the latest security versions. + bugs: + - Files inside an artifact archive were unable to be opened after decompression due to restrictive permissions. + - Redis timeouts no longer halt database migrations while running `ghe-config-apply`. + - Background job processors would get stuck in a partially shut-down state, resulting in certain kinds of background jobs (like code scanning) appearing stuck. + - In some cases, site administrators were not automatically added as enterprise owners. + - A rendering issue could affect the dropdown list for filtering secret scanning alerts in a repository. + changes: + - Improved the performance of Dependabot version updates after first enabled. + - The GitHub Pages build and synchronization timeouts are now configurable in the Management Console. + - Creating or updating check runs or check suites could return `500 Internal Server Error` if the value for certain fields, like the name, was too long. + - When [deploying cache-server nodes](/admin/enterprise-management/caching-repositories/configuring-a-repository-cache#configuring-a-repository-cache), it is now mandatory to describe the datacenter topology (using the `--datacenter` argument) for every node in the system. This requirement prevents situations where leaving datacenter membership set to "default" leads to workloads being inappropriately balanced across multiple datacenters. + known_issues: + - On a freshly set up {% data variables.product.prodname_ghe_server %} instance without any users, an attacker could create the first admin user. + - Custom firewall rules are removed during the upgrade process. + - Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. + - Issues cannot be closed if they contain a permalink to a blob in the same repository, where the blob's file path is longer than 255 characters. + - When "Users can search GitHub.com" is enabled with {% data variables.product.prodname_github_connect %}, issues in private and internal repositories are not included in {% data variables.product.prodname_dotcom_the_website %} search results. + - The {% data variables.product.prodname_registry %} npm registry no longer returns a time value in metadata responses. This was done to allow for substantial performance improvements. We continue to have all the data necessary to return a time value as part of the metadata response and will resume returning this value in the future once we have solved the existing performance issues. + - Resource limits that are specific to processing pre-receive hooks may cause some pre-receive hooks to fail. + - | + After registering a self-hosted runner with the `--ephemeral` parameter on more than one level (for example, both enterprise and organization), the runner may get stuck in an idle state and require re-registration. + - After upgrading to {% data variables.product.prodname_ghe_server %} 3.4, releases may appear to be missing from repositories. This can occur when the required Elasticsearch index migrations have not successfully completed. + - '{% data reusables.release-notes.ghas-3.4-secret-scanning-known-issue %}' \ No newline at end of file diff --git a/translations/zh-CN/data/release-notes/enterprise-server/3-4/6.yml b/translations/zh-CN/data/release-notes/enterprise-server/3-4/6.yml new file mode 100644 index 0000000000..e9bd1dcf8f --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/3-4/6.yml @@ -0,0 +1,33 @@ +date: '2022-07-21' +sections: + security_fixes: + - "**MEDIUM**: Prevents an attack where a server-side request forgery (SSRF) could potentially force the Subversion (SVN) bridge to execute remote code by injecting arbitrary data into Memcached." + - "**MEDIUM**: Prevents an attacker from executing Javascript code by exploiting a cross-site scripting (XSS) vulnerability in dropdown UI elements within the GitHub Enterprise Server web interface." + - Updates Grafana to version 7.5.16, which addresses various security vulnerabilities including [CVE-2020-13379](https://github.com/advisories/GHSA-wc9w-wvq2-ffm9) and [CVE-2022-21702](https://github.com/grafana/grafana/security/advisories/GHSA-xc3p-28hw-q24g). + - Packages have been updated to the latest security versions. + - "**MEDIUM**: A stored XSS vulnerability was identified in GitHub Enterprise Server that allowed the injection of arbitrary attributes. This injection was blocked by Github's Content Security Policy (CSP). This vulnerability was reported via the GitHub Bug Bounty program and has been assigned [CVE-2022-23733](https://www.cve.org/CVERecord?id=CVE-2022-23733). [Updated: 2022-07-31]" + bugs: + - In some cases, the collectd daemon could consume excess memory. + - In some cases, backups of rotated log files could accumulate and consume excess storage. + - After an upgrade to a new feature release and subsequent configuration run, Elasticsearch could log excessive exceptions while rebuilding indices. + - In some cases where a protected branch required more than one approving review, a pull request could be merged with fewer than the required number of approving reviews. + - On instances using LDAP authentication, the authentication prompt for sudo mode incorrectly placed the cursor within the password field by default when text fields for both a username and password were visible. + - In some cases, scheduled GitHub Actions workflows could become disabled. + - The Billing API's "[Get GitHub Advanced Security active committers for an organization](/rest/billing#get-github-advanced-security-active-committers-for-an-organization)" endpoint now returns `Link` headers to provide information about pagination. + - The Billing API's "[Get GitHub Advanced Security active committers for an organization](/rest/billing#get-github-advanced-security-active-committers-for-an-organization)" endpoint now returns the correct number of total committers. + changes: + - The `ghe-set-password` command-line utility starts required services automatically when the instance is booted in recovery mode. + - Metrics for `aqueduct` background processes are gathered for Collectd forwarding and display in the Management Console. + - The location of the database migration and configuration run log, `/data/user/common/ghe-config.log`, is now displayed on the page that details a migration in progress. + known_issues: + - On a freshly set up {% data variables.product.prodname_ghe_server %} instance without any users, an attacker could create the first admin user. + - Custom firewall rules are removed during the upgrade process. + - Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. + - Issues cannot be closed if they contain a permalink to a blob in the same repository, where the blob's file path is longer than 255 characters. + - When "Users can search GitHub.com" is enabled with {% data variables.product.prodname_github_connect %}, issues in private and internal repositories are not included in {% data variables.product.prodname_dotcom_the_website %} search results. + - The {% data variables.product.prodname_registry %} npm registry no longer returns a time value in metadata responses. This was done to allow for substantial performance improvements. We continue to have all the data necessary to return a time value as part of the metadata response and will resume returning this value in the future once we have solved the existing performance issues. + - Resource limits that are specific to processing pre-receive hooks may cause some pre-receive hooks to fail. + - | + After registering a self-hosted runner with the `--ephemeral` parameter on more than one level (for example, both enterprise and organization), the runner may get stuck in an idle state and require re-registration. [Updated: 2022-06-17] + - After upgrading to {% data variables.product.prodname_ghe_server %} 3.4, releases may appear to be missing from repositories. This can occur when the required Elasticsearch index migrations have not successfully completed. + - '{% data reusables.release-notes.ghas-3.4-secret-scanning-known-issue %}' \ No newline at end of file diff --git a/translations/zh-CN/data/release-notes/enterprise-server/3-4/7.yml b/translations/zh-CN/data/release-notes/enterprise-server/3-4/7.yml new file mode 100644 index 0000000000..080d90353b --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/3-4/7.yml @@ -0,0 +1,26 @@ +date: '2022-08-11' +sections: + security_fixes: + - | + **CRITICAL**: GitHub Enterprise Server's Elasticsearch container used a version of OpenJDK 8 that was vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. The vulnerability is tracked as [CVE-2022-34169](https://github.com/advisories/GHSA-9339-86wc-4qgf). + - | + **HIGH**: Previously installed apps on user accounts were automatically granted permission to access an organization on scoped access tokens after the user account was transformed into an organization account. This vulnerability was reported via the [GitHub Bug Bounty program](https://bounty.github.com). + bugs: + - In some cases, GitHub Enterprise Server instances on AWS that used the `r4.4xlarge` instance type would fail to boot. + - When calculating committers for GitHub Advanced Security, it was not possible to specify individual repositories. For more information, see "[Site admin dashboard](/admin/configuration/configuring-your-enterprise/site-admin-dashboard#advanced-security-committers)." + - When a custom dormancy threshold was set for the instance, suspending all dormant users did not reliably respect the threshold. For more information about dormancy, see "[Managing dormant users](/admin/user-management/managing-users-in-your-enterprise/managing-dormant-users)." + changes: + - '`pre_receive_hook.rejected_push` events were not displayed in the enterprise audit log.' + - Both migration archives for repositories and archive exports for user accounts include release reactions. + known_issues: + - On a freshly set up {% data variables.product.prodname_ghe_server %} instance without any users, an attacker could create the first admin user. + - Custom firewall rules are removed during the upgrade process. + - Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. + - Issues cannot be closed if they contain a permalink to a blob in the same repository, where the blob's file path is longer than 255 characters. + - When "Users can search GitHub.com" is enabled with {% data variables.product.prodname_github_connect %}, issues in private and internal repositories are not included in {% data variables.product.prodname_dotcom_the_website %} search results. + - The {% data variables.product.prodname_registry %} npm registry no longer returns a time value in metadata responses. This was done to allow for substantial performance improvements. We continue to have all the data necessary to return a time value as part of the metadata response and will resume returning this value in the future once we have solved the existing performance issues. + - Resource limits that are specific to processing pre-receive hooks may cause some pre-receive hooks to fail. + - | + After registering a self-hosted runner with the `--ephemeral` parameter on more than one level (for example, both enterprise and organization), the runner may get stuck in an idle state and require re-registration. [Updated: 2022-06-17] + - After upgrading to {% data variables.product.prodname_ghe_server %} 3.4, releases may appear to be missing from repositories. This can occur when the required Elasticsearch index migrations have not successfully completed. + - '{% data reusables.release-notes.ghas-3.4-secret-scanning-known-issue %}' diff --git a/translations/zh-CN/data/release-notes/enterprise-server/3-4/8.yml b/translations/zh-CN/data/release-notes/enterprise-server/3-4/8.yml new file mode 100644 index 0000000000..6353897f97 --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/3-4/8.yml @@ -0,0 +1,26 @@ +date: '2022-08-30' +sections: + bugs: + - After unlocking a repository for temporary access, a site administrator was unable to manage settings for security products in the repository. + - Duplicate administrative SSH keys could appear in both the Management Console and the `/home/admin/.ssh/authorized_keys` file. + - The site admin page for individual users at http(s)://HOSTNAME/stafftools/users/USERNAME/admin contained functionality not intended for GitHub Enterprise Server. + - In some cases, running `ghe-cluster-config-apply` could replicate an empty configuration to existing nodes in a cluster. + - In some cases, configuration runs started with `ghe-config-apply` did not complete, or returned a `Container count mismatch` error. + - After updating a self-signed TLS certificate on a GitHub Enterprise Server instance, UI elements on some pages in the web interface did not appear. + - In some cases, background tasks could stall due to a library that was used concurrently despite not being thread-safe. + changes: + - Generation of support bundles is faster as a result of parallelized log sanitization. For more information about support bundles, see "[Providing data to GitHub Support](/support/contacting-github-support/providing-data-to-github-support)." + - APIs that contain the `organization` or `org` route now accept either the organization's slug or ID. Previously, the APIs only accepted slugs, which caused `Link` headers for GitHub Advanced Security endpoints to be inaccessible. For more information, see "[Organizations](https://docs.github.com/rest/orgs/orgs)" in the REST API documentation. + - The enterprise audit log now includes more user-generated events, such as `project.create`. The REST API also returns additional user-generated events, such as `repo.create`. For more information, see "[Accessing the audit log for your enterprise](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/accessing-the-audit-log-for-your-enterprise)" and "[Using the audit log API for your enterprise](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/using-the-audit-log-api-for-your-enterprise#querying-the-audit-log-rest-api)." + known_issues: + - On a freshly set up {% data variables.product.prodname_ghe_server %} instance without any users, an attacker could create the first admin user. + - Custom firewall rules are removed during the upgrade process. + - Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. + - Issues cannot be closed if they contain a permalink to a blob in the same repository, where the blob's file path is longer than 255 characters. + - When "Users can search GitHub.com" is enabled with {% data variables.product.prodname_github_connect %}, issues in private and internal repositories are not included in {% data variables.product.prodname_dotcom_the_website %} search results. + - The {% data variables.product.prodname_registry %} npm registry no longer returns a time value in metadata responses. This was done to allow for substantial performance improvements. We continue to have all the data necessary to return a time value as part of the metadata response and will resume returning this value in the future once we have solved the existing performance issues. + - Resource limits that are specific to processing pre-receive hooks may cause some pre-receive hooks to fail. + - | + After registering a self-hosted runner with the `--ephemeral` parameter on more than one level (for example, both enterprise and organization), the runner may get stuck in an idle state and require re-registration. [Updated: 2022-06-17] + - After upgrading to {% data variables.product.prodname_ghe_server %} 3.4, releases may appear to be missing from repositories. This can occur when the required Elasticsearch index migrations have not successfully completed. + - '{% data reusables.release-notes.ghas-3.4-secret-scanning-known-issue %}' diff --git a/translations/zh-CN/data/release-notes/enterprise-server/3-5/0-rc1.yml b/translations/zh-CN/data/release-notes/enterprise-server/3-5/0-rc1.yml new file mode 100644 index 0000000000..378a8b6706 --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/3-5/0-rc1.yml @@ -0,0 +1,421 @@ +date: '2022-05-10' +release_candidate: true +deprecated: true +intro: | + {% note %} + + **Note:** If {% data variables.product.product_location %} is running a release candidate build, you can't upgrade with a hotpatch. We recommend only running release candidates on test environments. + + {% endnote %} + + For upgrade instructions, see "[Upgrading {% data variables.product.prodname_ghe_server %}](/admin/enterprise-management/updating-the-virtual-machine-and-physical-resources/upgrading-github-enterprise-server)." +sections: + features: + - heading: IP exception list for validation testing after maintenance + notes: + # https://github.com/github/releases/issues/2109 + - | + You can now configure an allow list of IP addresses that can access application services on your GitHub Enterprise Server instance while maintenance mode is enabled. Administrators who visit the instance's web interface from an allowed IP address can validate the instance's functionality post-maintenance and before disabling maintenance mode. For more information, see "[Enabling and scheduling maintenance mode](/admin/configuration/configuring-your-enterprise/enabling-and-scheduling-maintenance-mode#validating-changes-in-maintenance-mode-using-the-ip-exception-list)." + + - heading: Custom repository roles are generally available + notes: + # https://github.com/github/releases/issues/1945 + - | + With custom repository roles, organizations now have more granular control over the repository access permissions they can grant to users. For more information, see "[Managing custom repository roles for an organization](/organizations/managing-peoples-access-to-your-organization-with-roles/managing-custom-repository-roles-for-an-organization)." + + A custom repository role is created by an organization owner, and is available across all repositories in that organization. Each role can be given a custom name, and a description. It can be configured from a set of over 40 fine grained permissions. Once created, repository admins can assign a custom role to any user, team or outside collaborator in their repository. + + Custom repository roles can be created, viewed, edited and deleted via the new **Repository roles** tab in an organization's settings. A maximum of 3 custom roles can be created within an organization. + + Custom repository roles are also fully supported in the GitHub Enterprise Server REST APIs. The Organizations API can be used to list all custom repository roles in an organization, and the existing APIs for granting repository access to individuals and teams have been extended to support custom repository roles. For more information, see "[Organizations](/rest/reference/orgs#list-custom-repository-roles-in-an-organization)" in the REST API documentation. + + - heading: GitHub Container registry in public beta + notes: + # https://github.com/github/releases/issues/2005 + - | + The GitHub Container registry (GHCR) is now available in GitHub Enterprise Server 3.5 as a public beta, offering developers the ability to publish, download, and manage containers. GitHub Packages container support implements the OCI standards for hosting Docker images. For more information, see "[GitHub Container registry](/packages/working-with-a-github-packages-registry/working-with-the-container-registry)." + + - heading: Dependabot updates are generally available + notes: + # https://github.com/github/releases/issues/2089 + - | + Dependabot version and security updates are now generally available in GitHub Enterprise Server 3.5. All the popular ecosystems and features that work on GitHub.com repositories now can be set up on your GitHub Enterprise Server instance. Dependabot on GitHub Enterprise Server requires GitHub Actions and a pool of self-hosted Dependabot runners, GitHub Connect enabled, and Dependabot enabled by an admin. For more information, see "[Setting up Dependabot updates](https://docs.github.com/en/enterprise-server@3.5/admin/github-actions/enabling-github-actions-for-github-enterprise-server/setting-up-dependabot-updates)." + + + + - heading: Server Statistics in public beta + notes: + # https://github.com/github/releases/issues/2183 + - | + You can now analyze how your team works, understand the value you get from GitHub Enterprise Server, and help us improve our products by reviewing your instance's usage data and sharing this aggregate data with GitHub. You can use your own tools to analyze your usage over time by downloading your data in a CSV or JSON file or by accessing it using the REST API. To see the list of aggregate metrics collected, see "[About Server Statistics](/admin/monitoring-activity-in-your-enterprise/analyzing-how-your-team-works-with-server-statistics/about-server-statistics#server-statistics-data-collected)." Server Statistics data includes no personal data nor GitHub content, such as code, issues, comments, or pull requests content. For a better understanding of how we store and secure Server Statistics data, see "[GitHub Security](https://github.com/security)." For more information about Server Statistics, see "[Analyzing how your team works with Server Statistics](/admin/monitoring-activity-in-your-enterprise/analyzing-how-your-team-works-with-server-statistics)." This feature is available in public beta. + + - heading: GitHub Actions rate limiting is now configurable + notes: + # https://github.com/github/releases/issues/2123 + - | + Site administrators can now enable and configure a rate limit for GitHub Actions. By default, the rate limit is disabled. When workflow jobs cannot immediately be assigned to an available runner, they will wait in a queue until a runner is available. However, if GitHub Actions experiences a sustained high load, the queue can back up faster than it can drain and the performance of the GitHub Enterprise Server instance may degrade. To avoid this, an administrator can configure a rate limit. When the rate limit is exceeded, additional workflow runs will fail immediately rather than being put in the queue. Once the rate has stabilized below the threshold, new runs can be queued again. For more information, see "[Configuring rate limits](/admin/configuration/configuring-your-enterprise/configuring-rate-limits#configuring-rate-limits-for-github-actions)." + + - heading: OpenID Connect (OIDC) for secure deployments with GitHub Actions + notes: + # https://github.com/github/releases/issues/2066 + - | + GitHub Actions on GitHub Enterprise Server now supports OIDC for secure deployments to cloud providers, which uses short-lived tokens that are automatically rotated for each deployment. OIDC enables the following functionality. + + - Seamless authentication between cloud providers and GitHub Enterprise Server without the need for storing any long-lived cloud secrets on your instance + - Cloud administrators can rely on the security mechanisms of a particular cloud provider to ensure that GitHub Actions workflows have minimal access to cloud resources. There is no duplication of secret management between GitHub Enterprise Server and the cloud. + + For more information, see "[Security hardening your deployments](/actions/deployment/security-hardening-your-deployments)." + + - heading: Sharing GitHub Actions within your enterprise is generally available + notes: + # https://github.com/github/releases/issues/2085 + - | + Support for GitHub Actions in internal repositories is now generally available for organizations on your GitHub Enterprise Server instance. You can innersource automation by sharing actions in internal repositories. You can manage a repository's settings or use the REST API to allow access to workflows in other repositories within the organization or in any organization on the instance. For more information, see "[Sharing actions and workflows with your enterprise](/actions/creating-actions/sharing-actions-and-workflows-with-your-enterprise)," "[Managing GitHub Actions settings for a repository](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#allowing-access-to-components-in-an-internal-repository)," and "[Actions Permissions](/rest/actions/permissions#get-the-level-of-access-for-workflows-outside-of-the-repository)" in the REST API documentation. + + - heading: Cache support for GitHub Actions on GitHub Enterprise Server is now generally available + notes: + # https://github.com/github/releases/issues/2110 + - | + You can now use dependency caching to speed up your GitHub Actions workflows. To cache dependencies for a job, you can include the [actions/cache](https://github.com/actions/cache) action to create a cache with a unique key. You can share caches across all workflows in the same repository. These workflows can then restore the cache and run faster. + + Actions users can also use our cache APIs to: + + - Define the enterprise policy for cache size range allowed per repository. + - Query the cache usage within each repository and monitor if the total size of all caches is reaching the upper limit. + - Increase the maximum cache size for a repository within the allowed enterprise limits, based on the cache requirements of the repository. + - Monitor aggregate cache usage at organization level or at enterprise level. + + The external blob storage that is configured within your enterprise account will now be shared across workflow artifacts, logs, and also the caches. For more information, see "[Caching dependencies to speed up workflows](/actions/using-workflows/caching-dependencies-to-speed-up-workflows)." + + + - heading: Automatically sign commits made in the web UI + notes: + # https://github.com/github/releases/issues/1963 + - | + You can now configure GitHub Enterprise Server to automatically sign commits made in the web interface, such as from editing a file or merging a pull request. Signed commits increase confidence that changes come from trusted sources. This feature allows the [Require signed commits](/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/about-protected-branches#require-signed-commits) branch protection setting to block unsigned commits from entering a repository, while allowing entry of signed commits – even those made in the web interface. For more information, see "[Configuring web commit signing](/admin/configuration/configuring-your-enterprise/configuring-web-commit-signing)." + + - heading: Sync license usage any time + notes: + # https://github.com/github/releases/issues/2201 + - | + For customers that sync license usage between GitHub Enterprise Server and GitHub Enterprise Cloud automatically using GitHub Connect, you now have the ability to sync your license usage independently of the automatic weekly sync. This feature also reports the status of sync job. For more information, see "[Syncing license usage between GitHub Enterprise Server and GitHub Enterprise Cloud](/billing/managing-your-license-for-github-enterprise/syncing-license-usage-between-github-enterprise-server-and-github-enterprise-cloud#manually-syncing-license-usage)." + + - heading: Reusable workflows for GitHub Actions are generally available + notes: + # https://github.com/github/releases/issues/1767 + # https://github.com/github/releases/issues/1950 + # https://github.com/github/releases/issues/2114 + - | + Reusable workflows are now generally available. Reusable workflows help you reduce duplication by enabling you to reuse an entire workflow as if it were an action. With the general availability release, a number of improvements are now available for GitHub Enterprise Server. For more information, see "[Reusing workflows](/actions/using-workflows/reusing-workflows)." + + - You can utilize outputs to pass data from reusable workflows to other jobs in the caller workflow. + - You can pass environment secrets to reusable workflows. + - The audit log includes information about which reusable workflows are used. + - Reusable workflows in the same repository as the calling repository can be referenced with just the path and filename (`PATH/FILENAME`). The called workflow will be from the same commit as the caller workflow. + + - heading: Self-hosted runners for GitHub Actions can now disable automatic updates + notes: + # https://github.com/github/releases/issues/2014 + - | + You now have more control over when your self-hosted runners perform software updates. If you specify the `--disableupdate` flag to the runner then it will not try to perform an automatic software update if a newer version of the runner is available. This allows you to update the self-hosted runner on your own schedule, and is especially convenient if your self-hosted runner is in a container. + + For compatibility with the GitHub Actions service, you will need to manually update your runner within 30 days of a new runner version being available. For instructions on how to install the latest runner version, please see the installation instructions for [the latest release in the runner repo](https://github.com/actions/runner/releases). + + - heading: Secure self-hosted runners for GitHub Actions by limiting workflows + notes: + # https://github.com/github/releases/issues/2013 + - | + Organization owners can now increase the security of CI/CD workflows on self-hosted runners by choosing which workflows can access a runner group. Previously, any workflow in a repository, such as an issue labeler, could access the self-hosted runners available to an organization. For more information, see "[Managing access to self-hosted runners using groups](/actions/hosting-your-own-runners/managing-access-to-self-hosted-runners-using-groups#changing-what-workflows-can-access-a-runner-group)" and the [GitHub Blog](https://github.blog/2022-03-23-github-actions-secure-self-hosted-runners-specific-workflows/). + + - heading: Prevent GitHub Actions from approving pull requests + notes: + # https://github.com/github/releases/issues/1959 + - | + You can now control whether GitHub Actions can approve pull requests. This feature protects against a user using GitHub Actions to satisfy the "Required approvals" branch protection requirement and merging a change that was not reviewed by another user. To prevent breaking existing workflows, **Allow GitHub Actions reviews to count towards required approval** is enabled by default. Organization owners can disable the feature in the organization's GitHub Actions settings. For more information, see "[Disabling or limiting GitHub Actions for your organization](/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#preventing-github-actions-from-approving-pull-requests)." + + - heading: Re-run failed or individual GitHub Actions jobs + notes: + # https://github.com/github/releases/issues/1503 + - | + You can now re-run only failed jobs or an individual job in a GitHub Actions workflow run. For more information, see "[Re-running workflows and jobs](/actions/managing-workflow-runs/re-running-workflows-and-jobs)." + + - heading: Dependency graph supports GitHub Actions + notes: + # https://github.com/github/releases/issues/1913 + - | + The dependency graph now detects YAML files for GitHub Actions workflows. GitHub Enterprise Server will display the workflow files within the **Insights** tab's dependency graph section. Repositories that publish actions will also be able to see the number of repositories that depend on that action from the "Used By" control on the repository homepage. For more information, see "[About the dependency graph](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph)." + + - heading: Security overview for enterprises in public beta + notes: + # https://github.com/github/releases/issues/2040 + - | + GitHub Advanced Security customers can now view an overview of security alerts at the enterprise level. The new **Security** tab at the enterprise level provides a repository-centric view of application security risks, as well as an alert-centric view of all secret scanning alerts. For more information, see "[About the security overview](/code-security/security-overview/about-the-security-overview)." + + - heading: Security view for organizations is generally available + notes: + # https://github.com/github/releases/issues/2096 + - | + The overview of security alerts at the organization level is now generally available. GitHub Advanced Security customers can use the security overview to view a repository-centric view of application security risks, or an alert-centric view of all code scanning, Dependabot, and secret scanning alerts for all repositories in an organization. For more information, see "[About the security overview](/code-security/security-overview/about-the-security-overview)." + + - heading: Code scanning detects more security issues, supports new language versions + notes: + # https://github.com/github/releases/issues/2097 + - | + Code scanning now detects a larger number of CWEs, and CodeQL code scanning fully supports the standard language features in the following language releases. + + - C# 10 / .NET 6 + - Python 3.10 + - Java 17 + - TypeScript 4.5 + + For more information, see the [GitHub Blog](https://github.blog/changelog/2022-02-25-code-scanning-detects-more-security-issues-supports-new-language-versions/). + + - heading: View code scanning alerts across an organization + notes: + # https://github.com/github/releases/issues/1792 + - | + GitHub Advanced Security customers can now view code scanning alerts in an organization's **Security** tab. This view is available to organization owners and members of teams with the [security manager role](/organizations/managing-peoples-access-to-your-organization-with-roles/managing-security-managers-in-your-organization). For more information, see "[About the security overview](/code-security/security-overview/about-the-security-overview)." + + # https://github.com/github/releases/issues/1763 + - | + Users can now retrieve code scanning alerts for an organization on your GitHub Enterprise Server instance via the REST API. This new API endpoint supplements the existing [endpoint for repositories](/rest/reference/code-scanning#list-code-scanning-alerts-for-a-repository). For more information, see [Code Scanning](/rest/code-scanning) in the REST API documentation. + + - heading: Secret scanning available as a push protection + notes: + # + - | + GitHub Enterprise Server can now block any pushes where a token is detected with high confidence. Developers can bypass the block by providing details of why the secret needs to be committed via a web UI. For more information, see "[Protecting pushes with secret scanning](/code-security/secret-scanning/protecting-pushes-with-secret-scanning)." + + - heading: Dry runs for custom patterns with secret scanning + notes: + # https://github.com/github/releases/issues/1703 + # https://github.com/github/releases/issues/2084 + - | + GitHub Advanced Security customers can now dry run custom secret scanning patterns at the organization or repository level. Dry runs allow people with owner or admin access to review and hone their patterns before publishing them and generating alerts. You can compose a pattern, then use **Save and dry run** to retrieve results. The scans typically take just a few seconds, but GitHub Enterprise Server will also notify organization owners or repository admins via email when dry run results are ready. For more information, see "[About secret scanning](/code-security/secret-scanning/about-secret-scanning#about-secret-scanning-for-private-repositories)" and "[Defining custom patterns for secret scanning](/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning)." + + - heading: Secret scanning custom pattern events now in the audit log + notes: + # https://github.com/github/releases/issues/2154 + - | + The audit log now includes events associated with secret scanning custom patterns. This data helps GitHub Advanced Security customers understand actions taken on their [repository](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization#repository_secret_scanning_custom_pattern-category-actions)-, [organization](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization#org_secret_scanning_custom_pattern-category-actions)-, or [enterprise](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/audit-log-events-for-your-enterprise#business_secret_scanning_custom_pattern-category-actions)-level custom patterns for security and compliance audits. For more information, see "[Reviewing the audit log for your organization](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization)" or "[Reviewing audit logs for your enterprise](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise)." + + - heading: Configure permissions for secret scanning with custom repository roles + notes: + # https://github.com/github/releases/issues/1909 + - | + You can now configure two new permissions for secret scanning when managing custom repository roles. + + - View secret scanning results + - Dismiss or reopen secret scanning results + + For more information, see "[Managing custom repository roles for an organization](/organizations/managing-peoples-access-to-your-organization-with-roles/managing-custom-repository-roles-for-an-organization)." + + - heading: Secret scanning now supports archived repositories + notes: + # https://github.com/github/releases/issues/2076 + - | + GitHub Advanced Security customers can now enable secret scanning for archived repositories via the UI and API. For more information, see "[About secret scanning](/code-security/secret-scanning/about-secret-scanning#about-secret-scanning-for-private-repositories)," "[About archived repositories](/repositories/archiving-a-github-repository/archiving-repositories)," and "[Repositories](/rest/repos/repos#update-a-repository)" in the REST API documentation. + + - heading: Secret scanning webhooks for alert locations + notes: + # https://github.com/github/releases/issues/2149 + - | + GitHub Advanced Security customers using secret scanning can now opt to receive a webhook each time a secret is detected in a new location. The `secret_scanning_alert_location` webhook event includes location details, like the commit SHA, and the associated alert for the detection. A location is created for every new file path containing the detected secret. For more information, see "[Webhook events and payloads](/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#secret_scanning_alert_location)." + + - heading: View Dependabot alerts across an organization + notes: + # https://github.com/github/releases/issues/1992 + - | + GitHub Advanced Security customers can now view Dependabot alerts in in an organization's **Security** tab. This view is available to organization owners and members of teams with the [security manager role](/organizations/managing-peoples-access-to-your-organization-with-roles/managing-security-managers-in-your-organization). For more information, see "[About the security overview](/code-security/security-overview/about-the-security-overview)." + + - heading: Configure permissions for Dependabot alerts with custom repository roles + notes: + # https://github.com/github/releases/issues/1958 + - | + You can now configure two new permissions for Dependabot alerts when managing custom repository roles. + + - View Dependabot alerts + - Dismiss or reopen Dependabot alerts + + For more information, see "[Managing custom repository roles for an organization](/organizations/managing-peoples-access-to-your-organization-with-roles/managing-custom-repository-roles-for-an-organization)." + + - heading: Reopen dismissed Dependabot alerts + notes: + # https://github.com/github/releases/issues/1923 + - | + You can now reopen dismissed Dependabot alerts through the UI page for a closed alert. This does not affect Dependabot pull requests or the GraphQL API. For more information, see "[About Dependabot alerts](/code-security/dependabot/dependabot-alerts/about-dependabot-alerts)." + + - heading: Pub support for Dependabot version updates is in public beta + notes: + # https://github.com/github/releases/issues/2086 + - | + Users of Dependabot version updates can now proactively update dependencies for Flutter or Dart projects that use the Pub package manager. + + To test [version updates](/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates) on your own Dart or Flutter repository, add the following configuration file in [.github/dependabot.yaml](/code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates#enabling-dependabot-version-updates). Note the `package-ecosystem: "pub"` and `enable-beta-ecosystems: true` flags. + ```yaml + version: 2 + enable-beta-ecosystems: true + updates: + - package-ecosystem: "pub" + directory: "/" + schedule: + interval: "weekly" + ``` + + - heading: See pull request associated with a repository's Dependabot alerts via GraphQL API + notes: + # https://github.com/github/releases/issues/2088 + - | + The new `DependabotUpdate` GraphQL object lets you view information about what happens to your repository's security updates. When GitHub Enterprise Server detects that a dependency in your repository is vulnerable, Dependabot will attempt to open a pull request to update that dependency to a non-vulnerable version. You can now see the pull request that fixes the vulnerability. In some cases, Dependabot fails to open a pull request. Previously, the error message that Dependabot generated was only visible in the "Dependabot Alerts" section of the **Security** tab. Now, if Dependabot runs into an error when trying to open a pull request for a security alert, you can determine the reason using the GraphQL API. For more information, see "[Objects](/graphql/reference/objects#dependabotupdate)" in the GraphQL API documentation. + + - heading: Access more information about Dependabot alerts via GraphQL API + notes: + # https://github.com/github/releases/issues/1922 + - | + You can now view fixed alerts from Dependabot with the GraphQL API. You can also access and filter by state, as well as by unique numeric identifier, and you can filter by state on the vulnerability alert object. The following fields now exist for a `RepositoryVulnerabilityAlert`. + + - `number` + - `fixed_at` + - `fix_reason` + - `state` + + For more information, see "[Objects](/graphql/reference/objects#repositoryvulnerabilityalert)" in the GraphQL API documentation. + + - heading: Git events in the enterprise audit log + notes: + # https://github.com/github/releases/issues/2205 + - | + The following Git-related events can now appear in the enterprise audit log. If you enable the feature and set an audit log retention period, the new events will be available for search via the UI and API, or export via JSON or CSV. + + - `git.clone` + - `git.fetch` + - `git.push` + + Due to the large number of Git events logged, we recommend you monitor your instance's file storage and review your related alert configurations. For more information, see "[Configuring the audit log for your enterprise](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/configuring-the-audit-log-for-your-enterprise#managing-git-events-in-the-audit-log)." + + - heading: Improvements to CODEOWNERS + notes: + # https://github.com/github/releases/issues/1994 + - | + This release includes improvements to CODEOWNERS. + + - Syntax errors are now surfaced when viewing a CODEOWNERS file from the web. Previously, when a line in a CODEOWNERS file had a syntax error, the error would be ignored or in some cases cause the entire CODEOWNERS file to not load. GitHub Apps and Actions can access the same list of errors using new REST and GraphQL APIs. For more information, see "[Repositories](/rest/repos/repos#list-codeowners-errors)" in the REST API documentation or "[Objects](/graphql/reference/objects#repositorycodeowners)" in the GraphQL API documentation. + - After someone creates a new pull request or pushes new changes to a draft pull request, any code owners that will be requested for review are now listed in the pull request under "Reviewers". This feature gives you an early look at who will be requested to review once the pull request is marked ready for review. + - Comments in CODEOWNERS files can now appear at the end of a line, not just on dedicated lines. + + For more information, see "[About code owners](/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners)." + + - heading: More ways to keep a pull request's topic branch up to date + notes: + # https://github.com/github/releases/issues/1566 + - | + The **Update branch** button on the pull request page lets you update your pull request's branch with the latest changes from the base branch. This is useful for verifying your changes are compatible with the current version of the base branch before you merge. Two enhancements now give you more ways to keep your branch up-to-date. + + - When your pull request's topic branch is out of date with the base branch, you now have the option to update it by rebasing on the latest version of the base branch. Rebasing applies the changes from your branch onto the latest version of the base branch, resulting in a branch with a linear history since no merge commit is created. To update by rebasing, click the drop down menu next to the **Update Branch** button, click **Update with rebase**, and then click **Rebase branch**. Previously, **Update branch** performed a traditional merge that always resulted in a merge commit in your pull request branch. This option is still available, but now you have the choice. For more information, see "[Keeping your pull request in sync with the base branch](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/keeping-your-pull-request-in-sync-with-the-base-branch)." + + - A new repository setting allows the **Update branch** button to always be available when a pull request's topic branch is not up to date with the base branch. Previously, this button was only available when the **Require branches to be up to date before merging** branch protection setting was enabled. People with admin or maintainer access can manage the **Always suggest updating pull request branches** setting from the **Pull Requests** section in repository settings. For more information, see "[Managing suggestions to update pull request branches](/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/managing-suggestions-to-update-pull-request-branches)." + + - heading: Configure custom HTTP headers for GitHub Pages sites + notes: + # https://github.com/github/releases/issues/2124 + - | + You can now configure custom HTTP headers that apply to all GitHub Pages sites served from your GitHub Enterprise Server instance. For more information, see "[Configuring GitHub Pages for your enterprise](/admin/configuration/configuring-your-enterprise/configuring-github-pages-for-your-enterprise#configuring-github-pages-response-headers-for-your-enterprise)." + + - heading: Ignore commits in blame view + notes: + # https://github.com/github/releases/issues/2090 + - | + It's now possible to ignore revisions in the blame view by creating a _.git-blame-ignore-revs_ file in the root of your repository. For more information, see "[Viewing a file](/repositories/working-with-files/using-files/viewing-a-file#ignore-commits-in-the-blame-view)." + + - heading: Light high contrast theme is generally available + notes: + # https://github.com/github/releases/issues/2011 + - | + A light high contrast theme, with greater contrast between foreground and background elements, is now generally available. For more information, see "[Managing your theme settings](/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/managing-your-theme-settings)." + + - heading: Tag protection rules + notes: + # https://github.com/github/releases/issues/1793 + - | + Repository owners can now configure tag protection rules to protect a repository's tags. Once protected by a tag protection rule, tags matching a specified name pattern can only be created and deleted by users with the Maintain or Admin role in the repository. For more information, see "[Configuring tag protection rules](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/configuring-tag-protection-rules)." + + bugs: + # https://github.com/github/releases/issues/1934 + - | + It is now possible for GitHub Apps to upload release assets. + + changes: + # https://github.com/github/releases/issues/2063 + - | + To use the device authorization flow for OAuth and GitHub Apps, you must manually enable the feature. This change reduces the likelihood of apps being used in phishing attacks against GitHub Enterprise Server users by ensuring integrators are aware of the risks and make a conscious choice to support this form of authentication. If you own or manage an OAuth App or GitHub App and you want to use the device flow, you can enable it for your app via the app's settings page. The device flow API endpoints will respond with status code `400` to apps that have not enabled this feature. For more information, see "[Authorizing OAuth Apps](/developers/apps/building-oauth-apps/authorizing-oauth-apps#device-flow)." + + # https://github.com/github/releases/issues/2049 + - | + The code scanning alert page now always shows the alert status and information for the default branch. There is a new "Affected branches" panel in the sidebar where you can see the status of the alert in other branches. If the alert does not exist in your default branch, the alert page will show the status as "In branch" or "In pull request" for the location where the alert was last seen. This improvement makes it easier to understand the status of alerts which have been introduced into your code base. For more information, see "[About code scanning alerts](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-alerts#about-alert-details)." + + The alert list page is not changed and can be filtered by `branch`. You can use the code scanning API to retrieve more detailed branch information for alerts. For more information, see "[Code Scanning](/rest/code-scanning)" in the REST API documentation. + + # https://github.com/github/releases/issues/2050 + - | + Code scanning now shows the details of the analysis origin of an alert. If an alert has more than one analysis origin, it is shown in the "Affected branches" sidebar and in the alert timeline. You can hover over the analysis origin icon in the "Affected branches" sidebar to see the alert status in each analysis origin. If an alert only has a single analysis origin, no information about analysis origins is displayed on the alert page. These improvements will make it easier to understand your alerts. In particular, it will help you understand those that have multiple analysis origins. This is especially useful for setups with multiple analysis configurations, such as monorepos. For more information, see "[About code scanning alerts](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-alerts#about-analysis-origins)." + + # https://github.com/github/releases/issues/2071 + - | + Lists of repositories owned by a user or organization now have an additional filter option, "Templates", making it easier to find template repositories. + + # https://github.com/github/releases/issues/1947 + - | + GitHub Enterprise Server can display several common image formats, including PNG, JPG, GIF, PSD, and SVG, and provides several ways to compare differences between versions. Now when reviewing added or changed images in a pull request, previews of those images are shown by default. Previously, you would see a message indicating that binary files could not be shown and you would need to toggle the "Display rich diff" option. For more information, see "[Working with non-code files](/repositories/working-with-files/using-files/working-with-non-code-files)." + + # https://github.com/github/releases/issues/2054 + - | + New gists are now created with a default branch name of either `main` or the alternative default branch name defined in your user settings. This matches how other repositories are created on GitHub Enterprise Server. For more information, see "[About branches](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/about-branches#about-the-default-branch)" and "[Managing the default branch name for your repositories](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-personal-account-settings/managing-the-default-branch-name-for-your-repositories)." + + # https://github.com/github/releases/issues/2028 + - | + Gists now only show the 30 most recent comments when first displayed. You can click **Load earlier comments...** to view more. This allows gists that have many comments to appear more quickly. For more information, see "[Editing and sharing content with gists](/get-started/writing-on-github/editing-and-sharing-content-with-gists)." + + # https://github.com/github/releases/issues/2036 + - | + Settings pages for users, organizations, repositories, and teams have been redesigned, grouping similar settings pages into sections for improved information architecture and discoverability. For more information, see the [GitHub changelog](https://github.blog/changelog/2022-02-02-redesign-of-githubs-settings-pages/). + + # https://github.com/github/releases/issues/2129 + - | + Focusing or hovering over a label now displays the label description in a tooltip. + + # https://github.com/github/releases/issues/1983 + - | + Creating and removing repository invitations, whether done through the API or web interface, are now subject to rate limits that may be enabled on your GitHub Enterprise Server instance. For more information about rate limits, see "[Configuring rate limits](/admin/configuration/configuring-your-enterprise/configuring-rate-limits)." + + # https://github.com/github/releases/issues/2291 + - | + MinIO has announced the removal of the MinIO Gateways starting June 1st, 2022. While MinIO Gateway for NAS continues to be one of the supported storage providers for Github Actions and Github Packages, we recommend moving to MinIO LTS support to avail support and bug fixes from MinIO. For more information about rate limits, see "[Scheduled removal of MinIO Gateway for GCS, Azure, HDFS in the minio/minio repository](https://github.com/minio/minio/issues/14331)." + + + deprecations: + - heading: Change to the format of authentication tokens + notes: + # https://github.com/github/releases/issues/1235 + - | + GitHub Connect will no longer work after June 3rd for instances running GitHub Enterprise Server 3.1 or older, due to the format of GitHub authentication tokens changing. For more information, see the [GitHub changelog](https://github.blog/changelog/2021-03-31-authentication-token-format-updates-are-generally-available/). + + - heading: CodeQL runner deprecated in favor of CodeQL CLI + notes: + # https://github.com/github/releases/issues/1632 + - | + The CodeQL runner is deprecated in favor of the CodeQL CLI. GitHub Enterprise Server 3.4 and later no longer include the CodeQL runner. This deprecation only affects users who use CodeQL code scanning in 3rd party CI/CD systems. GitHub Actions users are not affected. GitHub strongly recommends that customers migrate to the CodeQL CLI, which is a feature-complete replacement for the CodeQL runner and has many additional features. For more information, see "[Migrating from the CodeQL runner to CodeQL CLI](/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/migrating-from-the-codeql-runner-to-codeql-cli)." + + - heading: Theme picker for GitHub Pages has been removed + notes: + - | + The theme picker for GitHub Pages has been removed from the Pages settings. For more information about configuration of themes for GitHub Pages, see "[Adding a theme to your GitHub Pages site using Jekyll](/pages/setting-up-a-github-pages-site-with-jekyll/adding-a-theme-to-your-github-pages-site-using-jekyll)." + + known_issues: + - On a freshly set up {% data variables.product.prodname_ghe_server %} instance without any users, an attacker could create the first admin user. + - Custom firewall rules are removed during the upgrade process. + - Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. + - Issues cannot be closed if they contain a permalink to a blob in the same repository, where the blob's file path is longer than 255 characters. + - When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. + - The {% data variables.product.prodname_registry %} npm registry no longer returns a time value in metadata responses. This was done to allow for substantial performance improvements. We continue to have all the data necessary to return a time value as part of the metadata response and will resume returning this value in the future once we have solved the existing performance issues. + - Resource limits that are specific to processing pre-receive hooks may cause some pre-receive hooks to fail. + - Actions services need to be restarted after restoring an appliance from a backup taken on a different host. diff --git a/translations/zh-CN/data/release-notes/enterprise-server/3-5/4.yml b/translations/zh-CN/data/release-notes/enterprise-server/3-5/4.yml new file mode 100644 index 0000000000..8a687f91ff --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/3-5/4.yml @@ -0,0 +1,30 @@ +date: '2022-08-11' +sections: + security_fixes: + - | + **CRITICAL**: GitHub Enterprise Server's Elasticsearch container used a version of OpenJDK 8 that was vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. The vulnerability is tracked as [CVE-2022-34169](https://github.com/advisories/GHSA-9339-86wc-4qgf). + - | + **HIGH**: Previously installed apps on user accounts were automatically granted permission to access an organization on scoped access tokens after the user account was transformed into an organization account. This vulnerability was reported via the [GitHub Bug Bounty program](https://bounty.github.com). + bugs: + - In some cases, GitHub Enterprise Server instances on AWS that used the `r4.4xlarge` instance type would fail to boot. + - In some cases, UI elements within a pull request's **Files changed** tab could overlap. + - When a custom dormancy threshold was set for the instance, suspending all dormant users did not reliably respect the threshold. For more information about dormancy, see "[Managing dormant users](/admin/user-management/managing-users-in-your-enterprise/managing-dormant-users)." + - When calculating committers for GitHub Advanced Security, it was not possible to specify individual repositories. For more information, see "[Site admin dashboard](/admin/configuration/configuring-your-enterprise/site-admin-dashboard#advanced-security-committers)." + - In some cases, Elasticsearch's post-upgrade `es:upgrade` process could crash before completion. + - The script for migration to internal repositories failed to convert the visibility for public repositories to internal or private. For more information about the migration, see "[Migrating to internal repositories](/admin/user-management/managing-repositories-in-your-enterprise/migrating-to-internal-repositories)." + - Detection of GitHub Actions workflow files for the dependency graph was unavailable in GitHub Enterprise Server 3.5.0, 3.5.1, 3.5.2, and 3.5.3, but is now available in 3.5.4. For more information, see "[About the dependency graph](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph#supported-package-ecosystems)." + - The ability to reopen dismissed Dependabot alerts was unavailable in GitHub Enterprise Server 3.5.0, 3.5.1, 3.5.2, and 3.5.3, but is now available in 3.5.4. For more information, see "[Viewing and updating Dependabot alerts](/code-security/dependabot/dependabot-alerts/viewing-and-updating-dependabot-alerts#viewing-and-updating-closed-alerts)." + - The ability to always suggest updates from the base branch to a pull request's HEAD was unavailable in GitHub Enterprise Server 3.5.0, 3.5.1, 3.5.2, and 3.5.3, but is now available in 3.5.4. For more information, see "[Managing suggestions to update pull request branches](/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/managing-suggestions-to-update-pull-request-branches)." + - The light high contrast theme was unavailable in GitHub Enterprise Server 3.5.0, 3.5.1, 3.5.2, and 3.5.3, but is now available in 3.5.4. For more information, see "[Managing your theme settings](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-personal-account-settings/managing-your-theme-settings)." + changes: + - '`pre_receive_hook.rejected_push` events were not displayed in the enterprise audit log.' + known_issues: + - On a freshly set up {% data variables.product.prodname_ghe_server %} instance without any users, an attacker could create the first admin user. + - Custom firewall rules are removed during the upgrade process. + - Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. + - Issues cannot be closed if they contain a permalink to a blob in the same repository, where the blob's file path is longer than 255 characters. + - When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. + - The {% data variables.product.prodname_registry %} npm registry no longer returns a time value in metadata responses. This was done to allow for substantial performance improvements. We continue to have all the data necessary to return a time value as part of the metadata response and will resume returning this value in the future once we have solved the existing performance issues. + - Resource limits that are specific to processing pre-receive hooks may cause some pre-receive hooks to fail. + - Actions services need to be restarted after restoring an appliance from a backup taken on a different host. + - '{% data reusables.release-notes.ghas-3.4-secret-scanning-known-issue %}' diff --git a/translations/zh-CN/data/release-notes/enterprise-server/3-5/5.yml b/translations/zh-CN/data/release-notes/enterprise-server/3-5/5.yml new file mode 100644 index 0000000000..b7f41bbb96 --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/3-5/5.yml @@ -0,0 +1,27 @@ +date: '2022-08-30' +sections: + bugs: + - 解锁存储库以进行临时访问后,站点管理员无法管理存储库中安全产品的设置。 + - 管理控制台和 `/home/admin/.ssh/authorized_keys` 文件中可能会出现重复的管理 SSH 密钥。 + - "http(s)://HOSTNAME/stafftools/users/USERNAME/admin 的个人用户的站点管理员页面包含不适用于 GitHub Enterprise Server 的功能。" + - 在某些情况下,运行 `ghe-cluster-config-apply` 可以将空配置复制到群集中的现有节点。 + - 在某些情况下,以 `ghe-config-apply` 开始的配置运行未完成,或返回了 `Container count mismatch` 错误。 + - 在 GitHub Enterprise Server 实例上更新自签名 TLS 证书后,Web 界面中某些页面上的 UI 元素没有显示。 + - Web 界面顶部的站点管理员栏包含指向当前正在运行的应用程序版本的 SHA 的断开链接。 + - 在某些情况下,尽管不是线程安全的,但由于同时使用的库,可能会导致后台任务停止。 + - 如果站点管理员没有直接升级到 GitHub Enterprise Server 3.4,则 Web UI 和 REST API 中缺少来自 GitHub Advanced Security 客户的机密扫描的警报。警报现在可见。 + - 当用户将存储库分叉到组织中时,一长串组织将无法正确呈现。 + changes: + - "由于并行日志清理,支持包的生成速度更快。有关支持包的详细信息,请参阅“[将数据提供给 GitHub 支持](/support/contacting-github-support/providing-data-to-github-support)”。" + - "包含 `organization` 或 `org` 路由的 API 现在接受组织的 slug 或 ID。以前,API 只接受 slug,这导致 GitHub Advanced Security 终结点的 `Link` 标头无法访问。有关详细信息,请参阅 REST API 文档中的“[组织](https://docs.github.com/rest/orgs/orgs)”。" + - "企业审核日志现在包含更多用户生成的事件,例如 `project.create`。REST API 还返回其他用户生成的事件,例如 `repo.create`。有关详细信息,请参阅“[访问企业的审核日志](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/accessing-the-audit-log-for -your-enterprise)”和“[使用企业的审核日志 API](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/using-the-audit- log-api-for-your-enterprise#querying-the-audit-log-rest-api)”。" + - "在某些情况下,缓存副本可能会拒绝对最近更新的存储库的某些 Git 操作。有关存储库缓存的详细信息,请参阅“[关于存储库缓存](/admin/enterprise-management/caching-repositories/about-repository-caching)”。" + known_issues: + - "在新建的没有任何用户的 {% data variables.product.prodname_ghe_server %} 实例上,攻击者可以创建第一个管理员用户。" + - 自定义防火墙规则在升级过程中被删除。 + - "[通过 Web 界面上传](https://github.com/blog/2105-upload-files-to-your-repositories)的 Git LFS 跟踪文件被错误地直接添加到存储库。" + - 如果问题包含指向同一存储库中 Blob 的永久链接,且 Blob 的文件路径长度超过 255 个字符,则无法关闭问题。 + - 在 GitHub Connect 中启用了“用户可以搜索 GitHub.com”时,专用和内部存储库中的问题不包括在 GitHub.com 搜索结果中。 + - "{% data variables.product.prodname_registry %} npm 注册表不再在元数据响应中返回时间值。这样可以大幅改善性能。作为元数据响应的一部分,我们继续拥有返回时间值所需的所有数据,并将在我们解决现有性能问题后恢复返回这个值。" + - 特定于处理预接收挂钩的资源限制可能会导致某些预接收挂钩失败。 + - 从不同主机上的备份恢复设备后,需要重新启动操作服务。 diff --git a/translations/zh-CN/data/release-notes/enterprise-server/3-6/0-rc1.yml b/translations/zh-CN/data/release-notes/enterprise-server/3-6/0-rc1.yml new file mode 100644 index 0000000000..fc7707911b --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/3-6/0-rc1.yml @@ -0,0 +1,298 @@ +date: '2022-07-26' +release_candidate: true +deprecated: true +intro: | + {% note %} + + **Note:** If {% data variables.product.product_location %} is running a release candidate build, you can't upgrade with a hotpatch. We recommend that you only run release candidates in a test environment. + + {% endnote %} + + For upgrade instructions, see "[Upgrading {% data variables.product.prodname_ghe_server %}](/admin/enterprise-management/updating-the-virtual-machine-and-physical-resources/upgrading-github-enterprise-server)." +sections: + features: + - heading: Infrastructure + notes: + # https://github.com/github/releases/issues/2002 + - | + Repository caching is generally available. Repository caching increases Git read performance for distributed developers, providing the data locality and convenience of geo-replication without impact on push workflows. With the general availability release, GitHub Enterprise Server caches both Git and Git LFS data. For more information, see "[About repository caching](/admin/enterprise-management/caching-repositories/about-repository-caching)." + + - heading: Instance security + notes: + # https://github.com/github/releases/issues/1569 + - | + GitHub has changed the supported algorithms and hash functions for all SSH connections to GitHub Enterprise Server, disabled the unencrypted and unauthenticated Git protocol, and optionally allowed the advertisement of an Ed25519 host key. For more information, see the [GitHub Blog](https://github.blog/2022-06-28-improving-git-protocol-security-on-github-enterprise-server/) and the following articles. + + - "[Configuring SSH connections to your instance](/admin/configuration/configuring-your-enterprise/configuring-ssh-connections-to-your-instance)" + - "[Enforcing repository management policies in your enterprise](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#configuring-anonymous-git-read-access)" + - "[Configuring host keys for your instance](/admin/configuration/configuring-your-enterprise/configuring-host-keys-for-your-instance)" + + # https://github.com/github/releases/issues/2341 + - | + You can require TLS encryption for incoming SMTP connections to your instance. For more information, see "[Configuring email for notifications](/admin/configuration/configuring-your-enterprise/configuring-email-for-notifications)." + + - heading: Audit logs + notes: + # https://github.com/github/releases/issues/1438 + - | + You can stream audit log and Git events for your instance to Amazon S3, Azure Blob Storage, Azure Event Hubs, Google Cloud Storage, or Splunk. Audit log streaming is in public beta and subject to change. For more information, see "[Streaming the audit log for your enterprise](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/streaming-the-audit-log-for-your-enterprise)." + + - heading: GitHub Connect + notes: + # https://github.com/github/releases/issues/2306 + - | + Server Statistics is now generally available. Server Statistics collects aggregate usage data from your GitHub Enterprise Server instance, which you can use to better anticipate the needs of your organization, understand how your team works, and show the value you get from GitHub Enterprise Server. For more information, see "[About Server Statistics](/admin/monitoring-activity-in-your-enterprise/analyzing-how-your-team-works-with-server-statistics/about-server-statistics)." + + - heading: Administrator experience + notes: + # https://github.com/github/releases/issues/2351 + - | + Enterprise owners can join organizations on the instance as a member or owner from the enterprise account's **Organizations** page. For more information, see "[Managing your role in an organization owned by your enterprise](/admin/user-management/managing-organizations-in-your-enterprise/managing-your-role-in-an-organization-owned-by-your-enterprise)." + + # https://github.com/github/releases/issues/2221 + - | + Enterprise owners can allow users to dismiss the configured global announcement banner. For more information, see "[Customizing user messages for your enterprise](/admin/user-management/managing-users-in-your-enterprise/customizing-user-messages-for-your-enterprise#creating-a-global-announcement-banner)." + + - heading: GitHub Advanced Security + notes: + # https://github.com/github/releases/issues/2321 + - | + Users on an instance with a GitHub Advanced Security license can opt to receive a webhook event that triggers when an organization owner or repository administrator enables or disables a code security or analysis feature. For more information, see the following documentation. + + - "[Webhook events and payloads](/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#security_and_analysis)" in the webhook documentation + - "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization)" + - "[Managing security and analysis features for your repository](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository)" + + # https://github.com/github/releases/issues/2191 + - | + Users on an instance with a GitHub Advanced Security license can optionally add a comment when dismissing a code scanning alert in the web UI or via the REST API. Dismissal comments appear in the event timeline. Users can also add or retrieve a dismissal comment via the REST API. For more information, see "[Triaging code scanning alerts in pull requests](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/triaging-code-scanning-alerts-in-pull-requests#dismissing-an-alert-on-your-pull-request)" and "[Code Scanning](/rest/code-scanning#update-a-code-scanning-alert)" in the REST API documentation. + + # https://github.com/github/releases/issues/2228 + - | + On instances with a GitHub Advanced Security license, secret scanning prevents the leak of secrets in the web editor. For more information, see "[Protecting pushes with secret scanning](/code-security/secret-scanning/protecting-pushes-with-secret-scanning#using-secret-scanning-as-a-push-protection-from-the-web-ui)." + + # https://github.com/github/releases/issues/2318 + # https://github.com/github/releases/issues/2277 + - | + Enterprise owners and users on an instance with a GitHub Advanced Security license can view secret scanning alerts and bypasses of secret scanning's push protection in the enterprise and organization audit logs, and via the REST API. For more information, see the following documentation. + + - "[Protecting pushes with secret scanning](/code-security/secret-scanning/protecting-pushes-with-secret-scanning)" + - "[Audit log events for your enterprise](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/audit-log-events-for-your-enterprise#secret_scanning_push_protection-category-actions)" + - "[Reviewing the audit log for your organization](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization#secret_scanning_push_protection-category-actions)" + - "[Secret Scanning](/rest/secret-scanning#list-secret-scanning-alerts-for-an-enterprise)" in the REST API documentation + + # https://github.com/github/releases/issues/2230 + # https://github.com/github/releases/issues/2317 + - | + Enterprise owners on an instance with a GitHub Advanced Security license can perform dry runs of custom secret scanning patterns for the enterprise, and all users can perform dry runs when editing a pattern. Dry runs allow you to understand a pattern's impact across the entire instance and hone the pattern before publication and generation of alerts. For more information, see "[Defining custom patterns for secret scanning](/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning)." + + # https://github.com/github/releases/issues/2236 + - | + Users on an instance with a GitHub Advanced Security license can use `sort` and `direction` parameters in the REST API when retrieving secret scanning alerts, and sort based on the alert’s `created` or `updated` fields. The new parameters are available for the entire instance, or for individual organizations or repositories. For more information, see the following documentation. + + - "[List secret scanning alerts for an enterprise](/rest/secret-scanning#list-secret-scanning-alerts-for-an-enterprise)" + - "[List secret scanning alerts for an organization](/rest/secret-scanning#list-secret-scanning-alerts-for-an-organization)" + - "[List secret scanning alerts for a repository](/rest/secret-scanning#list-secret-scanning-alerts-for-a-repository)" + - "[Secret Scanning](/rest/secret-scanning)" in the REST API documentation + + # https://github.com/github/releases/issues/2263 + - | + The contents of the `github/codeql-go` repository have moved to the `github/codeql` repository, to live alongside similar libraries for all other programming languages supported by CodeQL. The open-source CodeQL queries, libraries, and extractor for analyzing codebases written in the Go programming language with GitHub's CodeQL code analysis tools can now be found in the new location. For more information, including guidance on migrating your existing workflows, see [github/codeql-go#741](https://github.com/github/codeql-go/issues/741). + + - heading: Dependabot + notes: + # https://github.com/github/releases/issues/2256 + - | + Enterprise owners on instances with a GitHub Advanced Security license can see an overview of Dependabot alerts for the entire instance, including a repository-centric view of application security risks, and an alert-centric view of all secret scanning and Dependabot alerts. The views are in beta and subject to change, and alert-centric views for code scanning are planned for a future release of GitHub Enterprise Server. For more information, see "[Viewing the security overview](/code-security/security-overview/viewing-the-security-overview#viewing-the-security-overview-for-an-enterprise)." + + # https://github.com/github/releases/issues/2160 + - | + Users can select multiple Dependabot alerts, then dismiss or reopen or dismiss the alerts. For example, from the **Closed alerts** tab, you can select multiple alerts that have been previously dismissed, and then reopen them all at once. For more information, see "[About Dependabot alerts](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies)." + + # https://github.com/github/releases/issues/2232 + - | + Dependabot updates `@types` dependencies alongside corresponding packages in TypeScript projects. Before this change, users would see separate pull requests for a package and the corresponding `@types` package. This feature is automatically enabled for repositories containing `@types` packages in the project's `devDependencies` within the _package.json_ file. You can disable this behavior by setting the [`ignore`](/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#ignore) field in your `dependabot.yml` file to `@types/*`. For more information, see "[About Dependabot version updates](/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates)" and "[Configuration options for the _dependabot.yml_ file](/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file)." + + - heading: Code security + notes: + # https://github.com/github/releases/issues/2098 + # https://github.com/github/releases/issues/2282 + - | + GitHub Actions can enforce dependency reviews on users' pull requests by scanning for dependencies, and will warn users about associated security vulnerabilities. The `dependency-review-action` action is supported by a new API endpoint that diffs the dependencies between any two revisions. For more information, see "[About dependency review](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#dependency-review-enforcement)." + + # https://github.com/github/releases/issues/2243 + - | + The dependency graph detects _Cargo.toml_ and _Cargo.lock_ files for Rust. These files will be displayed in the **Dependency graph** section of the **Insights** tab. Users will receive Dependabot alerts and updates for vulnerabilities associated with their Rust dependencies. Package metadata, including mapping packages to repositories, will be added at a later date. For more information, see "[About the dependency graph](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph)." + + # https://github.com/github/releases/issues/1766 + - | + If GitHub Connect is enabled for your instance, users can contribute an improvement to a security advisory in the [GitHub Advisory Database](https://github.com/advisories). To contribute, click **Suggest improvements for this vulnerability** while viewing an advisory's details. For more information, see the following articles. + + - "[Managing GitHub Connect](/admin/configuration/configuring-github-connect/managing-github-connect)" + - "[Browsing security vulnerabilities in the GitHub Advisory Database](/enterprise-cloud@latest/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/browsing-security-vulnerabilities-in-the-github-advisory-database)" in the GitHub Enterprise Cloud documentation + - "[About GitHub Security Advisories for repositories](/enterprise-cloud@latest/code-security/repository-security-advisories/about-github-security-advisories-for-repositories)" in the GitHub Enterprise Cloud documentation + - "[Editing security advisories in the GitHub Advisory Database](/enterprise-cloud@latest/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/editing-security-advisories-in-the-github-advisory-database)" in the GitHub Enterprise Cloud documentation + + - heading: GitHub Actions + notes: + # https://github.com/github/releases/issues/2159 + - | + Within a workflow that calls a reusable workflow, users can pass the secrets to the reusable workflow with `secrets: inherit`. For more information, see "[Reusing workflows](/actions/using-workflows/reusing-workflows#using-inputs-and-secrets-in-a-reusable-workflow)." + + # https://github.com/github/releases/issues/2102 + - | + When using GitHub Actions, to reduce the risk of merging a change that was not reviewed by another person into a protected branch, enterprise owners and repository administrators can prevent Actions from creating pull requests. Organization owners could previously enable this restriction. For more information, see the following articles. + + - "[Enforcing policies for GitHub Actions in your enterprise](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise#preventing-github-actions-from-creating-or-approving-pull-requests)" + - "[Disabling or limiting GitHub Actions for your organization](/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#preventing-github-actions-from-creating-or-approving-pull-requests)" + - "[Managing GitHub Actions settings for a repository](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#preventing-github-actions-from-creating-or-approving-pull-requests)" + + # https://github.com/github/releases/issues/2155 + - | + Users can write a single workflow triggered by `workflow_dispatch` and `workflow_call`, and use the `inputs` context to access input values. Previously, `workflow_dispatch` inputs were in the event payload, which increased difficulty for workflow authors who wanted to write one workflow that was both reusable and manually triggered. For workflows triggered by `workflow_dispatch`, inputs are still available in the `github.event.inputs` context to maintain compatibility. For more information, see "[Contexts](/actions/learn-github-actions/contexts#inputs-context)." + + # https://github.com/github/releases/issues/2103 + - | + To summarize the result of a job, users can generate Markdown and publish the contents as a job summary. For example, after running tests with GitHub Actions, a summary can provide an overview of passed, failed, or skipped tests, potentially reducing the need to review the full log output. For more information, see "[Workflow commands for GitHub Actions](/actions/using-workflows/workflow-commands-for-github-actions#adding-a-job-summary)." + + # https://github.com/github/releases/issues/2161 + - | + To more easily diagnose job execution failures during a workflow re-run, users can enable debug logging, which outputs information about a job's execution and environment. For more information, see "[Re-running workflows and jobs](/actions/managing-workflow-runs/re-running-workflows-and-jobs)" and "[Using workflow run logs](/actions/monitoring-and-troubleshooting-workflows/using-workflow-run-logs#viewing-logs-to-diagnose-failures)." + + # https://github.com/github/releases/issues/2140 + - | + If you manage self-hosted runners for GitHub Actions, you can ensure a consistent state on the runner itself before and after a workflow run by defining scripts to execute. By using scripts, you no longer need to require that users manually incorporate these steps into workflows. Pre- and post-job scripts are in beta and subject to change. For more information, see "[Running scripts before or after a job](/actions/hosting-your-own-runners/running-scripts-before-or-after-a-job)." + + - heading: GitHub Packages + notes: + # https://github.com/github/releases/issues/2334 + - | + Enterprise owners can migrate container images from the GitHub Docker registry to the GitHub Container registry. The Container registry provides the following benefits. + + - Improves the sharing of containers within an organization + - Allows the application of granular access permissions + - Permits the anonymous sharing of public container images + - Implements OCI standards for hosting Docker images + + The Container registry is in beta and subject to change. For more information, see "[Migrating your enterprise to the Container registry from the Docker registry](/admin/packages/migrating-your-enterprise-to-the-container-registry-from-the-docker-registry)." + + - heading: Community experience + notes: + # https://github.com/github/releases/issues/2113 + - | + GitHub Discussions is available for GitHub Enterprise Server. GitHub Discussions provides a central gathering space to ask questions, share ideas, and build connections. For more information, see "[GitHub Discussions](/discussions)." + + # https://github.com/github/releases/issues/2259 + - | + Enterprise owners can configure a policy to control whether people's usernames or full names are displayed within internal or public repositories. For more information, see "[Enforcing repository management policies in your enterprise](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-the-display-of-member-names-in-your-repositories)." + + - heading: Organizations + notes: + # https://github.com/github/releases/issues/2019 + - | + Users can create member-only READMEs for an organization. For more information, see "[Customizing your organization's profile](/organizations/collaborating-with-groups-in-organizations/customizing-your-organizations-profile)." + + # https://github.com/github/releases/issues/2234 + - | + Organization owners can pin a repository to an organization's profile directly from the repository via the new **Pin repository** dropdown. Pinned public repositories appear to all users of your instance, while public, private, and internal repositories are only visible to organization members. + + - heading: Repositories + notes: + # https://github.com/github/releases/issues/2214 + - | + While creating a fork, users can customize the fork's name. For more information, see "[Fork a repo](/get-started/quickstart/fork-a-repo)." + + # https://github.com/github/releases/issues/1973 + - | + Users can block creation of branches that match a configured name pattern with the **Restrict pushes that create matching branches** branch protection rule. For example, if a repository's default branch changes from `master` to `main`, a repository administrator can prevent any subsequent creation or push of the `master` branch. For more information, see + "[About protected branches](/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/about-protected-branches#restrict-who-can-push-to-matching-branches)" and "[Managing a branch protection rule](/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/managing-a-branch-protection-rule#creating-a-branch-protection-rule)." + + # https://github.com/github/releases/issues/2179 + - | + Users can create a branch directly from a repository's **Branches** page by clicking the **New branch**. For more information, see "[Creating and deleting branches within your repository](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-and-deleting-branches-within-your-repository)." + + # https://github.com/github/releases/issues/2220 + - | + Users can delete a branch that's associated with an open pull request. For more information, see "[Creating and deleting branches within your repository](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-and-deleting-branches-within-your-repository)." + + # https://github.com/github/releases/issues/2118 + - | + Repositories with multiple licenses display all of the licenses in the "About" sidebar on the {% octicon "code" aria-label="The code icon" %} **Code** tab. For more information, see "[Licensing a repository](/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/licensing-a-repository)." + + # https://github.com/github/releases/issues/2233 + - When a user renames or moves a file to a new directory, if at least half of the file's contents are identical, the commit history indicates that the file was renamed, similar to `git log --follow`. For more information, see the [GitHub Blog](https://github.blog/changelog/2022-06-06-view-commit-history-across-file-renames-and-moves/). + + # https://github.com/github/releases/issues/2093 + - | + Users can require a successful deployment of a branch before anyone can merge the pull request associated with the branch. For more information, see "[About protected branches](/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/about-protected-branches#require-deployments-to-succeed-before-merging)" and "[Managing a branch protection rule](/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/managing-a-branch-protection-rule)." + + # https://github.com/github/releases/issues/2073 + - | + Enterprise owners can prevent organization owners from inviting collaborators to repositories on the instance. For more information, see "[Enforcing a policy for inviting collaborators to repositories](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-inviting-collaborators-to-repositories)." + + # https://github.com/github/releases/issues/2173 + - | + Users can grant exceptions to GitHub Apps for any branch protection rule that supports exceptions. For more information, see "[About apps](/developers/apps/getting-started-with-apps/about-apps)" and "[Managing a branch protection rule](/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/managing-a-branch-protection-rule)." + + - heading: Commits + notes: + # https://github.com/github/releases/issues/2306 + - | + For public GPG signing keys that are expired or revoked, GitHub Enterprise Server verifies Git commit signatures and show commits as verified if the user made the commit while the key was still valid. Users can also upload expired or revoked GPG keys. For more information, see "[About commit signature verification](/authentication/managing-commit-signature-verification/about-commit-signature-verification)." + + # https://github.com/github/releases/issues/1977 + - | + To affirm that a commit complies with the rules and licensing governing a repository, organization owners and repository administrators can now require developers to sign off on commits made through the web interface. For more information, see "[Managing the commit signoff policy for your organization](/organizations/managing-organization-settings/managing-the-commit-signoff-policy-for-your-organization)" and "[Managing the commit signoff policy for your repository](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/managing-the-commit-signoff-policy-for-your-repository)." + + - heading: Pull requests + notes: + # https://github.com/github/releases/issues/2261 + - | + Using the file tree located in the **Files changed** tab of a pull request, users can navigate modified files, understand the size and scope of changes, and focus reviews. The file tree appears if a pull request modifies at least two files, and the browser window is sufficiently wide. For more information, see "[Reviewing proposed changes in a pull request](/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-proposed-changes-in-a-pull-request)" and "[Filtering files in a pull request](/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/filtering-files-in-a-pull-request)." + + # https://github.com/github/releases/issues/2167 + - | + Users can default to using pull requests titles as the commit message for all squash merges. For more information, see "[Configuring commit squashing for pull requests](/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/configuring-commit-squashing-for-pull-requests)." + + - heading: Releases + notes: + # https://github.com/github/releases/issues/2281 + - | + When viewing the details for a particular release, users can see the creation date for each release asset. For more information, see "[Viewing your repository's releases and tags](/repositories/releasing-projects-on-github/viewing-your-repositorys-releases-and-tags)." + + # https://github.com/github/releases/issues/2279 + - While creating a release with automatically generated release notes, users can see the tag identified as the previous release, then choose to select a different tag to specify as the previous release. For more information, see "[Automatically generated release notes](/repositories/releasing-projects-on-github/automatically-generated-release-notes)." + + - heading: Markdown + notes: + # https://github.com/github/releases/issues/2260 + - | + Editing Markdown in the web interface has been improved. + + - After a user selects text and pastes a URL, the selected text will become a Markdown link to the pasted URL. + - When a user pastes spreadsheet cells or HTML tables, the resulting text will render as a table. + - When a user copies text containing links, the pasted text will include the link as a Markdown link. + + For more information, see "[Basic writing and formatting syntax](/get-started/writing-on-github/getting-started-with-writing-and-formatting-on-github/basic-writing-and-formatting-syntax#links)." + + # https://github.com/github/releases/issues/2258 + - | + When editing a Markdown file in the web interface, clicking the **Preview** tab will automatically scroll to the place in the preview that you were editing. The scroll location is based on the position of your cursor before you clicked the **Preview** tab. + + changes: + - Interactive elements in the web interface such as links and buttons show a visible outline when focused with a keyboard, to help users find the current position on a page. In addition, when focused, form fields have a higher contrast outline. + - If a user refreshes the page while creating a new issue or pull request, the assignees, reviewers, labels and projects will all be preserved. + + known_issues: + - On a freshly set up {% data variables.product.prodname_ghe_server %} instance without any users, an attacker could create the first admin user. + - Custom firewall rules are removed during the upgrade process. + - Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. + - Issues cannot be closed if they contain a permalink to a blob in the same repository, where the blob's file path is longer than 255 characters. + - When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. + - The {% data variables.product.prodname_registry %} npm registry no longer returns a time value in metadata responses. This was done to allow for substantial performance improvements. We continue to have all the data necessary to return a time value as part of the metadata response and will resume returning this value in the future once we have solved the existing performance issues. + - Resource limits that are specific to processing pre-receive hooks may cause some pre-receive hooks to fail. + - Actions services need to be restarted after restoring an instance from a backup taken on a different host. + - In a repository's settings, enabling the option to allow users with read access to create discussions does not enable this functionality. + - In some cases, users cannot convert existing issues to discussions. + - Custom patterns for secret scanning have `.*` as an end delimiter, specifically in the "After secret" field. This delimiter causes inconsistencies in scans for secrets across repositories, and you may notice gaps in a repository's history where no scans completed. Incremental scans may also be impacted. To prevent issues with scans, modify the end of the pattern to remove the `.*` delimiter. + - '{% data reusables.release-notes.ghas-3.4-secret-scanning-known-issue %}' \ No newline at end of file diff --git a/translations/zh-CN/data/release-notes/enterprise-server/3-6/1.yml b/translations/zh-CN/data/release-notes/enterprise-server/3-6/1.yml new file mode 100644 index 0000000000..8ec4162b87 --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/3-6/1.yml @@ -0,0 +1,33 @@ +date: '2022-08-30' +sections: + bugs: + - 解锁存储库以进行临时访问后,站点管理员无法管理存储库中安全产品的设置。 + - 管理控制台和 `/home/admin/.ssh/authorized_keys` 文件中可能会出现重复的管理 SSH 密钥。 + - "http(s)://HOSTNAME/stafftools/users/USERNAME/admin 的个人用户的站点管理员页面包含不适用于 GitHub Enterprise Server 的功能。" + - 在某些情况下,运行 `ghe-cluster-config-apply` 可以将空配置复制到群集中的现有节点。 + - 在某些情况下,以 `ghe-config-apply` 开始的配置运行未完成,或返回了 `Container count mismatch` 错误。 + - 在 GitHub Enterprise Server 实例上更新自签名 TLS 证书后,Web 界面中某些页面上的 UI 元素没有显示。 + - 在某些情况下,尽管不是线程安全的,但由于同时使用的库,可能会导致后台任务停止。 + - Web 界面顶部的站点管理员栏包含指向当前正在运行的应用程序版本的 SHA 的断开链接。 + - 组织所有者无法设置创建讨论所需的访问级别。 + - 讨论用户被错误地引导至 GitHub.com 的社区指南。 + - 在某些情况下,系统错误地指示用户在创建讨论之前验证其电子邮件。 + - 如果站点管理员没有直接升级到 GitHub Enterprise Server 3.4,则 Web UI 和 REST API 中缺少来自 GitHub Advanced Security 客户的机密扫描的警报。警报现在可见。 + changes: + - "由于并行日志清理,支持包的生成速度更快。有关支持包的详细信息,请参阅“[将数据提供给 GitHub 支持](/support/contacting-github-support/providing-data-to-github-support)”。" + - "包含 `organization` 或 `org` 路由的 API 现在接受组织的 slug 或 ID。以前,API 只接受 slug,这导致 GitHub Advanced Security 终结点的 `Link` 标头无法访问。有关详细信息,请参阅 REST API 文档中的“[组织](https://docs.github.com/rest/orgs/orgs)”。" + - "企业审核日志现在包含更多用户生成的事件,例如 `project.create`。REST API 还返回其他用户生成的事件,例如 `repo.create`。有关详细信息,请参阅“[访问企业的审核日志](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/accessing-the-audit-log-for -your-enterprise)”和“[使用企业的审核日志 API](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/using-the-audit- log-api-for-your-enterprise#querying-the-audit-log-rest-api)”。" + - "在某些情况下,缓存副本可能会拒绝对最近更新的存储库的某些 Git 操作。有关存储库缓存的详细信息,请参阅“[关于存储库缓存](/admin/enterprise-management/caching-repositories/about-repository-caching)”。" + - "你现在可以使用 REST API 将全局公告横幅配置为可关闭。有关详细信息,请参阅“[为企业自定义用户消息](/admin/user-management/managing-users-in-your-enterprise/customizing-user-messages-for-your-enterprise#creating-a-global-announcement-banner)”。" + known_issues: + - "在新建的没有任何用户的 {% data variables.product.prodname_ghe_server %} 实例上,攻击者可以创建第一个管理员用户。" + - 自定义防火墙规则在升级过程中被删除。 + - "[通过 Web 界面上传](https://github.com/blog/2105-upload-files-to-your-repositories)的 Git LFS 跟踪文件被错误地直接添加到存储库。" + - 如果问题包含指向同一存储库中 Blob 的永久链接,且 Blob 的文件路径长度超过 255 个字符,则无法关闭问题。 + - 在 GitHub Connect 中启用了“用户可以搜索 GitHub.com”时,专用和内部存储库中的问题不包括在 GitHub.com 搜索结果中。 + - "{% data variables.product.prodname_registry %} npm 注册表不再在元数据响应中返回时间值。这样可以大幅改善性能。作为元数据响应的一部分,我们继续拥有返回时间值所需的所有数据,并将在我们解决现有性能问题后恢复返回这个值。" + - 特定于处理预接收挂钩的资源限制可能导致部分预接收挂钩失败。 + - 从不同主机上的备份恢复实例后,需要重新启动操作服务。 + - 在存储库的设置中,启用允许具有读取访问权限的用户创建讨论的选项不会启用此功能。 + - 在某些情况下,用户无法将现有问题转换为讨论。 + - 机密扫描的自定义模式将 `.*` 作为结束分隔符,特别是在“机密之后”字段中。此分隔符会导致跨存储库的机密扫描不一致,并且你可能会注意到存储库历史记录中没有完成扫描的间隙。增量扫描也可能受到影响。为防止出现扫描问题,请修改模式的结尾以删除 `.*` 分隔符。 diff --git a/translations/zh-CN/data/release-notes/github-ae/2021-03/2021-03-03.yml b/translations/zh-CN/data/release-notes/github-ae/2021-03/2021-03-03.yml deleted file mode 100644 index 3132c98a89..0000000000 --- a/translations/zh-CN/data/release-notes/github-ae/2021-03/2021-03-03.yml +++ /dev/null @@ -1,81 +0,0 @@ -date: '2021-03-03' -friendlyDate: 'March 3, 2021' -title: 'Week of March 3, 2021' -currentWeek: false -sections: - features: - - heading: 'GitHub Actions beta' - notes: - - | - [{% data variables.product.prodname_actions %}](https://github.com/features/actions) is a powerful, flexible solution for CI/CD and workflow automation. For more information, see "[Introduction to {% data variables.product.prodname_actions %}](/actions/learn-github-actions/introduction-to-github-actions)." - - Please note that when {% data variables.product.prodname_actions %} is enabled during this upgrade, two organizations named "GitHub Actions" (@**actions** and @**github**) will appear in {% data variables.product.product_location %}. These organizations are required by {% data variables.product.prodname_actions %}. Users named @**ghost** and @**actions** appear as the actors for creation of these organizations in the audit log. - - heading: 'GitHub Packages beta' - notes: - - | - [{% data variables.product.prodname_registry %}](https://github.com/features/packages) is a package hosting service, natively integrated with {% data variables.product.prodname_actions %}, APIs, and webhooks. Create an [end-to-end DevOps workflow](/github-ae@latest/packages/quickstart) that includes your code, continuous integration, and deployment solutions. During this beta, {% data variables.product.prodname_registry %} is offered free of charge to {% data variables.product.product_name %} customers. - - heading: 'GitHub Advanced Security beta' - notes: - - | - {% data variables.product.prodname_GH_advanced_security %} is available in beta and includes both code scanning and secret scanning. During this beta, {% data variables.product.prodname_GH_advanced_security %} features are being offered free of charge to {% data variables.product.product_name %} customers. Repository and organization administrators can opt-in to use {% data variables.product.prodname_GH_advanced_security %} in the Security and Analysis tab under settings. - - Learn more about {% data variables.product.prodname_GH_advanced_security %} [code scanning](/github/finding-security-vulnerabilities-and-errors-in-your-code/about-code-scanning) and [secret scanning](/github/administering-a-repository/about-secret-scanning) on {% data variables.product.prodname_ghe_managed %}. - - - heading: Manage teams from your identity provider (IdP) - notes: - - | - Customers using SCIM (System for Cross-domain Identity Management) can now sync security groups in Azure Active Directory with {% data variables.product.company_short %} teams. Once a team has been linked to a security group, membership will be automatically updated in {% data variables.product.product_name %} when a user is added or removed from their assigned security group. - - - heading: IP allow lists beta - notes: - - | - [{% data variables.product.company_short %} IP allow lists](/admin/configuration/restricting-network-traffic-to-your-enterprise) provide the ability to filter traffic from administrator-specified IP ranges, defined by CIDR notation. The allow list is defined at the enterprise or organization account level in Security > Settings. All traffic that attempts to reach resources within the enterprise account and organizations are filtered by the IP allow lists. This functionality is provided in addition to the ability to request network security group changes that filter traffic to the entirety of the GHAE tenant. - - changes: - - heading: Developer Changes - notes: - - | - [Organization owners can now disable publication](/github/setting-up-and-managing-organizations-and-teams/managing-the-publication-of-github-pages-sites-for-your-organization) of {% data variables.product.prodname_pages %} sites from repositories in the organization. This will not unpublish existing sites. - - Repositories that use {% data variables.product.prodname_pages %} can now [build and deploy from any branch](/github/working-with-github-pages/about-github-pages#publishing-sources-for-github-pages-sites). - - When writing an issue or pull request, the list syntax for bullets, numbers, and tasks will now be autocompleted after you press `return` or `enter`. - - You can now delete a directory in a repository from the repository page. When navigating to a directory, a new kebab button next to the "Add file" button gives the option to delete the directory. - - It's now easier and faster to [reference issues or pull requests](/github/writing-on-github/basic-writing-and-formatting-syntax#referencing-issues-and-pull-requests), with search across multiple words after the "#". - - - heading: Administration changes - notes: - - Enterprise owners can now publish a mandatory message. The message is shown to all users and they must acknowledge it. This can be used to display important information, terms of service or policies. - - The {% data variables.product.prodname_github_app%} single file path permission can now [support up to ten files](/developers/apps/creating-a-github-app-using-url-parameters). - - When configuring a {% data variables.product.prodname_github_app%}, the authorization callback URL is a required field. Now we will permit the integrator to specify multiple callback URLs. {% data variables.product.product_name %} denies authorization if the callback URL from the request is not listed. - - A [new API endpoint](/rest/reference/apps#create-a-scoped-access-token) enables the exchange of a user to server token for a user to server token scoped to specific repositories. - - Events are now logged in the audit log on [promoting a team member to be a team maintainer and on demoting a team maintainer to be a team member](/admin/user-management/audited-actions#teams). - - The [OAuth device authorization flow](/developers/apps/authorizing-oauth-apps#device-flow) is now supported. This allows any CLI client or developer tool to authenticate using a secondary system. - - A user can no longer delete their account if SCIM provisioning is enabled. - - - heading: Default branch renaming - notes: - - | - Enterprise and organization owners can now set the default branch name for new repositories. Enterprise owners can also enforce their choice of default branch name across all organizations or allow individual organizations to choose their own. - - Existing repositories are unaffected by these settings, and their default branch name will not be changed. - - This change is one of many changes {% data variables.product.company_short %} is making to support projects and maintainers that want to rename their default branch. To learn more, see [github/renaming](https://github.com/github/renaming). - - bugs: - - heading: Bug fixes - notes: - - Users can no longer set a backup email address on their profile. Their email address is set through the IdP only. - - You can no longer enable two-factor authentication after configuring authentication through your IdP. - - | - {% data variables.product.product_name %} can now connect to Azure Boards. - - Version headers were missing from the APIs, and have now been set to "GitHub AE." - - Links to documentation have been fixed. - - Configuration of audit log forwarding within the enterprise's settings was failing. - - Navigating to gists could result in a 500 error. - - The Support email or URL was failing to save. It now saves after a period of a few minutes. - - Organization level pull request templates were not being applied to all pull requests in the organization. - - known_issues: - - heading: Known issues - notes: - - Geographic location data is not shown in the audit log. Location information can otherwise be discerned from the IP address associated with each event. - - The link to {% data variables.product.prodname_registry %} from a repository page shows an incorrect search page when that repository does not have any packages. diff --git a/translations/zh-CN/data/release-notes/github-ae/2021-06/2021-12-06.yml b/translations/zh-CN/data/release-notes/github-ae/2021-06/2021-12-06.yml deleted file mode 100644 index 032bc1087a..0000000000 --- a/translations/zh-CN/data/release-notes/github-ae/2021-06/2021-12-06.yml +++ /dev/null @@ -1,136 +0,0 @@ -date: '2021-12-06' -friendlyDate: 'December 6, 2021' -title: 'December 6, 2021' -currentWeek: false -sections: - features: - - heading: 'Administration' - notes: - - | - Customers with active or trial subscriptions for {% data variables.product.product_name %} can now provision {% data variables.product.product_name %} resources from the [Azure Portal](https://portal.azure.com/signin/index/). Your Azure subscription must be feature-flagged to access {% data variables.product.product_name %} resources in the portal. Contact your account manager or {% data variables.contact.contact_enterprise_sales %} to validate your Azure subscription's eligibility. For more information, see "[Setting up a trial of {% data variables.product.prodname_ghe_managed %}](/get-started/signing-up-for-github/setting-up-a-trial-of-github-ae#deploying-github-ae-with-the-azure-portal)." - - heading: 'GitHub Actions' - notes: - - | - [GitHub Actions](https://github.com/features/actions) is now generally available for {% data variables.product.product_name %}. GitHub Actions is a powerful, flexible solution for CI/CD and workflow automation. For more information, see "[Introduction to GitHub Actions](/actions/learn-github-actions/introduction-to-github-actions)." - - | - Self-hosted runners are the default type of runner system on {% data variables.product.product_name %}, and are now generally available for GitHub Actions. With self-hosted runners, you can manage your own machines or containers for the execution of GitHub Actions jobs. For more information, see "[About self-hosted runners](https://docs.github.com/en/github-ae@latest/actions/hosting-your-own-runners/about-self-hosted-runners)" and "[Adding self-hosted runners](/actions/hosting-your-own-runners/adding-self-hosted-runners)." - - | - Environments, environment protection rules, and environment secrets are now generally available for GitHub Actions on {% data variables.product.product_name %}. For more information, see "[Environments](/actions/reference/environments)." - - | - GitHub Actions can now generate a visual graph of your workflow on every run. With workflow visualization, you can achieve the following. - - - View and understand complex workflows. - - Track progress of workflows in real-time. - - Troubleshoot runs quickly by easily accessing logs and jobs metadata. - - Monitor progress of deployment jobs and easily access deployment targets. - - For more information, see "[Using the visualization graph](/actions/managing-workflow-runs/using-the-visualization-graph)." - - | - GitHub Actions now lets you control the permissions granted to the `GITHUB_TOKEN` secret. The `GITHUB_TOKEN` is an automatically generated secret that lets you make authenticated calls to the API for {% data variables.product.product_name %} in your workflow runs. GitHub Actions generates a new token for each job and expires the token when a job completes. The token has `write` permissions to a number of [API endpoints](/actions/reference/authentication-in-a-workflow#permissions-for-the-github_token) except in the case of pull requests from forks, which are always `read`. These new settings allow you to follow a principle of least privilege in your workflows. For more information, see "[Authentication in a workflow](/actions/reference/authentication-in-a-workflow#modifying-the-permissions-for-the-github_token)." - - | - GitHub Actions now supports skipping `push` and `pull_request` workflows by looking for some common keywords in your commit message. - - | - GitHub CLI 1.9 and later allows you to work with GitHub Actions in your terminal. For more information, see [{% data variables.product.prodname_blog %}](https://github.blog/changelog/2021-04-15-github-cli-1-9-enables-you-to-work-with-github-actions-from-your-terminal/). - - - heading: 'Code scanning' - notes: - - | - Code scanning is now in beta for {% data variables.product.product_name %}. For more information, see "[About code scanning](/code-security/secure-coding/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning)." - - heading: 'Secret scanning' - notes: - - | - You can now specify your own patterns for secret scanning with the beta of custom patterns on {% data variables.product.product_name %}. You can specify patterns for repositories, organizations, and your entire enterprise. When you specify a new pattern, secret scanning searches a repository's entire Git history for the pattern, as well as any new commits. For more information, see "[Defining custom patterns for secret scanning](/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning)." - - heading: 'GitHub Connect' - notes: - - | - GitHub Connect is now available in beta for {% data variables.product.product_name %}. GitHub Connect brings the power of the world's largest open source community to {% data variables.product.product_location %}. You can allow users to view search results from {% data variables.product.prodname_dotcom_the_website %} on {% data variables.product.product_name %}, show contribution counts from {% data variables.product.product_name %} on {% data variables.product.prodname_dotcom_the_website %}, and use GitHub Actions from {% data variables.product.prodname_dotcom_the_website %}. For more information, see "[Managing connections between your enterprise accounts](/admin/configuration/managing-connections-between-your-enterprise-accounts)." - - heading: 'GitHub Packages' - notes: - - | - You can now delete any package or package version for GitHub Packages from {% data variables.product.product_name %}'s web UI. You can also undo the deletion of any package or package version within 30 days. For more information, see "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)." - - | - The npm registry for GitHub Packages and {% data variables.product.prodname_dotcom_the_website %} no longer returns a time value in metadata responses, providing substantial performance improvements. {% data variables.product.company_short %} will continue returning the time value in the future. - - heading: 'Audit logging' - notes: - - | - Events for pull requests and pull request reviews are now included in the audit log for both [enterprises](/admin/user-management/monitoring-activity-in-your-enterprise/audited-actions) and [organizations](/organizations/keeping-your-organization-secure/reviewing-the-audit-log-for-your-organization). These events help administrators better monitor pull request activity and ensure security and compliance requirements are being met. Events can be viewed from the web UI, exported as CSV or JSON, or accessed via REST API. You can also search the audit log for specific pull request events. - - | - Additional events for GitHub Actions are now included in the audit log for both [enterprises](/admin/user-management/monitoring-activity-in-your-enterprise/audited-actions) and [organizations](/organizations/keeping-your-organization-secure/reviewing-the-audit-log-for-your-organization). - - - A workflow is deleted or re-run. - - A self-hosted runner's version is updated. - - heading: 'Authentication' - notes: - - | - GitHub AE now officially supports Okta for SAML single sign-on (SSO) and user provisioning with SCIM. You can also map groups in Okta to teams on GitHub AE. For more information, see "[Configuring authentication and provisioning for your enterprise using Okta](/admin/authentication/configuring-authentication-and-provisioning-with-your-identity-provider/configuring-authentication-and-provisioning-for-your-enterprise-using-okta)" and "[Mapping Okta groups to teams](/admin/authentication/configuring-authentication-and-provisioning-with-your-identity-provider/mapping-okta-groups-to-teams)." - - | - The format of authentication tokens for {% data variables.product.product_name %} has changed. The change affects the format of personal access tokens and access tokens for OAuth Apps, as well as user-to-server, server-to-server, and refresh tokens for GitHub Apps. {% data variables.product.company_short %} recommends updating existing tokens as soon as possible to improve security and allow secret scanning to detect the tokens. For more information, see "[About authentication to {% data variables.product.prodname_dotcom %}](/github/authenticating-to-github/keeping-your-account-and-data-secure/about-authentication-to-github#githubs-token-formats)" and "[About secret scanning](/code-security/secret-security/about-secret-scanning)." - - | - You can now authenticate SSH connections to {% data variables.product.product_name %} using a FIDO2 security key by adding an `sk-ecdsa-sha2-nistp256@openssh.com` SSH key to your account. SSH security keys store secret key material on a separate hardware device that requires verification, such as a tap, to operate. Storing the key on separate hardware and requiring physical interaction for your SSH key offers additional security. Since the key is stored on hardware and is non-extractable, the key can't be read or stolen by software running on the computer. The physical interaction prevents unauthorized use of the key since the security key will not operate until you physically interact with it. For more information, see "[Generating a new SSH key and adding it to the ssh-agent](/github/authenticating-to-github/connecting-to-github-with-ssh/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent#generating-a-new-ssh-key-for-a-hardware-security-key)." - - | - Git Credential Manager (GCM) Core versions 2.0.452 and later now provide secure credential storage and multi-factor authentication support for {% data variables.product.product_name %}. GCM Core with support for {% data variables.product.product_name %} is included with [Git for Windows](https://gitforwindows.org) versions 2.32 and later. GCM Core is not included with Git for macOS or Linux, but can be installed separately. For more information, see the [latest release](https://github.com/microsoft/Git-Credential-Manager-Core/releases/) and [installation instructions](https://github.com/microsoft/Git-Credential-Manager-Core/releases/) in the `microsoft/Git-Credential-Manager-Core` repository. - - heading: 'Notifications' - notes: - - | - You can now configure which events you would like to be notified about on {% data variables.product.product_name %}. From any repository, select the {% octicon "file-code" aria-label="The code icon" %} **Watch** drop-down, then click **Custom**. For more information, see "[Configuring notifications](/github/managing-subscriptions-and-notifications-on-github/setting-up-notifications/configuring-notifications)." - - heading: 'Issues and pull requests' - notes: - - | - With the [latest version of Octicons](https://github.com/primer/octicons/releases), the states of issues and pull requests are now more visually distinct so you can scan status more easily. For more information, see [{% data variables.product.prodname_blog %}](https://github.blog/changelog/2021-06-08-new-issue-and-pull-request-state-icons/). - - | - You can now see all pull request review comments in the **Files** tab for a pull request by selecting the **Conversations** drop-down. You can also require that all pull request review comments are resolved before anyone merges the pull request. For more information, see "[About pull request reviews](/github/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/about-pull-request-reviews#discovering-and-navigating-conversations)" and "[About protected branches](/github/administering-a-repository/defining-the-mergeability-of-pull-requests/about-protected-branches#require-conversation-resolution-before-merging)." For more information about management of branch protection settings with the API, see "[Branches](/rest/reference/branches#get-branch-protection)" in the REST API documentation and "[Mutations](/graphql/reference/mutations#createbranchprotectionrule)" in the GraphQL API documentation. - - | - You can now upload video files everywhere you write Markdown on {% data variables.product.product_name %}. Share demos, show reproduction steps, and more in issue and pull request comments, as well as in Markdown files within repositories, such as READMEs. For more information, see "[Attaching files](/github/writing-on-github/working-with-advanced-formatting/attaching-files)." - - | - {% data variables.product.product_name %} now shows a confirmation dialog when you request a review from a team with more than 100 members, allowing you to prevent unnecessary notifications for large teams. - - | - When an issue or pull request has fewer than 30 possible assignees, the assignees control will list all potential users rather than a limited set of suggestions. This behavior helps people in small organizations to quickly find the right user. For more information about assigning users to issues and pull requests, see "[Assigning issues and pull requests to other {% data variables.product.company_short %} users](/issues/tracking-your-work-with-issues/managing-issues/assigning-issues-and-pull-requests-to-other-github-users#assigning-an-individual-issue-or-pull-request)." - - | - You can now include multiple words after the `#` in a comment for an issue or pull request to further narrow your search. To dismiss the suggestions, press Esc. - - | - To prevent the merge of unexpected changes after you enable auto-merge for a pull request, auto-merge is now disabled automatically when new changes are pushed by a user without write access to the repository. Users without write access can still update the pull request with changes from the base branch when auto-merge is enabled. To prevent a malicious user from using a merge conflict to introduce unexpected changes to the pull request, {% data variables.product.product_name %} will disable auto-merge for the pull request if the update causes a merge conflict. For more information about auto-merge, see "[Automatically merging a pull request](/github/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/automatically-merging-a-pull-request)." - - | - People with maintain access can now manage the repository-level "Allow auto-merge" setting. This setting, which is off by default, controls whether auto-merge is available on pull requests in the repository. Previously, only people with admin access could manage this setting. Additionally, this setting can now by controlled using the "[Create a repository](/rest/reference/repos#create-an-organization-repository)" and "[Update a repository](/rest/reference/repos#update-a-repository)" REST APIs. For more information, see "[Managing auto-merge for pull requests in your repository](/github/administering-a-repository/configuring-pull-request-merges/managing-auto-merge-for-pull-requests-in-your-repository)." - - | - The assignees selection for issues and pull requests now supports type ahead searching so you can find users in your organization faster. Additionally, search result rankings have been updated to prefer matches at the start of a person's username or profile name. - - - heading: 'Repositories' - notes: - - | - When viewing the commit history for a file, you can now click {% octicon "file-code" aria-label="The code icon" %} to view the file at the specified time in the repository's history. - - | - You can now use the web UI to synchronize an out-of-date branch for a fork with the fork's upstream branch. If there are no merge conflicts between the branches, {% data variables.product.product_name %} updates your branch either by fast-forwarding or by merging from upstream. If there are conflicts, {% data variables.product.product_name %} will prompt you to open pull request to resolve the conflicts. For more information, see "[Syncing a fork](/github/collaborating-with-pull-requests/working-with-forks/syncing-a-fork#syncing-a-fork-from-the-web-ui)." - - | - You can now sort the repositories on a user or organization profile by star count. - - | - The Repositories REST API's "compare two commits" endpoint, which returns a list of commits reachable from one commit or branch, but unreachable from another, now supports pagination. The API can also now return the results for comparisons over 250 commits. For more information, see the "[Commits](/rest/reference/commits#compare-two-commits)" REST API documentation and "[Traversing with pagination](/rest/guides/traversing-with-pagination)." - - | - When you define a submodule in {% data variables.product.product_location %} with a relative path, the submodule is now clickable in the web UI. Clicking the submodule in the web UI will take you to the linked repository. Previously, only submodules with absolute URLs were clickable. Relative paths for repositories with the same owner that follow the pattern ../REPOSITORY or relative paths for repositories with a different owner that follow the pattern ../OWNER/REPOSITORY are supported. For more information about working with submodules, see [Working with submodules](https://github.blog/2016-02-01-working-with-submodules/) on {% data variables.product.prodname_blog %}. - - | - By precomputing checksums, the amount of time a repository is under lock has reduced dramatically, allowing more write operations to succeed immediately and improving monorepo performance. - - heading: 'Releases' - notes: - - | - You can now react with emoji to all releases on {% data variables.product.product_name %}. For more information, see "[About releases](/github/administering-a-repository/releasing-projects-on-github/about-releases)." - - heading: 'Themes' - notes: - - | - Dark and dark dimmed themes are now available for the web UI. {% data variables.product.product_name %} will match your system preferences when you haven't set theme preferences in {% data variables.product.product_name %}. You can also customize the themes that are active during day and night. For more information, see "[Managing your theme settings](/github/setting-up-and-managing-your-github-user-account/managing-user-account-settings/managing-your-theme-settings)." - - heading: 'Markdown' - notes: - - | - Markdown files in your repositories now automatically generate a table of contents in the header the file has two or more headings. The table of contents is interactive and links to the corresponding section. All six Markdown heading levels are supported. For more information, see "[About READMEs](/github/creating-cloning-and-archiving-repositories/creating-a-repository-on-github/about-readmes#auto-generated-table-of-contents-for-readme-files)." - - | - `code` markup is now supported in titles for issues and pull requests. Text within backticks (`` ` ``) will appear rendered in a fixed-width font anywhere the issue or pull request title appears in the web UI for {% data variables.product.product_name %}. - - | - While editing Markdown in files, issues, pull requests, or comments, you can now use a keyboard shortcut to insert a code block. The keyboard shortcut is command + E on a Mac or Ctrl + E on other devices. For more information, see "[Basic writing and formatting syntax](/github/writing-on-github/getting-started-with-writing-and-formatting-on-github/basic-writing-and-formatting-syntax#quoting-code)." - - | - You can append `?plain=1` to the URL for any Markdown file to display the file without rendering and with line numbers. You can use the plain view to link other users to specific lines. For example, appending `?plain=1#L52` will highlight line 52 of a plain text Markdown file. For more information, "[Creating a permanent link to a code snippet](/github/writing-on-github/working-with-advanced-formatting/creating-a-permanent-link-to-a-code-snippet#linking-to-markdown)." - - heading: 'GitHub Apps' - notes: - - | - API requests to create an installation access token now respect IP allow lists for an enterprise or organization. Any API requests made with an installation access token for a GitHub App installed on your organization already respect IP allow lists. This feature does not currently consider any Azure network security group (NSG) rules that {% data variables.product.company_short %} Support has configured for {% data variables.product.product_location %}. For more information, see "[Restricting network traffic to your enterprise](/admin/configuration/configuring-your-enterprise/restricting-network-traffic-to-your-enterprise#about-ip-allow-lists)," "[Managing allowed IP addresses for your organization](/organizations/keeping-your-organization-secure/managing-allowed-ip-addresses-for-your-organization)," and "[Apps](https://docs.github.com/en/rest/reference/apps#create-an-installation-access-token-for-an-app)" in the REST API documentation. - - heading: 'Webhooks' - notes: - - | - You can now programmatically resend or check the status of webhooks through the REST API. For more information, see "[Repositories](https://docs.github.com/en/rest/reference/repos#webhooks)," "[Organizations](https://docs.github.com/en/rest/reference/orgs#webhooks)," and "[Apps](https://docs.github.com/en/rest/reference/apps#webhooks)" in the REST API documentation. diff --git a/translations/zh-CN/data/reusables/actions/create-runner-group.md b/translations/zh-CN/data/reusables/actions/create-runner-group.md index a66b2e749f..977a60cd7c 100644 --- a/translations/zh-CN/data/reusables/actions/create-runner-group.md +++ b/translations/zh-CN/data/reusables/actions/create-runner-group.md @@ -1,9 +1 @@ ---- -ms.openlocfilehash: 774fc9c83ffce121ebc660f2169f08a99e0ce9c9 -ms.sourcegitcommit: 478f2931167988096ae6478a257f492ecaa11794 -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/09/2022 -ms.locfileid: "147763949" ---- -1. 单击“{% ifversion ghec or ghes > 3.3 or ghae-issue-5091 %}创建{%- elsif ghes < 3.4 or ghae %}保存{% endif %}组”,创建组并应用策略。 +1. Click **{% ifversion ghec or ghes > 3.3 or ghae > 3.3 %}Create{%- elsif ghes < 3.4 or ghae < 3.4 %}Save{% endif %} group** to create the group and apply the policy. diff --git a/translations/zh-CN/data/reusables/actions/reusable-workflow-artifacts.md b/translations/zh-CN/data/reusables/actions/reusable-workflow-artifacts.md index c43366aeae..4369c99de9 100644 --- a/translations/zh-CN/data/reusables/actions/reusable-workflow-artifacts.md +++ b/translations/zh-CN/data/reusables/actions/reusable-workflow-artifacts.md @@ -1,10 +1,3 @@ ---- -ms.openlocfilehash: 0e8b83115f22782f2e2788293d6bc8c9f62855e9 -ms.sourcegitcommit: fb047f9450b41b24afc43d9512a5db2a2b750a2a -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/11/2022 -ms.locfileid: "145065898" ---- -{% ifversion fpt or ghes > 3.3 or ghae-issue-4757 or ghec %} 运行中调用的所有操作和工作流都具有该运行项目的写权限。 +{% ifversion fpt or ghes > 3.3 or ghae > 3.3 or ghec %} +All actions and workflows called within a run have write access to that run's artifacts. {% endif %} diff --git a/translations/zh-CN/data/reusables/actions/reusable-workflow-calling-syntax.md b/translations/zh-CN/data/reusables/actions/reusable-workflow-calling-syntax.md index 0865e864f3..2b4d1042df 100644 --- a/translations/zh-CN/data/reusables/actions/reusable-workflow-calling-syntax.md +++ b/translations/zh-CN/data/reusables/actions/reusable-workflow-calling-syntax.md @@ -1,12 +1,4 @@ ---- -ms.openlocfilehash: 9b1f61261d2e59fe30703a3bebfdaed7a25667e6 -ms.sourcegitcommit: fb047f9450b41b24afc43d9512a5db2a2b750a2a -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/10/2022 -ms.locfileid: "145084864" ---- -* `{owner}/{repo}/.github/workflows/{filename}@{ref}`{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6000 %} 用于公共{% ifversion ghes or ghec or ghae %}或内部{% endif %}存储库中的可重用工作流。 -* `./.github/workflows/{filename}` 用于同一存储库中的可重用工作流。{% endif %} +* `{owner}/{repo}/.github/workflows/{filename}@{ref}`{% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %} for reusable workflows in public {% ifversion ghes or ghec or ghae %}or internal{% endif %} repositories. +* `./.github/workflows/{filename}` for reusable workflows in the same repository.{% endif %} -`{ref}` 可以是 SHA、发布标记或分支名称。 对于稳定性和安全性来说,使用提交 SHA 最稳妥。 有关详细信息,请参阅“[GitHub Actions 的安全强化](/actions/learn-github-actions/security-hardening-for-github-actions#reusing-third-party-workflows)”。 {% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6000 %} 如果使用第二个语法选项(不带 `{owner}/{repo}` 和 `@{ref}`),则调用的工作流来自与调用方工作流相同的提交。{% endif %} +`{ref}` can be a SHA, a release tag, or a branch name. Using the commit SHA is the safest for stability and security. For more information, see "[Security hardening for GitHub Actions](/actions/learn-github-actions/security-hardening-for-github-actions#reusing-third-party-workflows)." {% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %}If you use the second syntax option (without `{owner}/{repo}` and `@{ref}`) the called workflow is from the same commit as the caller workflow.{% endif %} diff --git a/translations/zh-CN/data/reusables/actions/reusable-workflows.md b/translations/zh-CN/data/reusables/actions/reusable-workflows.md index f631bcbe0c..c1f3f78088 100644 --- a/translations/zh-CN/data/reusables/actions/reusable-workflows.md +++ b/translations/zh-CN/data/reusables/actions/reusable-workflows.md @@ -1,12 +1,4 @@ ---- -ms.openlocfilehash: e7d27a9fd46a625eafc5bebb1eb151b8e3c4b6e4 -ms.sourcegitcommit: 5b1461b419dbef60ae9dbdf8e905a4df30fc91b7 -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/10/2022 -ms.locfileid: "147876101" ---- -{% ifversion fpt or ghes > 3.3 or ghae-issue-4757 or ghec %} +{% ifversion fpt or ghes > 3.3 or ghae > 3.3 or ghec %} -{% ifversion ghes or ghec or ghae %}通过从另一个工作流中调用{% else %}可调用{% endif %}一个工作流,可以公开或私下与组织共享工作流。 这样便可重用工作流,避免重复并使工作流更易于维护。 有关详细信息,请参阅“[重用工作流](/actions/learn-github-actions/reusing-workflows)”。 +{% ifversion ghes or ghec or ghae %}You can share workflows with your organization, publicly or privately, by calling{% else %} You can call{% endif %} one workflow from within another workflow. This allows you to reuse workflows, avoiding duplication and making your workflows easier to maintain. For more information, see "[Reusing workflows](/actions/learn-github-actions/reusing-workflows)." {% endif %} diff --git a/translations/zh-CN/data/reusables/actions/runner-groups-add-to-enterprise-first-steps.md b/translations/zh-CN/data/reusables/actions/runner-groups-add-to-enterprise-first-steps.md index 7761ffe2d2..5215ec2e72 100644 --- a/translations/zh-CN/data/reusables/actions/runner-groups-add-to-enterprise-first-steps.md +++ b/translations/zh-CN/data/reusables/actions/runner-groups-add-to-enterprise-first-steps.md @@ -1,14 +1,11 @@ ---- -ms.openlocfilehash: dcb31ab7b27f6f3ebe89699a3a2e96dd1e78a5db -ms.sourcegitcommit: 478f2931167988096ae6478a257f492ecaa11794 -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/09/2022 -ms.locfileid: "147763959" ---- -{% data reusables.enterprise-accounts.access-enterprise %} {% data reusables.enterprise-accounts.policies-tab %} {% data reusables.enterprise-accounts.actions-tab %} {%- ifversion ghec or ghes > 3.3 or ghae-issue-5091 %} {% data reusables.enterprise-accounts.actions-runner-groups-tab %} -1. 单击“新建运行器组”。 -{%- elsif ghes < 3.4 or ghae %} {% data reusables.enterprise-accounts.actions-runners-tab %} -1. 使用“新增”下拉菜单,然后选择“新建组” 。 +{% data reusables.enterprise-accounts.access-enterprise %} +{% data reusables.enterprise-accounts.policies-tab %} +{% data reusables.enterprise-accounts.actions-tab %} +{%- ifversion ghec or ghes > 3.3 or ghae > 3.3 %} +{% data reusables.enterprise-accounts.actions-runner-groups-tab %} +1. Click **New runner group**. +{%- elsif ghes < 3.4 or ghae %} +{% data reusables.enterprise-accounts.actions-runners-tab %} +1. Use the **Add new** drop-down, and select **New group**. {%- endif %} -1. 在“组名称”下,键入运行器组的名称。 +1. Under "Group name", type a name for your runner group. diff --git a/translations/zh-CN/data/reusables/actions/self-hosted-runner-add-to-enterprise.md b/translations/zh-CN/data/reusables/actions/self-hosted-runner-add-to-enterprise.md index d328def7f7..2cc570e591 100644 --- a/translations/zh-CN/data/reusables/actions/self-hosted-runner-add-to-enterprise.md +++ b/translations/zh-CN/data/reusables/actions/self-hosted-runner-add-to-enterprise.md @@ -1,4 +1,4 @@ -{%- ifversion ghec or ghes > 3.3 or ghae-issue-5091 %} +{%- ifversion ghec or ghes > 3.3 or ghae > 3.3 %} {% data reusables.enterprise-accounts.access-enterprise %} {% data reusables.enterprise-accounts.policies-tab %} {% data reusables.enterprise-accounts.actions-tab %} diff --git a/translations/zh-CN/data/reusables/actions/settings-ui/settings-actions-general.md b/translations/zh-CN/data/reusables/actions/settings-ui/settings-actions-general.md index 1a085c4c1f..85a4eb590c 100644 --- a/translations/zh-CN/data/reusables/actions/settings-ui/settings-actions-general.md +++ b/translations/zh-CN/data/reusables/actions/settings-ui/settings-actions-general.md @@ -1,10 +1,2 @@ ---- -ms.openlocfilehash: 28a1c8a0d2e0c3ee4cdc01384ec374d26eafaa58 -ms.sourcegitcommit: fb047f9450b41b24afc43d9512a5db2a2b750a2a -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/11/2022 -ms.locfileid: "147881257" ---- -{% comment %}此可重用功能仅用于其他存储库/组织/企业设置可重用项。{%- endcomment -%} -1. 在左侧边栏中,单击 {% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5658 %}{% octicon "play" aria-label="The {% data variables.product.prodname_actions %} icon" %}“操作”,然后单击“常规”。{% else %}“操作”。{% endif %} +{% comment %}This reusable is only to be used in other repo/org/enterprise setting reusables.{%- endcomment -%} +1. In the left sidebar, click {% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %}{% octicon "play" aria-label="The {% data variables.product.prodname_actions %} icon" %} **Actions**, then click **General**.{% else %}**Actions**.{% endif %} diff --git a/translations/zh-CN/data/reusables/actions/settings-ui/settings-actions-runner-groups.md b/translations/zh-CN/data/reusables/actions/settings-ui/settings-actions-runner-groups.md index eea2b572b0..106c0b3176 100644 --- a/translations/zh-CN/data/reusables/actions/settings-ui/settings-actions-runner-groups.md +++ b/translations/zh-CN/data/reusables/actions/settings-ui/settings-actions-runner-groups.md @@ -1,13 +1,5 @@ ---- -ms.openlocfilehash: 8329f603d09f84f7167b53f88d9580733086fb42 -ms.sourcegitcommit: 47bd0e48c7dba1dde49baff60bc1eddc91ab10c5 -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/05/2022 -ms.locfileid: "147061288" ---- -{% comment %}此可重用功能仅用于其他存储库/组织/企业设置可重用处理。{%- endcomment -%} -1. 在左侧边栏中,单击 {% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5658 %}{% octicon "play" aria-label="The {% data variables.product.prodname_actions %} icon" %}“操作”,然后单击“运行器组” 。{% else %}“操作”。{% ifversion ghes > 3.3 or ghae-issue-5091 %} -1. 在左侧边栏的“操作”下,单击“运行器组”。 +{% comment %}This reusable is only to be used in other repo/org/enterprise setting reusables.{%- endcomment -%} +1. In the left sidebar, click {% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %}{% octicon "play" aria-label="The {% data variables.product.prodname_actions %} icon" %} **Actions**, then click **Runner groups**.{% else %}**Actions**.{% ifversion ghes > 3.3 or ghae > 3.3 %} +1. In the left sidebar, under "Actions", click **Runner groups**. {%- elsif ghes or ghae %} -1. 在左侧边栏的“操作”下,单击“运行器”。{% endif %}{% endif %} +1. In the left sidebar, under "Actions", click **Runners**.{% endif %}{% endif %} diff --git a/translations/zh-CN/data/reusables/actions/settings-ui/settings-actions-runners.md b/translations/zh-CN/data/reusables/actions/settings-ui/settings-actions-runners.md index 1bb753e1e0..e3cf5ed3cf 100644 --- a/translations/zh-CN/data/reusables/actions/settings-ui/settings-actions-runners.md +++ b/translations/zh-CN/data/reusables/actions/settings-ui/settings-actions-runners.md @@ -1,11 +1,3 @@ ---- -ms.openlocfilehash: dfdccdbe5c96cf63fc38b14cc164a98769ecded6 -ms.sourcegitcommit: 47bd0e48c7dba1dde49baff60bc1eddc91ab10c5 -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/05/2022 -ms.locfileid: "147065048" ---- -{% comment %}此可重用功能仅用于其他存储库/组织/企业设置可重用项。{%- endcomment -%} -1. 在左侧边栏中,单击 {% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5658 %}{% octicon "play" aria-label="The {% data variables.product.prodname_actions %} icon" %}“操作”,然后单击“运行器”。{% else %}“操作”。{% ifversion ghes or ghae %} -1. 在左侧边栏的“操作”下,单击“运行器”。{% endif %}{% endif %} +{% comment %}This reusable is only to be used in other repo/org/enterprise setting reusables.{%- endcomment -%} +1. In the left sidebar, click {% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %}{% octicon "play" aria-label="The {% data variables.product.prodname_actions %} icon" %} **Actions**, then click **Runners**.{% else %}**Actions**.{% ifversion ghes or ghae %} +1. In the left sidebar, under "Actions", click **Runners**.{% endif %}{% endif %} diff --git a/translations/zh-CN/data/reusables/actions/sidebar-secret.md b/translations/zh-CN/data/reusables/actions/sidebar-secret.md index a4bdf2aaa6..db2b162cd5 100644 --- a/translations/zh-CN/data/reusables/actions/sidebar-secret.md +++ b/translations/zh-CN/data/reusables/actions/sidebar-secret.md @@ -1,13 +1,5 @@ ---- -ms.openlocfilehash: 8a031fd9c9178cf743b4dcc1bc401b51fd2eab5b -ms.sourcegitcommit: 47bd0e48c7dba1dde49baff60bc1eddc91ab10c5 -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/05/2022 -ms.locfileid: "145098414" ---- -{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5658 %} -1. 在左侧边栏中,单击“{% octicon "key-asterisk" aria-label="The key-asterisk icon" %} 机密”。 +{% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %} +1. In the left sidebar, click **{% octicon "key-asterisk" aria-label="The key-asterisk icon" %} Secrets**. {% else %} -1. 在左侧边栏中,单击“机密”。 +1. In the left sidebar, click **Secrets**. {% endif %} diff --git a/translations/zh-CN/data/reusables/actions/workflow-dispatch-inputs.md b/translations/zh-CN/data/reusables/actions/workflow-dispatch-inputs.md index 95f2070ad5..e78790375f 100644 --- a/translations/zh-CN/data/reusables/actions/workflow-dispatch-inputs.md +++ b/translations/zh-CN/data/reusables/actions/workflow-dispatch-inputs.md @@ -1,14 +1,6 @@ ---- -ms.openlocfilehash: 6a71d461562c3d6e390549739ac1f17cb274f3f2 -ms.sourcegitcommit: 47bd0e48c7dba1dde49baff60bc1eddc91ab10c5 -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/05/2022 -ms.locfileid: "146199791" ---- -使用 `workflow_dispatch` 事件时,你可以选择性指定传递到工作流的输入。 +When using the `workflow_dispatch` event, you can optionally specify inputs that are passed to the workflow. -触发的工作流在 {% ifversion actions-unified-inputs %}`inputs`{% else %}`github.event.inputs`{% endif %} 上下文中接收输入。 有关详细信息,请参阅“[上下文]({% ifversion actions-unified-inputs %}/actions/learn-github-actions/contexts#inputs-context{% else %}/actions/learn-github-actions/contexts#github-context{% endif %})。” +The triggered workflow receives the inputs in the {% ifversion actions-unified-inputs %}`inputs`{% else %}`github.event.inputs`{% endif %} context. For more information, see "[Contexts]({% ifversion actions-unified-inputs %}/actions/learn-github-actions/contexts#inputs-context{% else %}/actions/learn-github-actions/contexts#github-context{% endif %})." {% data reusables.actions.inputs-vs-github-event-inputs %} @@ -19,7 +11,7 @@ on: logLevel: description: 'Log level' required: true - default: 'warning' {% ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5511 %} + default: 'warning' {% ifversion fpt or ghec or ghes > 3.3 or ghae > 3.3 %} type: choice options: - info @@ -27,11 +19,11 @@ on: - debug {% endif %} print_tags: description: 'True to print to STDOUT' - required: true {% ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5511 %} + required: true {% ifversion fpt or ghec or ghes > 3.3 or ghae > 3.3 %} type: boolean {% endif %} tags: description: 'Test scenario tags' - required: true {% ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5511 %} + required: true {% ifversion fpt or ghec or ghes > 3.3 or ghae > 3.3 %} type: string environment: description: 'Environment to run tests against' diff --git a/translations/zh-CN/data/reusables/actions/workflow-template-overview.md b/translations/zh-CN/data/reusables/actions/workflow-template-overview.md index bf926adfc4..24446416ca 100644 --- a/translations/zh-CN/data/reusables/actions/workflow-template-overview.md +++ b/translations/zh-CN/data/reusables/actions/workflow-template-overview.md @@ -1,3 +1,3 @@ -{% data variables.product.prodname_dotcom %} provides preconfigured starter workflow that you can customize to create your own continuous integration workflow. {% data variables.product.product_name %} analyzes your code and shows you CI starter workflow that might be useful for your repository. For example, if your repository contains Node.js code, you'll see suggestions for Node.js projects. You can use starter workflow as a starting place to build your custom workflow or use them as-is. +{% data variables.product.prodname_dotcom %} provides preconfigured starter workflows that you can customize to create your own continuous integration workflow. {% data variables.product.product_name %} analyzes your code and shows you CI starter workflows that might be useful for your repository. For example, if your repository contains Node.js code, you'll see suggestions for Node.js projects. You can use starter workflows as a starting place to build your custom workflow or use them as-is. -You can browse the full list of starter workflow in the {% ifversion fpt or ghec %}[actions/starter-workflows](https://github.com/actions/starter-workflows) repository{% else %} `actions/starter-workflows` repository on {% data variables.product.product_location %}{% endif %}. +You can browse the full list of starter workflows in the {% ifversion fpt or ghec %}[actions/starter-workflows](https://github.com/actions/starter-workflows) repository{% else %} `actions/starter-workflows` repository on {% data variables.product.product_location %}{% endif %}. diff --git a/translations/zh-CN/data/reusables/advanced-security/secret-scanning-add-custom-pattern-details.md b/translations/zh-CN/data/reusables/advanced-security/secret-scanning-add-custom-pattern-details.md index 0350bdc3c6..9907231449 100644 --- a/translations/zh-CN/data/reusables/advanced-security/secret-scanning-add-custom-pattern-details.md +++ b/translations/zh-CN/data/reusables/advanced-security/secret-scanning-add-custom-pattern-details.md @@ -1,13 +1,9 @@ ---- -ms.openlocfilehash: 53ead6c394e757a67d36fde9c73c74eec7e963bc -ms.sourcegitcommit: fcf3546b7cc208155fb8acdf68b81be28afc3d2d -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/10/2022 -ms.locfileid: "145084810" ---- -1. 输入新自定义模式的详细信息: - 1. 您至少必须提供模式的名称,以及秘密模式格式的正则表达式。 - 1. 可以单击“更多选项{% octicon "chevron-down" aria-label="down" %}”来提供密钥格式的其他周围内容或额外匹配要求。 - 1. 提供一个示例测试字符串,用于确保配置与预期模式匹配。 - {% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5499 %} ![创建自定义 {% data variables.product.prodname_secret_scanning %} 模式窗体](/assets/images/help/repository/secret-scanning-create-custom-pattern.png) {% else %} ![创建自定义 {% data variables.product.prodname_secret_scanning %} 模式窗体](/assets/images/enterprise/3.2/repository/secret-scanning-create-custom-pattern.png) {% endif %} +1. Enter the details for your new custom pattern: + 1. You must at least provide the name for your pattern, and a regular expression for the format of your secret pattern. + 1. You can click **More options {% octicon "chevron-down" aria-label="down" %}** to provide other surrounding content or additional match requirements for the secret format. + 1. Provide a sample test string to make sure your configuration is matching the patterns you expect. + {% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %} + ![Create a custom {% data variables.product.prodname_secret_scanning %} pattern form](/assets/images/help/repository/secret-scanning-create-custom-pattern.png) + {% else %} + ![Create a custom {% data variables.product.prodname_secret_scanning %} pattern form](/assets/images/enterprise/3.2/repository/secret-scanning-create-custom-pattern.png) + {% endif %} diff --git a/translations/zh-CN/data/reusables/advanced-security/secret-scanning-create-custom-pattern.md b/translations/zh-CN/data/reusables/advanced-security/secret-scanning-create-custom-pattern.md index 3a11d153b1..8b6afe3169 100644 --- a/translations/zh-CN/data/reusables/advanced-security/secret-scanning-create-custom-pattern.md +++ b/translations/zh-CN/data/reusables/advanced-security/secret-scanning-create-custom-pattern.md @@ -1,9 +1 @@ ---- -ms.openlocfilehash: 606689dba9f788a4f5e7127cc6d0b0df3dbc06f5 -ms.sourcegitcommit: fcf3546b7cc208155fb8acdf68b81be28afc3d2d -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/10/2022 -ms.locfileid: "145087211" ---- -1. 如果对新的自定义模式感到满意,请单击{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5499 %}“发布模式”{% elsif ghes > 3.2 or ghae %}“创建模式”{% elsif ghes = 3.2 %}“创建自定义模式”{% endif %} 。 +1. When you're satisfied with your new custom pattern, click {% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %}**Publish pattern**{% elsif ghes > 3.2 or ghae %}**Create pattern**{% elsif ghes = 3.2 %}**Create custom pattern**{% endif %}. diff --git a/translations/zh-CN/data/reusables/audit_log/audit_log_sidebar_for_org_admins.md b/translations/zh-CN/data/reusables/audit_log/audit_log_sidebar_for_org_admins.md index 093ff55193..c59c70a94f 100644 --- a/translations/zh-CN/data/reusables/audit_log/audit_log_sidebar_for_org_admins.md +++ b/translations/zh-CN/data/reusables/audit_log/audit_log_sidebar_for_org_admins.md @@ -1,13 +1,6 @@ ---- -ms.openlocfilehash: 795c057917eb79a5dbdd51995cdd57bf61d9c2c3 -ms.sourcegitcommit: fb047f9450b41b24afc43d9512a5db2a2b750a2a -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/11/2022 -ms.locfileid: "145098318" ---- -{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5658 %} -1. 在边栏的“存档”部分中,单击“{% octicon "log" aria-label="The log icon" %} 日志”,然后单击“审核日志”。 +{% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %} +1. In the "Archives" section of the sidebar, click {% octicon "log" aria-label="The log icon" %} **Logs**, then click **Audit log**. {% else %} -1. 在“设置”边栏中,单击“审核日志”。 -![边栏中的组织审核日志设置](/assets/images/help/organizations/org-settings-audit-log.png) {% endif %} +1. In the Settings sidebar, click **Audit log**. +![Org audit log settings in sidebar](/assets/images/help/organizations/org-settings-audit-log.png) +{% endif %} diff --git a/translations/zh-CN/data/reusables/audit_log/audit_log_sidebar_for_site_admins.md b/translations/zh-CN/data/reusables/audit_log/audit_log_sidebar_for_site_admins.md index 17aee6e902..f2d2336ba7 100644 --- a/translations/zh-CN/data/reusables/audit_log/audit_log_sidebar_for_site_admins.md +++ b/translations/zh-CN/data/reusables/audit_log/audit_log_sidebar_for_site_admins.md @@ -1,13 +1,6 @@ ---- -ms.openlocfilehash: 7d0d9dfaabb79a4b677959f1102e317ed1732d20 -ms.sourcegitcommit: fb047f9450b41b24afc43d9512a5db2a2b750a2a -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/11/2022 -ms.locfileid: "145098316" ---- -{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5658 %} -3. 在边栏的“存档”部分中,单击“{% octicon "log" aria-label="The log icon" %} 安全日志”。 +{% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %} +3. In the "Archives" section of the sidebar, click **{% octicon "log" aria-label="The log icon" %} Security log**. {% else %} -3. 在左侧边栏中,单击“审核日志”。 -![“审核日志”选项卡](/assets/images/enterprise/site-admin-settings/audit-log-tab.png) {% endif %} +3. In the left sidebar, click **Audit log**. +![Audit log tab](/assets/images/enterprise/site-admin-settings/audit-log-tab.png) +{% endif %} diff --git a/translations/zh-CN/data/reusables/code-scanning/codeql-languages-bullets.md b/translations/zh-CN/data/reusables/code-scanning/codeql-languages-bullets.md index a03710b702..e3179d26df 100644 --- a/translations/zh-CN/data/reusables/code-scanning/codeql-languages-bullets.md +++ b/translations/zh-CN/data/reusables/code-scanning/codeql-languages-bullets.md @@ -1,25 +1,17 @@ ---- -ms.openlocfilehash: a9363f9b1d77977b8e2bb215bde3a1f0e4177199 -ms.sourcegitcommit: fcf3546b7cc208155fb8acdf68b81be28afc3d2d -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/10/2022 -ms.locfileid: "147879507" ---- - C/C++ - C# - Go - Java - JavaScript/TypeScript -- Python{% ifversion fpt or ghes > 3.3 or ghec or ghae-issue-5017 %} +- Python{% ifversion fpt or ghes > 3.3 or ghec or ghae > 3.3 %} - Ruby {% note %} -注意:用于 Ruby 的 {% data variables.product.prodname_codeql %} 分析目前为 beta 版。 在 beta 版中,Ruby 的分析将不如其他语言的 {% data variables.product.prodname_codeql %} 分析全面。 +**Note**: {% data variables.product.prodname_codeql %} analysis for Ruby is currently in beta. During the beta, analysis of Ruby will be less comprehensive than {% data variables.product.prodname_codeql %} analysis of other languages. {% endnote %} -有关详细信息,请参阅 {% data variables.product.prodname_codeql %} 网站上的文档:“[支持的语言和框架](https://codeql.github.com/docs/codeql-overview/supported-languages-and-frameworks/)”。 +For more information, see the documentation on the {% data variables.product.prodname_codeql %} website: "[Supported languages and frameworks](https://codeql.github.com/docs/codeql-overview/supported-languages-and-frameworks/)." {% endif %} diff --git a/translations/zh-CN/data/reusables/code-scanning/codeql-languages-keywords.md b/translations/zh-CN/data/reusables/code-scanning/codeql-languages-keywords.md index 8673bc9416..78a94f8656 100644 --- a/translations/zh-CN/data/reusables/code-scanning/codeql-languages-keywords.md +++ b/translations/zh-CN/data/reusables/code-scanning/codeql-languages-keywords.md @@ -1,9 +1 @@ ---- -ms.openlocfilehash: b51134e4bf7c511cd72b9366e3c3f8bf397d64d1 -ms.sourcegitcommit: 80842b4e4c500daa051eff0ccd7cde91c2d4bb36 -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/12/2022 -ms.locfileid: "145098220" ---- -`cpp`、`csharp`、`go`、`java`、`javascript`、{% ifversion fpt or ghes > 3.3 or ghae-issue-5017 %}`python` 和 `ruby`{% else %}和 `python`{% endif %} +`cpp`, `csharp`, `go`, `java`, `javascript`,{% ifversion fpt or ghes > 3.3 or ghae > 3.3 %} `python`, and `ruby`{% else %} and `python`{% endif %} diff --git a/translations/zh-CN/data/reusables/dependabot/beta-security-and-version-updates.md b/translations/zh-CN/data/reusables/dependabot/beta-security-and-version-updates.md index 48c1152d9a..d1a685249b 100644 --- a/translations/zh-CN/data/reusables/dependabot/beta-security-and-version-updates.md +++ b/translations/zh-CN/data/reusables/dependabot/beta-security-and-version-updates.md @@ -1,25 +1,21 @@ ---- -ms.openlocfilehash: 7738a575f826bf2c1f4d8c9ca332ac92646e88b8 -ms.sourcegitcommit: fb047f9450b41b24afc43d9512a5db2a2b750a2a -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/11/2022 -ms.locfileid: "145129910" ---- {% ifversion ghes > 3.2 and ghes < 3.5 %} -{% note %} {% ifversion ghes = 3.4 %} 注意:{% data variables.product.prodname_dependabot %} 安全和版本更新目前为公共 beta 版本,可能会随时更改。 -{% else %} 注意:{% data variables.product.prodname_dependabot %} 安全和版本更新目前为专用 beta 版本,可能会随时更改。 有关如何启用 Dependabot 更新的说明,请[联系帐户管理团队](https://enterprise.github.com/contact)。 +{% note %} +{% ifversion ghes = 3.4 %} +**Note:** {% data variables.product.prodname_dependabot %} security and version updates are currently in public beta and subject to change. +{% else %} +**Note:** {% data variables.product.prodname_dependabot %} security and version updates are currently in private beta and subject to change. Please [contact your account management team](https://enterprise.github.com/contact) for instructions on enabling Dependabot updates. {% endif %} {% endnote %} {% endif %} -{% ifversion ghae-issue-5867 %} +{% ifversion ghae = 3.4 %} {% note %} -注意:{% data variables.product.prodname_dependabot %} 安全和版本更新目前为公共 beta 版本,可能会随时更改。 +**Note:** {% data variables.product.prodname_dependabot %} security and version updates are currently in public beta and subject to change. -{% endnote %} {% endif %} +{% endnote %} +{% endif %} diff --git a/translations/zh-CN/data/reusables/dependabot/dependabot-secrets-button.md b/translations/zh-CN/data/reusables/dependabot/dependabot-secrets-button.md index 03c7686d40..8882ba3273 100644 --- a/translations/zh-CN/data/reusables/dependabot/dependabot-secrets-button.md +++ b/translations/zh-CN/data/reusables/dependabot/dependabot-secrets-button.md @@ -1,13 +1,6 @@ ---- -ms.openlocfilehash: b695c6a312fe02d09d6d00be769e52ca623b7a6c -ms.sourcegitcommit: fb047f9450b41b24afc43d9512a5db2a2b750a2a -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/11/2022 -ms.locfileid: "145129892" ---- -{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5658 %} -1. 在边栏的“安全性”部分中,选择“{% octicon "key-asterisk" aria-label="The key-asterisk icon" %} 机密”,然后单击“{% data variables.product.prodname_dependabot %}” 。 +{% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %} +1. In the "Security" section of the sidebar, select **{% octicon "key-asterisk" aria-label="The key-asterisk icon" %} Secrets**, then click **{% data variables.product.prodname_dependabot %}**. {% else %} -1. 在边栏中,单击“{% data variables.product.prodname_dependabot %}”。 - ![{% data variables.product.prodname_dependabot %} 机密边栏选项](/assets/images/enterprise/3.3/dependabot/dependabot-secrets.png) {% endif %} +1. In the sidebar, click **{% data variables.product.prodname_dependabot %}**. + ![{% data variables.product.prodname_dependabot %} secrets sidebar option](/assets/images/enterprise/3.3/dependabot/dependabot-secrets.png) +{% endif %} diff --git a/translations/zh-CN/data/reusables/dependabot/enabling-disabling-dependency-graph-private-repo.md b/translations/zh-CN/data/reusables/dependabot/enabling-disabling-dependency-graph-private-repo.md index e73356881b..5a91d324de 100644 --- a/translations/zh-CN/data/reusables/dependabot/enabling-disabling-dependency-graph-private-repo.md +++ b/translations/zh-CN/data/reusables/dependabot/enabling-disabling-dependency-graph-private-repo.md @@ -1,15 +1,10 @@ ---- -ms.openlocfilehash: a9678c48ca3bd557f99816ef21c70c2332fb4e46 -ms.sourcegitcommit: 47bd0e48c7dba1dde49baff60bc1eddc91ab10c5 -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/05/2022 -ms.locfileid: "145129890" ---- -仓库管理员可以启用或禁用私有仓库的依赖关系图。 +Repository administrators can enable or disable the dependency graph for private repositories. -您也可以为用户帐户或组织拥有的所有仓库启用或禁用依赖项图。 有关详细信息,请参阅“[配置依赖项关系图](/code-security/supply-chain-security/understanding-your-software-supply-chain/configuring-the-dependency-graph)”。 +You can also enable or disable the dependency graph for all repositories owned by your user account or organization. For more information, see "[Configuring the dependency graph](/code-security/supply-chain-security/understanding-your-software-supply-chain/configuring-the-dependency-graph)." -{% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-settings %} {% data reusables.repositories.navigate-to-code-security-and-analysis %} -4. 阅读有关授予 {% data variables.product.product_name %} 只读访问存储库数据的消息,以启用依赖项关系图,然后在“依赖项关系图”旁边单击“启用”。 - ![依赖项关系图的“启用”按钮](/assets/images/help/repository/dependency-graph-enable-button.png) 可以随时通过在{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5658 %}“代码安全性和分析。”{% else %}“安全性和分析。”{% endif %}的设置页面上单击“依赖项关系图”旁边的“禁用”来禁用依赖项关系图。 +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.sidebar-settings %} +{% data reusables.repositories.navigate-to-code-security-and-analysis %} +4. Read the message about granting {% data variables.product.product_name %} read-only access to the repository data to enable the dependency graph, then next to "Dependency Graph", click **Enable**. + !["Enable" button for the dependency graph](/assets/images/help/repository/dependency-graph-enable-button.png) + You can disable the dependency graph at any time by clicking **Disable** next to "Dependency Graph" on the settings page for {% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %}"Code security and analysis."{% else %}"Security & analysis."{% endif %} diff --git a/translations/zh-CN/data/reusables/enterprise-accounts/security-tab.md b/translations/zh-CN/data/reusables/enterprise-accounts/security-tab.md index 36f2a01533..86a4bbacdb 100644 --- a/translations/zh-CN/data/reusables/enterprise-accounts/security-tab.md +++ b/translations/zh-CN/data/reusables/enterprise-accounts/security-tab.md @@ -1,7 +1,7 @@ -{%- ifversion ghec or ghes > 3.4 or ghae-issue-7875 %} +{%- ifversion ghec or ghes > 3.4 or ghae > 3.4 %} 1. In the left sidebar, click **Authentication security**. {% ifversion ghae %}![Security tab in the enterprise account settings sidebar](/assets/images/enterprise/github-ae/enterprise-account-settings-authentication-security-tab.png){% else %}![Security tab in the enterprise account settings sidebar](/assets/images/help/business-accounts/enterprise-account-settings-authentication-security-tab.png){% endif %} {%- else %} 1. In the left sidebar, click **Security**. {% ifversion ghae %}![Security tab in the enterprise account settings sidebar](/assets/images/enterprise/github-ae/enterprise-account-settings-security-tab.png){% else %}![Security tab in the enterprise account settings sidebar](/assets/images/help/business-accounts/enterprise-account-settings-security-tab.png){% endif %} -{%- endif %} \ No newline at end of file +{%- endif %} diff --git a/translations/zh-CN/data/reusables/gated-features/dependency-vulnerable-calls.md b/translations/zh-CN/data/reusables/gated-features/dependency-vulnerable-calls.md index 6a8110b088..139e3862ba 100644 --- a/translations/zh-CN/data/reusables/gated-features/dependency-vulnerable-calls.md +++ b/translations/zh-CN/data/reusables/gated-features/dependency-vulnerable-calls.md @@ -1,17 +1,13 @@ ---- -ms.openlocfilehash: 91884dc1aa5c5b0b3d32593edfb1927e6c75592f -ms.sourcegitcommit: 47bd0e48c7dba1dde49baff60bc1eddc91ab10c5 -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/05/2022 -ms.locfileid: "145097600" ---- -{%- ifversion fpt %} 在公共存储库上启用对易受攻击的调用的检测。 此分析也可用于使用 {% data variables.product.prodname_ghe_cloud %} 并获得 {% data variables.product.prodname_GH_advanced_security %} 许可的组织所拥有的专用存储库。 +{%- ifversion fpt %} +Detection of vulnerable calls is enabled on public repositories. This analysis is also available in private repositories owned by organizations that use {% data variables.product.prodname_ghe_cloud %} and have licensed {% data variables.product.prodname_GH_advanced_security %}. -{%- elsif ghec %} 对易受攻击的调用的检测包含在公共存储库的 {% data variables.product.product_name %} 中。 要在组织拥有的专用存储库中检测易受攻击的调用,你的组织必须具有 {% data variables.product.prodname_GH_advanced_security %} 的许可证。 +{%- elsif ghec %} +Detection of vulnerable calls is included in {% data variables.product.product_name %} for public repositories. To detect vulnerable calls in private repositories owned by organizations, your organization must have a license for {% data variables.product.prodname_GH_advanced_security %}. -{%- elsif ghes > 3.5 %} 对易受攻击的调用的检测可用于 {% data variables.product.product_name %} 中的组织拥有的存储库。 此功能需要 {% data variables.product.prodname_GH_advanced_security %} 的许可证。 +{%- elsif ghes > 3.5 %} +Detection of vulnerable calls is available for organization-owned repositories in {% data variables.product.product_name %}. This feature requires a license for {% data variables.product.prodname_GH_advanced_security %}. -{%- elsif ghae-issue-6076 %} 对易受攻击的调用的检测可用于 {% data variables.product.product_name %} 中的组织拥有的存储库。 这是一个 {% data variables.product.prodname_GH_advanced_security %} 功能(在 beta 版本期间免费)。 +{%- elsif ghae > 3.5 %} +Detection of vulnerable calls is available for organization-owned repositories in {% data variables.product.product_name %}. This is a {% data variables.product.prodname_GH_advanced_security %} feature (free during the beta release). {%- endif %} {% data reusables.advanced-security.more-info-ghas %} diff --git a/translations/zh-CN/data/reusables/organizations/billing_plans.md b/translations/zh-CN/data/reusables/organizations/billing_plans.md index f6b823312a..e7f421ccbc 100644 --- a/translations/zh-CN/data/reusables/organizations/billing_plans.md +++ b/translations/zh-CN/data/reusables/organizations/billing_plans.md @@ -1,13 +1,6 @@ ---- -ms.openlocfilehash: a0be33fe07db61bee034a28d281318591ea7e411 -ms.sourcegitcommit: fcf3546b7cc208155fb8acdf68b81be28afc3d2d -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/10/2022 -ms.locfileid: "145100609" ---- -{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5658 %} -1. 在边栏的“访问”部分中,单击“{% octicon "credit-card" aria-label="The credit card icon" %} 帐单和计划”。 +{% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %} +1. In the "Access" section of the sidebar, click **{% octicon "credit-card" aria-label="The credit card icon" %} Billing and plans**. {% else %} -1. 在组织的“设置”边栏中,单击“账单和计划”。 -![帐单设置](/assets/images/help/billing/settings_organization_billing_plans_tab.png) {% endif %} +1. In your organization's Settings sidebar, click **Billing & plans**. +![Billing settings](/assets/images/help/billing/settings_organization_billing_plans_tab.png) +{% endif %} diff --git a/translations/zh-CN/data/reusables/organizations/github-apps-settings-sidebar.md b/translations/zh-CN/data/reusables/organizations/github-apps-settings-sidebar.md index a0ae34c88a..439e009ac0 100644 --- a/translations/zh-CN/data/reusables/organizations/github-apps-settings-sidebar.md +++ b/translations/zh-CN/data/reusables/organizations/github-apps-settings-sidebar.md @@ -1,13 +1,6 @@ ---- -ms.openlocfilehash: 0747332c0a1381226ff218260b506f7623748db7 -ms.sourcegitcommit: fcf3546b7cc208155fb8acdf68b81be28afc3d2d -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/10/2022 -ms.locfileid: "145100568" ---- -{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5658 %} -1. 在左侧边栏中,选择“{% octicon "code" aria-label="The code icon" %} 开发人员设置”,然后单击“{% data variables.product.prodname_github_apps %}” 。 +{% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %} +1. In the left sidebar, select **{% octicon "code" aria-label="The code icon" %} Developer settings** then click **{% data variables.product.prodname_github_apps %}**. {% else %} -1. 在左侧边栏中,单击“{% data variables.product.prodname_github_apps %}”。 -![{% data variables.product.prodname_github_apps %} 设置](/assets/images/help/organizations/github-apps-settings-sidebar.png) {% endif %} +1. In the left sidebar, click **{% data variables.product.prodname_github_apps %}**. +![{% data variables.product.prodname_github_apps %} settings](/assets/images/help/organizations/github-apps-settings-sidebar.png) +{% endif %} diff --git a/translations/zh-CN/data/reusables/organizations/member-privileges.md b/translations/zh-CN/data/reusables/organizations/member-privileges.md index 07536fff04..3fe439b170 100644 --- a/translations/zh-CN/data/reusables/organizations/member-privileges.md +++ b/translations/zh-CN/data/reusables/organizations/member-privileges.md @@ -1,13 +1,6 @@ ---- -ms.openlocfilehash: 2f7a3674b3d92f3785d3f8a4ada53004ee8554d5 -ms.sourcegitcommit: fcf3546b7cc208155fb8acdf68b81be28afc3d2d -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/10/2022 -ms.locfileid: "145100553" ---- -{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5658 %} -1. 在侧边栏的“访问”部分,单击“{% octicon "people" aria-label="The people icon" %} 成员权限”。 +{% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %} +1. In the "Access" section of the sidebar, click **{% octicon "people" aria-label="The people icon" %} Member privileges**. {% else %} -4. 在左侧边栏中,单击“成员权限”。 -![组织设置中的成员权限选项](/assets/images/help/organizations/org-settings-member-privileges.png) {% endif %} +4. In the left sidebar, click **Member privileges**. +![Member privileges option in org settings](/assets/images/help/organizations/org-settings-member-privileges.png) +{% endif %} diff --git a/translations/zh-CN/data/reusables/organizations/repository-defaults.md b/translations/zh-CN/data/reusables/organizations/repository-defaults.md index c8e69ba431..bb34fffba4 100644 --- a/translations/zh-CN/data/reusables/organizations/repository-defaults.md +++ b/translations/zh-CN/data/reusables/organizations/repository-defaults.md @@ -1,13 +1,6 @@ ---- -ms.openlocfilehash: c0c54b40cc265c869a71ab46a7de131396226fff -ms.sourcegitcommit: fcf3546b7cc208155fb8acdf68b81be28afc3d2d -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/10/2022 -ms.locfileid: "145100492" ---- -{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5658 %} -1. 在侧边栏的“代码、规划和自动化”部分,选择“{% octicon "repo" aria-label="The repo icon" %} 存储库”,然后单击“存储库默认值” 。 +{% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %} +1. In the "Code, planning, and automation" section of the sidebar, select **{% octicon "repo" aria-label="The repo icon" %} Repository**, then click **Repository defaults**. {% else %} -1. 在左侧边栏中,单击“存储库默认值”。 - ![“存储库默认值”选项卡](/assets/images/help/organizations/repo-defaults-tab.png) {% endif %} +1. In the left sidebar, click **Repository defaults**. + ![Repository defaults tab](/assets/images/help/organizations/repo-defaults-tab.png) +{% endif %} diff --git a/translations/zh-CN/data/reusables/organizations/security-and-analysis.md b/translations/zh-CN/data/reusables/organizations/security-and-analysis.md index 1806cbda31..5954398bf5 100644 --- a/translations/zh-CN/data/reusables/organizations/security-and-analysis.md +++ b/translations/zh-CN/data/reusables/organizations/security-and-analysis.md @@ -1,13 +1,6 @@ ---- -ms.openlocfilehash: f7cdac66bd6f098ee1d58be046ad0038a56f20a9 -ms.sourcegitcommit: 9a7b3a9ccb983af5df2cd94da7fecf7a8237529b -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/09/2022 -ms.locfileid: "147875998" ---- -{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5658 %} -1. 在边栏的“安全性”部分中,单击“{% octicon "codescan" aria-label="The codescan icon" %} 代码安全性和分析”。 +{% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %} +1. In the "Security" section of the sidebar, click **{% octicon "codescan" aria-label="The codescan icon" %} Code security and analysis**. {% else %} -1. 在左侧边栏中,单击“安全性和分析”。 - ![组织设置中的“安全性和分析”选项卡](/assets/images/help/organizations/org-settings-security-and-analysis.png) {% endif %} +1. In the left sidebar, click **Security & analysis**. + !["Security & analysis" tab in organization settings](/assets/images/help/organizations/org-settings-security-and-analysis.png) +{% endif %} diff --git a/translations/zh-CN/data/reusables/organizations/security.md b/translations/zh-CN/data/reusables/organizations/security.md index f58470ea86..ac736ecebb 100644 --- a/translations/zh-CN/data/reusables/organizations/security.md +++ b/translations/zh-CN/data/reusables/organizations/security.md @@ -1,14 +1,7 @@ ---- -ms.openlocfilehash: 1099df2d84425283e75cf69037268205f51a852f -ms.sourcegitcommit: fb047f9450b41b24afc43d9512a5db2a2b750a2a -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/10/2022 -ms.locfileid: "145100471" ---- -{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5658 %} -1. 在侧边栏的“安全性”部分中,单击“{% octicon "shield-lock" aria-label="The shield-lock icon" %} 身份验证安全性”。 +{% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %} +1. In the "Security" section of the sidebar, click **{% octicon "shield-lock" aria-label="The shield-lock icon" %} Authentication security**. {% else %} -1. 在左侧边栏中,单击“组织安全性”。 +1. In the left sidebar, click **Organization security**. - ![“组织安全性”设置](/assets/images/help/organizations/org-security-settings-tab.png) {% endif %} + ![Organization security settings](/assets/images/help/organizations/org-security-settings-tab.png) +{% endif %} diff --git a/translations/zh-CN/data/reusables/organizations/teams_sidebar.md b/translations/zh-CN/data/reusables/organizations/teams_sidebar.md index 8913d596b1..2c794e3789 100644 --- a/translations/zh-CN/data/reusables/organizations/teams_sidebar.md +++ b/translations/zh-CN/data/reusables/organizations/teams_sidebar.md @@ -1,13 +1,6 @@ ---- -ms.openlocfilehash: 8573139452da85d549ca0fd3d2ef895665586d6c -ms.sourcegitcommit: fb047f9450b41b24afc43d9512a5db2a2b750a2a -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/10/2022 -ms.locfileid: "145100428" ---- -{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5658 %} -1. 在边栏的“访问”部分,单击“{% octicon "comment-discussion" aria-label="The comment-discussion icon" %} 团队讨论”。 +{% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %} +1. In the "Access" section of the sidebar, click **{% octicon "comment-discussion" aria-label="The comment-discussion icon" %} Team discussions**. {% else %} -1. 在“设置”边栏中,单击“团队”。 - ![组织设置侧边栏中的“团队”选项卡](/assets/images/help/settings/settings-sidebar-team-settings.png) {% endif %} +1. In the Settings sidebar, click **Teams**. + ![Teams tab in the organization settings sidebar](/assets/images/help/settings/settings-sidebar-team-settings.png) +{% endif %} diff --git a/translations/zh-CN/data/reusables/organizations/verified-domains.md b/translations/zh-CN/data/reusables/organizations/verified-domains.md index ee49342771..ca6ecc74c2 100644 --- a/translations/zh-CN/data/reusables/organizations/verified-domains.md +++ b/translations/zh-CN/data/reusables/organizations/verified-domains.md @@ -1,13 +1,6 @@ ---- -ms.openlocfilehash: e364b9fab16dad02c62aef3c1cef090b32748598 -ms.sourcegitcommit: fb047f9450b41b24afc43d9512a5db2a2b750a2a -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/11/2022 -ms.locfileid: "145100414" ---- -{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5658 %} -1. 在边栏的"安全性"部分中,单击“{% octicon "verified" aria-label="The verified icon" %} 已验证和已批准的域”。 +{% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %} +1. In the "Security" section of the sidebar, click **{% octicon "verified" aria-label="The verified icon" %} Verified and approved domains**. {% else %} -1. 在左侧边栏中,单击“已验证和已批准的域”。 -![“已验证和已批准的域”选项卡](/assets/images/help/organizations/verified-domains-button.png) {% endif %} +1. In the left sidebar, click **Verified & approved domains**. +!["Verified & approved domains" tab](/assets/images/help/organizations/verified-domains-button.png) +{% endif %} diff --git a/translations/zh-CN/data/reusables/pages/sidebar-pages.md b/translations/zh-CN/data/reusables/pages/sidebar-pages.md index 71d651c004..51f755936d 100644 --- a/translations/zh-CN/data/reusables/pages/sidebar-pages.md +++ b/translations/zh-CN/data/reusables/pages/sidebar-pages.md @@ -1,13 +1,6 @@ ---- -ms.openlocfilehash: 3c76af709ce01925719105ff361642b29d73b89c -ms.sourcegitcommit: fcf3546b7cc208155fb8acdf68b81be28afc3d2d -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/11/2022 -ms.locfileid: "145100274" ---- -{% ifversion fpt or ghes > 3.4 or ghec or ghae-issue-5658 %} -1. 在边栏的“代码和自动化”部分,单击“{% octicon "browser" aria-label="The browser icon" %} 页面”。 +{% ifversion fpt or ghes > 3.4 or ghec or ghae > 3.4 %} +1. In the "Code and automation" section of the sidebar, click **{% octicon "browser" aria-label="The browser icon" %} Pages**. {% else %} -1. 在左侧边栏中,单击“页面”。 - ![左侧边栏中的页面选项卡](/assets/images/help/pages/pages-tab.png) {% endif %} +1. In the left sidebar, click **Pages**. + ![Page tab in the left-hand sidebar](/assets/images/help/pages/pages-tab.png) +{% endif %} diff --git a/translations/zh-CN/data/reusables/repositories/changed-files.md b/translations/zh-CN/data/reusables/repositories/changed-files.md index ccda5c3b52..35f3c7b5e8 100644 --- a/translations/zh-CN/data/reusables/repositories/changed-files.md +++ b/translations/zh-CN/data/reusables/repositories/changed-files.md @@ -1,10 +1,2 @@ ---- -ms.openlocfilehash: 5f8e4f8f2605a42af16b26eed4efda7acba6e9e0 -ms.sourcegitcommit: fcf3546b7cc208155fb8acdf68b81be28afc3d2d -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/10/2022 -ms.locfileid: "145099476" ---- -1. 在拉取请求上,单击 {% octicon "diff" aria-label="The file diff icon" %}“文件已更改”。 - ![拉取请求文件已更改选项卡](/assets/images/help/pull_requests/pull-request-tabs-changed-files.png) +1. On the pull request, click {% octicon "file-diff" aria-label="The file diff icon" %} **Files changed**. + ![Pull Request Files changed tab](/assets/images/help/pull_requests/pull-request-tabs-changed-files.png) diff --git a/translations/zh-CN/data/reusables/repositories/navigate-to-code-security-and-analysis.md b/translations/zh-CN/data/reusables/repositories/navigate-to-code-security-and-analysis.md index b6352c1185..c1a1e6dfef 100644 --- a/translations/zh-CN/data/reusables/repositories/navigate-to-code-security-and-analysis.md +++ b/translations/zh-CN/data/reusables/repositories/navigate-to-code-security-and-analysis.md @@ -1,13 +1,6 @@ ---- -ms.openlocfilehash: ac92e2c65d54e8766eb6d8dc991b82265d5e5f0d -ms.sourcegitcommit: fb047f9450b41b24afc43d9512a5db2a2b750a2a -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/11/2022 -ms.locfileid: "145099446" ---- -{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5658 %} -1. 在边栏的“安全性”部分中,单击“{% octicon "codescan" aria-label="code security and analysis icon" %} 代码安全性和分析”。 +{% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %} +1. In the "Security" section of the sidebar, click **{% octicon "codescan" aria-label="code security and analysis icon" %} Code security and analysis**. {% else %} -1. 在左侧边栏中,单击“安全性和分析”。 - ![存储库设置中的“安全性和分析”选项卡](/assets/images/help/repository/security-and-analysis-tab.png) {% endif %} +1. In the left sidebar, click **Security & analysis**. + !["Security & analysis" tab in repository settings](/assets/images/help/repository/security-and-analysis-tab.png) +{% endif %} diff --git a/translations/zh-CN/data/reusables/repositories/repository-branches.md b/translations/zh-CN/data/reusables/repositories/repository-branches.md index 69420fb4ee..3b0b72e5a1 100644 --- a/translations/zh-CN/data/reusables/repositories/repository-branches.md +++ b/translations/zh-CN/data/reusables/repositories/repository-branches.md @@ -1,13 +1,6 @@ ---- -ms.openlocfilehash: ede6954e9d0e5ead951fc229e0e8f14920a5dec4 -ms.sourcegitcommit: 47bd0e48c7dba1dde49baff60bc1eddc91ab10c5 -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/05/2022 -ms.locfileid: "145099425" ---- -{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5658 %} -1. 在边栏的“代码和自动化”部分中,单击“{% octicon "git-branch" aria-label="The git-branch icon" %} 分支”。 +{% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %} +1. In the "Code and automation" section of the sidebar, click **{% octicon "git-branch" aria-label="The git-branch icon" %} Branches**. {% else %} -1. 在左侧菜单中,单击“分支”。 -![存储库选项子菜单](/assets/images/help/repository/repository-options-branch.png) {% endif %} +1. In the left menu, click **Branches**. +![Repository options sub-menu](/assets/images/help/repository/repository-options-branch.png) +{% endif %} diff --git a/translations/zh-CN/data/reusables/repositories/sidebar-notifications.md b/translations/zh-CN/data/reusables/repositories/sidebar-notifications.md index 9ee421b9b4..c2070bd5cd 100644 --- a/translations/zh-CN/data/reusables/repositories/sidebar-notifications.md +++ b/translations/zh-CN/data/reusables/repositories/sidebar-notifications.md @@ -1,13 +1,6 @@ ---- -ms.openlocfilehash: 1da8beaeeff17f9e824bbbc71cf83d0f9e965b75 -ms.sourcegitcommit: fcf3546b7cc208155fb8acdf68b81be28afc3d2d -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/11/2022 -ms.locfileid: "147884937" ---- -{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5658 %} -1. 在侧边栏的“集成”部分,单击“{% octicon "mail" aria-label="The mail icon" %} 电子邮件通知”。 +{% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %} +1. In the "Integrations" section of the sidebar, click **{% octicon "mail" aria-label="The mail icon" %} Email notifications**. {% else %} -1. 单击“通知”。 -![侧边栏中的通知按钮](/assets/images/help/settings/notifications_menu.png) {% endif %} +1. Click **Notifications**. +![Notifications button in sidebar](/assets/images/help/settings/notifications_menu.png) +{% endif %} diff --git a/translations/zh-CN/data/reusables/repositories/suggest-changes.md b/translations/zh-CN/data/reusables/repositories/suggest-changes.md index 65ea35d0db..216fdd9ed7 100644 --- a/translations/zh-CN/data/reusables/repositories/suggest-changes.md +++ b/translations/zh-CN/data/reusables/repositories/suggest-changes.md @@ -1,10 +1,2 @@ ---- -ms.openlocfilehash: caceb429327fac3fb540a78e363c70e13f5afcf2 -ms.sourcegitcommit: fcf3546b7cc208155fb8acdf68b81be28afc3d2d -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/10/2022 -ms.locfileid: "145099366" ---- -1. (可选)要建议对一行或多行进行特定更改,请单击 {% octicon "diff" aria-label="The diff symbol" %},然后对建议块中的文本进行编辑。 -![建议块](/assets/images/help/pull_requests/suggestion-block.png) +1. Optionally, to suggest a specific change to the line or lines, click {% octicon "file-diff" aria-label="The file diff icon" %}, then edit the text within the suggestion block. +![Suggestion block](/assets/images/help/pull_requests/suggestion-block.png) diff --git a/translations/zh-CN/data/reusables/secret-scanning/partner-secret-list-private-repo.md b/translations/zh-CN/data/reusables/secret-scanning/partner-secret-list-private-repo.md index 2cfc5faf99..a967d039cf 100644 --- a/translations/zh-CN/data/reusables/secret-scanning/partner-secret-list-private-repo.md +++ b/translations/zh-CN/data/reusables/secret-scanning/partner-secret-list-private-repo.md @@ -6,7 +6,7 @@ Adobe | Adobe Service Token | adobe_service_token Adobe | Adobe Short-Lived Access Token | adobe_short_lived_access_token Adobe | Adobe JSON Web Token | adobe_jwt Alibaba Cloud | Alibaba Cloud Access Key ID with Alibaba Cloud Access Key Secret| alibaba_cloud_access_key_id
alibaba_cloud_access_key_secret -{%- ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5845 %} +{%- ifversion fpt or ghec or ghes > 3.3 or ghae > 3.3 %} Amazon | Amazon OAuth Client ID with Amazon OAuth Client Secret | amazon_oauth_client_id
amazon_oauth_client_secret{% endif %} Amazon Web Services (AWS) | Amazon AWS Access Key ID with Amazon AWS Secret Access Key | aws_access_key_id
aws_secret_access_key {%- ifversion fpt or ghec or ghes > 3.2 or ghae %} @@ -15,16 +15,16 @@ Asana | Asana Personal Access Token | asana_personal_access_token Atlassian | Atlassian API Token | atlassian_api_token Atlassian | Atlassian JSON Web Token | atlassian_jwt Atlassian | Bitbucket Server Personal Access Token | bitbucket_server_personal_access_token -{%- ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5845 %} +{%- ifversion fpt or ghec or ghes > 3.3 or ghae > 3.3 %} Azure | Azure Active Directory Application Secret | azure_active_directory_application_secret{% endif %} -{%- ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5845 %} +{%- ifversion fpt or ghec or ghes > 3.3 or ghae > 3.3 %} Azure | Azure Cache for Redis Access Key | azure_cache_for_redis_access_key{% endif %} Azure | Azure DevOps Personal Access Token | azure_devops_personal_access_token -{%- ifversion fpt or ghec or ghes > 3.8 or ghae-issue-8122 %} +{%- ifversion fpt or ghec or ghes > 3.8 or ghae > 3.8 %} Azure | Azure ML Studio (classic) Web Service Key | azure_ml_studio_classic_web_service_key{% endif %} Azure | Azure SAS Token | azure_sas_token Azure | Azure Service Management Certificate | azure_management_certificate -{%- ifversion ghes < 3.4 or ghae or ghae-issue-5342 %} +{%- ifversion ghes < 3.4 or ghae < 3.4 %} Azure | Azure SQL Connection String | azure_sql_connection_string{% endif %} Azure | Azure Storage Account Key | azure_storage_account_key {%- ifversion fpt or ghec or ghes > 3.2 or ghae %} @@ -36,7 +36,7 @@ CloudBees CodeShip | CloudBees CodeShip Credential | codeship_credential {%- ifversion fpt or ghec or ghes > 3.2 or ghae %} Contentful | Contentful Personal Access Token | contentful_personal_access_token{% endif %} Databricks | Databricks Access Token | databricks_access_token -{%- ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6944 %} +{%- ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %} DigitalOcean | DigitalOcean Personal Access Token | digitalocean_personal_access_token DigitalOcean | DigitalOcean OAuth Token | digitalocean_oauth_token DigitalOcean | DigitalOcean Refresh Token | digitalocean_refresh_token @@ -68,7 +68,7 @@ GitHub | GitHub OAuth Access Token | github_oauth_access_token GitHub | GitHub Refresh Token | github_refresh_token GitHub | GitHub App Installation Access Token | github_app_installation_access_token GitHub | GitHub SSH Private Key | github_ssh_private_key -{%- ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5845 %} +{%- ifversion fpt or ghec or ghes > 3.3 or ghae > 3.3 %} GitLab | GitLab Access Token | gitlab_access_token{% endif %} GoCardless | GoCardless Live Access Token | gocardless_live_access_token GoCardless | GoCardless Sandbox Access Token | gocardless_sandbox_access_token @@ -80,11 +80,11 @@ Google | Google Cloud Private Key ID | Google | Google Cloud Storage Service Account Access Key ID with Google Cloud Storage Access Key Secret | google_cloud_storage_service_account_access_key_id
google_cloud_storage_access_key_secret{% endif %} {%- ifversion fpt or ghec or ghes > 3.2 or ghae %} Google | Google Cloud Storage User Access Key ID with Google Cloud Storage Access Key Secret | google_cloud_storage_user_access_key_id
google_cloud_storage_access_key_secret{% endif %} -{%- ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5845 %} +{%- ifversion fpt or ghec or ghes > 3.3 or ghae > 3.3 %} Google | Google OAuth Access Token | google_oauth_access_token{% endif %} -{%- ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5845 %} +{%- ifversion fpt or ghec or ghes > 3.3 or ghae > 3.3 %} Google | Google OAuth Client ID with Google OAuth Client Secret | google_oauth_client_id
google_oauth_client_secret{% endif %} -{%- ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5845 %} +{%- ifversion fpt or ghec or ghes > 3.3 or ghae > 3.3 %} Google | Google OAuth Refresh Token | google_oauth_refresh_token{% endif %} Grafana | Grafana API Key | grafana_api_key HashiCorp | Terraform Cloud / Enterprise API Token | terraform_api_token @@ -94,7 +94,7 @@ Hubspot | Hubspot API Key | hubspot_api_key Intercom | Intercom Access Token | intercom_access_token Ionic | Ionic Personal Access Token | ionic_personal_access_token Ionic | Ionic Refresh Token | ionic_refresh_token -{%- ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6944 %} +{%- ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %} JD Cloud | JD Cloud Access Key | jd_cloud_access_key{% endif %} {%- ifversion fpt or ghec or ghes > 3.2 or ghae %} JFrog | JFrog Platform Access Token | jfrog_platform_access_token{% endif %} @@ -106,13 +106,13 @@ Lob | Lob Live API Key | lob_live_api_key Lob | Lob Test API Key | lob_test_api_key Mailchimp | Mailchimp API Key | mailchimp_api_key Mailgun | Mailgun API Key | mailgun_api_key -{%- ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5845 %} +{%- ifversion fpt or ghec or ghes > 3.3 or ghae > 3.3 %} Mapbox | Mapbox Secret Access Token | mapbox_secret_access_token{% endif %} MessageBird | MessageBird API Key | messagebird_api_key Meta | Facebook Access Token | facebook_access_token -{%- ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5845 %} +{%- ifversion fpt or ghec or ghes > 3.3 or ghae > 3.3 %} Midtrans | Midtrans Production Server Key | midtrans_production_server_key{% endif %} -{%- ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5845 %} +{%- ifversion fpt or ghec or ghes > 3.3 or ghae > 3.3 %} Midtrans | Midtrans Sandbox Server Key | midtrans_sandbox_server_key{% endif %} {%- ifversion fpt or ghec or ghes > 3.2 or ghae %} New Relic | New Relic Personal API Key | new_relic_personal_api_key{% endif %} @@ -122,13 +122,13 @@ New Relic | New Relic REST API Key | new_relic_rest_api_key{% endif %} New Relic | New Relic Insights Query Key | new_relic_insights_query_key{% endif %} {%- ifversion fpt or ghec or ghes > 3.2 or ghae %} New Relic | New Relic License Key | new_relic_license_key{% endif %} -{%- ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5845 %} +{%- ifversion fpt or ghec or ghes > 3.3 or ghae > 3.3 %} Notion | Notion Integration Token | notion_integration_token{% endif %} -{%- ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5845 %} +{%- ifversion fpt or ghec or ghes > 3.3 or ghae > 3.3 %} Notion | Notion OAuth Client Secret | notion_oauth_client_secret{% endif %} npm | npm Access Token | npm_access_token NuGet | NuGet API Key | nuget_api_key -{%- ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5845 %} +{%- ifversion fpt or ghec or ghes > 3.3 or ghae > 3.3 %} Octopus Deploy | Octopus Deploy API Key | octopus_deploy_api_key{% endif %} Onfido | Onfido Live API Token | onfido_live_api_token Onfido | Onfido Sandbox API Token | onfido_sandbox_api_token @@ -143,7 +143,7 @@ PlanetScale | PlanetScale Service Token | planetscale_service_token{% endif %} {%- ifversion fpt or ghec or ghes > 3.2 or ghae %} Plivo | Plivo Auth ID with Plivo Auth Token | plivo_auth_id
plivo_auth_token{% endif %} Postman | Postman API Key | postman_api_key -{%- ifversion fpt or ghec or ghes > 3.6 or ghae-issue-7456 %} +{%- ifversion fpt or ghec or ghes > 3.6 or ghae > 3.6 %} Prefect | Prefect Server API Key | prefect_server_api_key Prefect | Prefect User API Key | prefect_user_api_key{% endif %} Proctorio | Proctorio Consumer Key | proctorio_consumer_key @@ -152,14 +152,14 @@ Proctorio | Proctorio Registration Key | proctorio_registration_key Proctorio | Proctorio Secret Key | proctorio_secret_key Pulumi | Pulumi Access Token | pulumi_access_token PyPI | PyPI API Token | pypi_api_token -{%- ifversion fpt or ghec or ghes > 3.6 or ghae-issue-7456 %} +{%- ifversion fpt or ghec or ghes > 3.6 or ghae > 3.6 %} ReadMe | ReadMe API Access Key | readmeio_api_access_token{% endif %} -{%- ifversion fpt or ghec or ghes > 3.5 or ghae-issue-7375 %} +{%- ifversion fpt or ghec or ghes > 3.5 or ghae > 3.5 %} redirect.pizza | redirect.pizza API Token | redirect_pizza_api_token{% endif %} RubyGems | RubyGems API Key | rubygems_api_key Samsara | Samsara API Token | samsara_api_token Samsara | Samsara OAuth Access Token | samsara_oauth_access_token -{%- ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6944 %} +{%- ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %} Segment | Segment Public API Token | segment_public_api_token{% endif %} SendGrid | SendGrid API Key | sendgrid_api_key {%- ifversion fpt or ghec or ghes > 3.2 or ghae %} @@ -168,13 +168,13 @@ Sendinblue | Sendinblue API Key | sendinblue_api_key{% endif %} Sendinblue | Sendinblue SMTP Key | sendinblue_smtp_key{% endif %} Shippo | Shippo Live API Token | shippo_live_api_token Shippo | Shippo Test API Token | shippo_test_api_token -{%- ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6944 %} +{%- ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %} Shopify | Shopify App Client Credentials | shopify_app_client_credentials Shopify | Shopify App Client Secret | shopify_app_client_secret{% endif %} Shopify | Shopify App Shared Secret | shopify_app_shared_secret Shopify | Shopify Access Token | shopify_access_token Shopify | Shopify Custom App Access Token | shopify_custom_app_access_token -{%- ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6944 %} +{%- ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %} Shopify | Shopify Merchant Token | shopify_merchant_token Shopify | Shopify Marketplace Token | shopify_marketplace_token Shopify | Shopify Partner API Token | shopify_partner_api_token{% endif %} @@ -182,11 +182,11 @@ Shopify | Shopify Private App Password | shopify_private_app_password Slack | Slack API Token | slack_api_token Slack | Slack Incoming Webhook URL | slack_incoming_webhook_url Slack | Slack Workflow Webhook URL | slack_workflow_webhook_url -{%- ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5845 %} +{%- ifversion fpt or ghec or ghes > 3.3 or ghae > 3.3 %} Square | Square Access Token | square_access_token{% endif %} -{%- ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5845 %} +{%- ifversion fpt or ghec or ghes > 3.3 or ghae > 3.3 %} Square | Square Production Application Secret | square_production_application_secret{% endif %} -{%- ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5845 %} +{%- ifversion fpt or ghec or ghes > 3.3 or ghae > 3.3 %} Square | Square Sandbox Application Secret | square_sandbox_application_secret{% endif %} SSLMate | SSLMate API Key | sslmate_api_key SSLMate | SSLMate Cluster Secret | sslmate_cluster_secret @@ -196,36 +196,36 @@ Stripe | Stripe Test API Secret Key | stripe_test_secret_key Stripe | Stripe Live API Restricted Key | stripe_live_restricted_key Stripe | Stripe Test API Restricted Key | stripe_test_restricted_key Stripe | Stripe Webhook Signing Secret | stripe_webhook_signing_secret -{%- ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5845 %} +{%- ifversion fpt or ghec or ghes > 3.3 or ghae > 3.3 %} Supabase | Supabase Service Key | supabase_service_key{% endif %} Tableau | Tableau Personal Access Token | tableau_personal_access_token Telegram | Telegram Bot Token | telegram_bot_token Tencent Cloud | Tencent Cloud Secret ID | tencent_cloud_secret_id -{%- ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5845 %} +{%- ifversion fpt or ghec or ghes > 3.3 or ghae > 3.3 %} Twilio | Twilio Access Token | twilio_access_token{% endif %} Twilio | Twilio Account String Identifier | twilio_account_sid Twilio | Twilio API Key | twilio_api_key -{%- ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5845 %} +{%- ifversion fpt or ghec or ghes > 3.3 or ghae > 3.3 %} Typeform | Typeform Personal Access Token | typeform_personal_access_token{% endif %} -{%- ifversion fpt or ghec or ghes > 3.6 or ghae-issue-7456 %} +{%- ifversion fpt or ghec or ghes > 3.6 or ghae > 3.6 %} Uniwise | WISEflow API Key | wiseflow_api_key{% endif %} -{%- ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6944 %} +{%- ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %} WorkOS | WorkOS Production API Key | workos_production_api_key{% endif %} -{%- ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6944 %} +{%- ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %} WorkOS | WorkOS Staging API Key | workos_staging_api_key{% endif %} -{%- ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5845 %} +{%- ifversion fpt or ghec or ghes > 3.3 or ghae > 3.3 %} Yandex | Yandex.Cloud API Key | yandex_cloud_api_key{% endif %} -{%- ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5845 %} +{%- ifversion fpt or ghec or ghes > 3.3 or ghae > 3.3 %} Yandex | Yandex.Cloud IAM Cookie | yandex_cloud_iam_cookie{% endif %} -{%- ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5845 %} +{%- ifversion fpt or ghec or ghes > 3.3 or ghae > 3.3 %} Yandex | Yandex.Cloud IAM Token | yandex_cloud_iam_token{% endif %} -{%- ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5845 %} +{%- ifversion fpt or ghec or ghes > 3.3 or ghae > 3.3 %} Yandex | Yandex.Dictionary API Key | yandex_dictionary_api_key{% endif %} -{%- ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6944 %} +{%- ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %} Yandex | Yandex.Cloud Access Secret | yandex_iam_access_secret{% endif %} -{%- ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5845 %} +{%- ifversion fpt or ghec or ghes > 3.3 or ghae > 3.3 %} Yandex | Yandex.Predictor API Key | yandex_predictor_api_key{% endif %} -{%- ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5845 %} +{%- ifversion fpt or ghec or ghes > 3.3 or ghae > 3.3 %} Yandex | Yandex.Translate API Key | yandex_translate_api_key{% endif %} -{%- ifversion fpt or ghec or ghes > 3.6 or ghae-issue-7456 %} +{%- ifversion fpt or ghec or ghes > 3.6 or ghae > 3.6 %} Zuplo | Zuplo Consumer API Key | zuplo_consumer_api_key{% endif %} diff --git a/translations/zh-CN/data/reusables/secret-scanning/secret-list-private-push-protection.md b/translations/zh-CN/data/reusables/secret-scanning/secret-list-private-push-protection.md index d4aabbd3f9..74676aa525 100644 --- a/translations/zh-CN/data/reusables/secret-scanning/secret-list-private-push-protection.md +++ b/translations/zh-CN/data/reusables/secret-scanning/secret-list-private-push-protection.md @@ -10,9 +10,9 @@ Atlassian | Bitbucket Server Personal Access Token | bitbucket_server_personal_a Azure | Azure Active Directory Application Secret | azure_active_directory_application_secret Azure | Azure Cache for Redis Access Key | azure_cache_for_redis_access_key Azure | Azure DevOps Personal Access Token | azure_devops_personal_access_token -{%- ifversion fpt or ghec or ghes > 3.8 or ghae-issue-8122 %} +{%- ifversion fpt or ghec or ghes > 3.8 or ghae > 3.8 %} Azure | Azure ML Studio (classic) Web Service Key | azure_ml_studio_classic_web_service_key{% endif %} -{%- ifversion fpt or ghec or ghes > 3.6 or ghae-issue-7456 %} +{%- ifversion fpt or ghec or ghes > 3.6 or ghae > 3.6 %} Azure | Azure Storage Account Key | azure_storage_account_key{% endif %} Checkout.com | Checkout.com Production Secret Key | checkout_production_secret_key Clojars | Clojars Deploy Token | clojars_deploy_token @@ -43,7 +43,7 @@ Google | Google OAuth Client ID with Google OAuth Client Secret | google_oauth_c Grafana | Grafana API Key | grafana_api_key Hubspot | Hubspot API Key | hubspot_api_key Intercom | Intercom Access Token | intercom_access_token -{%- ifversion fpt or ghec or ghes > 3.6 or ghae-issue-7456 %} +{%- ifversion fpt or ghec or ghes > 3.6 or ghae > 3.6 %} JFrog | JFrog Platform Access Token | jfrog_platform_access_token JFrog | JFrog Platform API Key | jfrog_platform_api_key{% endif %} Ionic | Ionic Personal Access Token | ionic_personal_access_token @@ -62,13 +62,13 @@ PlanetScale | PlanetScale Database Password | planetscale_database_password PlanetScale | PlanetScale OAuth Token | planetscale_oauth_token PlanetScale | PlanetScale Service Token | planetscale_service_token Postman | Postman API Key | postman_api_key -{%- ifversion fpt or ghec or ghes > 3.6 or ghae-issue-7456 %} +{%- ifversion fpt or ghec or ghes > 3.6 or ghae > 3.6 %} Prefect | Prefect Server API Key | prefect_server_api_key Prefect | Prefect User API Key | prefect_user_api_key{% endif %} Proctorio | Proctorio Secret Key | proctorio_secret_key -{%- ifversion fpt or ghec or ghes > 3.6 or ghae-issue-7456 %} +{%- ifversion fpt or ghec or ghes > 3.6 or ghae > 3.6 %} ReadMe | ReadMe API Access Key | readmeio_api_access_token{% endif %} -{%- ifversion fpt or ghec or ghes > 3.5 or ghae-issue-7375 %} +{%- ifversion fpt or ghec or ghes > 3.5 or ghae > 3.5 %} redirect.pizza | redirect.pizza API Token | redirect_pizza_api_token{% endif %} Samsara | Samsara API Token | samsara_api_token Samsara | Samsara OAuth Access Token | samsara_oauth_access_token @@ -82,8 +82,8 @@ Slack | Slack API Token | slack_api_token Stripe | Stripe Live API Secret Key | stripe_api_key Tencent Cloud | Tencent Cloud Secret ID | tencent_cloud_secret_id Typeform | Typeform Personal Access Token | typeform_personal_access_token -{%- ifversion fpt or ghec or ghes > 3.6 or ghae-issue-7456 %} +{%- ifversion fpt or ghec or ghes > 3.6 or ghae > 3.6 %} Uniwise | WISEflow API Key | wiseflow_api_key{% endif %} WorkOS | WorkOS Production API Key | workos_production_api_key -{%- ifversion fpt or ghec or ghes > 3.6 or ghae-issue-7456 %} +{%- ifversion fpt or ghec or ghes > 3.6 or ghae > 3.6 %} Zuplo | Zuplo Consumer API Key | zuplo_consumer_api_key{% endif %} diff --git a/translations/zh-CN/data/reusables/security-overview/permissions.md b/translations/zh-CN/data/reusables/security-overview/permissions.md index 347ad78560..2cf85d19c5 100644 --- a/translations/zh-CN/data/reusables/security-overview/permissions.md +++ b/translations/zh-CN/data/reusables/security-overview/permissions.md @@ -1,9 +1 @@ ---- -ms.openlocfilehash: 35cfc33ddb95625a7414d8169c04ff284c73296c -ms.sourcegitcommit: fb047f9450b41b24afc43d9512a5db2a2b750a2a -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/10/2022 -ms.locfileid: "147168391" ---- -组织所有者和安全管理员可以访问组织的安全概述{% ifversion ghec or ghes > 3.4 or ghae-issue-6199 %}并通过企业级安全概述查看其组织的存储库。 企业所有者可以使用企业级安全概述查看其企业组织中的所有存储库{% endif %}。 团队成员可以看到团队具有管理权限的仓库的安全概述。 +Organization owners and security managers can access the security overview for organizations{% ifversion ghec or ghes > 3.4 or ghae > 3.4 %} and view their organization's repositories via the enterprise-level security overview. Enterprise owners can use the enterprise-level security overview to view all repositories in their enterprise's organizations{% endif %}. Members of a team can see the security overview for repositories that the team has admin privileges for. diff --git a/translations/zh-CN/data/reusables/user-settings/access_applications.md b/translations/zh-CN/data/reusables/user-settings/access_applications.md index 58fd44a378..7c28e18227 100644 --- a/translations/zh-CN/data/reusables/user-settings/access_applications.md +++ b/translations/zh-CN/data/reusables/user-settings/access_applications.md @@ -1,13 +1,6 @@ ---- -ms.openlocfilehash: 67be79166864dac50fcca20ee401acb3d63f9000 -ms.sourcegitcommit: fcf3546b7cc208155fb8acdf68b81be28afc3d2d -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/10/2022 -ms.locfileid: "145127398" ---- -{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5658 %} -1. 在边栏的“集成”部分中,单击 {% octicon "apps" aria-label="The apps icon" %}“应用程序”。 +{% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %} +1. In the "Integrations" section of the sidebar, click **{% octicon "apps" aria-label="The apps icon" %} Applications**. {% else %} -1. 在左侧边栏中,单击“应用程序”。 -![应用程序选项卡](/assets/images/help/settings/settings-applications.png) {% endif %} +1. In the left sidebar, click **Applications**. +![Applications tab](/assets/images/help/settings/settings-applications.png) +{% endif %} diff --git a/translations/zh-CN/data/reusables/user-settings/account_settings.md b/translations/zh-CN/data/reusables/user-settings/account_settings.md index a983d42e1f..6b28a06928 100644 --- a/translations/zh-CN/data/reusables/user-settings/account_settings.md +++ b/translations/zh-CN/data/reusables/user-settings/account_settings.md @@ -1,13 +1,6 @@ ---- -ms.openlocfilehash: 0c808548aece6e90bebe00a59b2a71cbb39f9ee6 -ms.sourcegitcommit: fb047f9450b41b24afc43d9512a5db2a2b750a2a -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/11/2022 -ms.locfileid: "145127390" ---- -{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5658 %} -1. 在左侧栏中,单击“{% octicon "gear" aria-label="The gear icon" %} 帐户”。 +{% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %} +1. In the left sidebar, click **{% octicon "gear" aria-label="The gear icon" %} Account**. {% else %} -1. 在左侧边栏中,单击“帐户”。 -![帐户设置菜单选项](/assets/images/help/settings/settings-sidebar-account-settings.png) {% endif %} +1. In the left sidebar, click **Account**. +![Account settings menu option](/assets/images/help/settings/settings-sidebar-account-settings.png) +{% endif %} diff --git a/translations/zh-CN/data/reusables/user-settings/appearance-settings.md b/translations/zh-CN/data/reusables/user-settings/appearance-settings.md index 41537a8e75..d85aea5bd5 100644 --- a/translations/zh-CN/data/reusables/user-settings/appearance-settings.md +++ b/translations/zh-CN/data/reusables/user-settings/appearance-settings.md @@ -1,14 +1,7 @@ ---- -ms.openlocfilehash: 8459caf17fd3cebbf545c085d1bbb8cc6a9b1f92 -ms.sourcegitcommit: fb047f9450b41b24afc43d9512a5db2a2b750a2a -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/11/2022 -ms.locfileid: "145084359" ---- -{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5658 %} -1. 在左侧边栏中,单击“{% octicon "paintbrush" aria-label="The paintbrush icon" %} 外观”。 +{% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %} +1. In the left sidebar, click **{% octicon "paintbrush" aria-label="The paintbrush icon" %} Appearance**. {% else %} -1. 在用户设置边栏中,单击“外观”。 +1. In the user settings sidebar, click **Appearance**. - ![用户设置侧边栏中的“外观”标签](/assets/images/help/settings/appearance-tab.png) {% endif %} + !["Appearance" tab in user settings sidebar](/assets/images/help/settings/appearance-tab.png) +{% endif %} diff --git a/translations/zh-CN/data/reusables/user-settings/developer_settings.md b/translations/zh-CN/data/reusables/user-settings/developer_settings.md index 5cdd1a8a3e..ab9e416284 100644 --- a/translations/zh-CN/data/reusables/user-settings/developer_settings.md +++ b/translations/zh-CN/data/reusables/user-settings/developer_settings.md @@ -1,13 +1,6 @@ ---- -ms.openlocfilehash: 3ea1abd965cdfa8bdc17eda8bf767293296b6b16 -ms.sourcegitcommit: 47bd0e48c7dba1dde49baff60bc1eddc91ab10c5 -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/05/2022 -ms.locfileid: "145097294" ---- -{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5658 %} -1. 在左侧边栏中,单击“{% octicon "code" aria-label="The code icon" %} 开发人员设置”。 +{% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %} +1. In the left sidebar, click **{% octicon "code" aria-label="The code icon" %} Developer settings**. {% else %} -1. 在左侧边栏中,单击“开发人员设置”。 - ![开发人员设置](/assets/images/help/settings/developer-settings.png) {% endif %} +1. In the left sidebar, click **Developer settings**. + ![Developer settings](/assets/images/help/settings/developer-settings.png) +{% endif %} diff --git a/translations/zh-CN/data/reusables/user-settings/emails.md b/translations/zh-CN/data/reusables/user-settings/emails.md index 4a58131774..fc8b1d772d 100644 --- a/translations/zh-CN/data/reusables/user-settings/emails.md +++ b/translations/zh-CN/data/reusables/user-settings/emails.md @@ -1,13 +1,6 @@ ---- -ms.openlocfilehash: ae1f58ea425d24487b2fde9468b5f0160699ca10 -ms.sourcegitcommit: 47bd0e48c7dba1dde49baff60bc1eddc91ab10c5 -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/05/2022 -ms.locfileid: "145097293" ---- -{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5658 %} -1. 在侧边栏的“访问”部分,单击“{% octicon "mail" aria-label="The mail icon" %} 电子邮件”。 +{% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %} +1. In the "Access" section of the sidebar, click **{% octicon "mail" aria-label="The mail icon" %} Emails**. {% else %} -1. 在左侧边栏中,单击“电子邮件”。 -![“电子邮件”选项卡](/assets/images/help/settings/settings-sidebar-emails.png) {% endif %} +1. In the left sidebar, click **Emails**. +![Emails tab](/assets/images/help/settings/settings-sidebar-emails.png) +{% endif %} diff --git a/translations/zh-CN/data/reusables/user-settings/organizations.md b/translations/zh-CN/data/reusables/user-settings/organizations.md index b43af4f3b4..beceae5f16 100644 --- a/translations/zh-CN/data/reusables/user-settings/organizations.md +++ b/translations/zh-CN/data/reusables/user-settings/organizations.md @@ -1,13 +1,6 @@ ---- -ms.openlocfilehash: 6ab95f9fbf36a001c3d1a38611e40bf39a661a09 -ms.sourcegitcommit: fcf3546b7cc208155fb8acdf68b81be28afc3d2d -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/10/2022 -ms.locfileid: "145099678" ---- -{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5658 %} -1. 在边栏的“访问”部分,单击“{% octicon "organization" aria-label="The organization icon" %} 组织”。 +{% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %} +1. In the "Access" section of the sidebar, click **{% octicon "organization" aria-label="The organization icon" %} Organizations**. {% else %} -1. 在用户设置边栏中,单击“组织”。 -![组织的用户设置](/assets/images/help/settings/settings-user-orgs.png) {% endif %} +1. In your user settings sidebar, click **Organizations**. +![User settings for organizations](/assets/images/help/settings/settings-user-orgs.png) +{% endif %} diff --git a/translations/zh-CN/data/reusables/user-settings/repo-tab.md b/translations/zh-CN/data/reusables/user-settings/repo-tab.md index e073d0cab7..dc3742b0ea 100644 --- a/translations/zh-CN/data/reusables/user-settings/repo-tab.md +++ b/translations/zh-CN/data/reusables/user-settings/repo-tab.md @@ -1,13 +1,6 @@ ---- -ms.openlocfilehash: 40effa4d5d2be43aa7998eea0871582bc2f49341 -ms.sourcegitcommit: 9a7b3a9ccb983af5df2cd94da7fecf7a8237529b -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/09/2022 -ms.locfileid: "147875981" ---- -{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5658 %} -1. 在侧边栏的“代码规划和自动化”部分中,单击“{% octicon "repo" aria-label="The repo icon" %} 存储库”。 +{% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %} +1. In the "Code planning, and automation" section of the sidebar, click **{% octicon "repo" aria-label="The repo icon" %} Repositories**. {% else %} -1. 在左侧边栏中,单击“存储库”。 - ![存储库选项卡](/assets/images/help/settings/repos-tab.png) {% endif %} +1. In the left sidebar, click **Repositories**. + ![Repositories tab](/assets/images/help/settings/repos-tab.png) +{% endif %} diff --git a/translations/zh-CN/data/reusables/user-settings/saved_replies.md b/translations/zh-CN/data/reusables/user-settings/saved_replies.md index 9d04156b7a..e8b515e328 100644 --- a/translations/zh-CN/data/reusables/user-settings/saved_replies.md +++ b/translations/zh-CN/data/reusables/user-settings/saved_replies.md @@ -1,13 +1,6 @@ ---- -ms.openlocfilehash: d345906d50c24d3054cdbfc5183bd4679b506aa3 -ms.sourcegitcommit: fb047f9450b41b24afc43d9512a5db2a2b750a2a -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/11/2022 -ms.locfileid: "145065697" ---- -{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5658 %} -1. 在边栏的“代码、规划和自动化”部分,单击“{% octicon "reply" aria-label="The reply icon" %} 已保存回复”。 +{% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %} +1. In the "Code, planning, and automation" section of the sidebar, click **{% octicon "reply" aria-label="The reply icon" %} Saved replies**. {% else %} -1. 在左侧栏中,单击“已保存回复”。 -![“已保存回复”选项卡](/assets/images/help/settings/saved-replies-tab.png) {% endif %} +1. In the left sidebar, click **Saved replies**. +![Saved replies tab](/assets/images/help/settings/saved-replies-tab.png) +{% endif %} diff --git a/translations/zh-CN/data/reusables/user-settings/security-analysis.md b/translations/zh-CN/data/reusables/user-settings/security-analysis.md index ccaaae1e3b..633c1d4071 100644 --- a/translations/zh-CN/data/reusables/user-settings/security-analysis.md +++ b/translations/zh-CN/data/reusables/user-settings/security-analysis.md @@ -1,13 +1,6 @@ ---- -ms.openlocfilehash: ee3cf27ccdea9537cc06019377637f939bf9abbc -ms.sourcegitcommit: fb047f9450b41b24afc43d9512a5db2a2b750a2a -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/11/2022 -ms.locfileid: "145065696" ---- -{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5658 %} -1. 在侧边栏的“安全性”部分中,单击“{% octicon "shield-lock" aria-label="The shield-lock icon" %} 代码安全性和分析”。 +{% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %} +1. In the "Security" section of the sidebar, click **{% octicon "shield-lock" aria-label="The shield-lock icon" %} Code security and analysis**. {% else %} -1. 在左侧边栏中,单击“安全性和分析”。 -![安全性和分析设置](/assets/images/help/settings/settings-sidebar-security-analysis.png) {% endif %} +1. In the left sidebar, click **Security & analysis**. +![Security and analysis settings](/assets/images/help/settings/settings-sidebar-security-analysis.png) +{% endif %} diff --git a/translations/zh-CN/data/reusables/user-settings/security.md b/translations/zh-CN/data/reusables/user-settings/security.md index e37094a653..e22f68f571 100644 --- a/translations/zh-CN/data/reusables/user-settings/security.md +++ b/translations/zh-CN/data/reusables/user-settings/security.md @@ -1,13 +1,6 @@ ---- -ms.openlocfilehash: 286f6911e8c9404d4e70fdcad9866444240e7608 -ms.sourcegitcommit: fb047f9450b41b24afc43d9512a5db2a2b750a2a -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/11/2022 -ms.locfileid: "145065694" ---- -{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5658 %} -1. 在侧边栏的“访问”部分中,单击“{% octicon "shield-lock" aria-label="The shield-lock icon" %} 密码和身份验证”。 +{% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %} +1. In the "Access" section of the sidebar, click **{% octicon "shield-lock" aria-label="The shield-lock icon" %} Password and authentication**. {% else %} -1. 在左侧边栏中,单击“帐户安全”。 -![个人帐户安全设置](/assets/images/help/settings/settings-sidebar-account-security.png) {% endif %} +1. In the left sidebar, click **Account security**. +![Personal account security settings](/assets/images/help/settings/settings-sidebar-account-security.png) +{% endif %} diff --git a/translations/zh-CN/data/reusables/user-settings/ssh.md b/translations/zh-CN/data/reusables/user-settings/ssh.md index 7faa0e3c05..cf6c7a99bc 100644 --- a/translations/zh-CN/data/reusables/user-settings/ssh.md +++ b/translations/zh-CN/data/reusables/user-settings/ssh.md @@ -1,13 +1,6 @@ ---- -ms.openlocfilehash: 21bf6a41cea18c551df29283106de905889af724 -ms.sourcegitcommit: 47bd0e48c7dba1dde49baff60bc1eddc91ab10c5 -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 09/05/2022 -ms.locfileid: "145065681" ---- -{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5658 %} -1. 在边栏的“访问”部分中,单击 {% octicon "key" aria-label="The key icon" %}“SSH 和 GPG 密钥”。 +{% ifversion fpt or ghec or ghes > 3.4 or ghae > 3.4 %} +1. In the "Access" section of the sidebar, click **{% octicon "key" aria-label="The key icon" %} SSH and GPG keys**. {% else %} -1. 在用户设置边栏中,单击“SSH 和 GPG 密钥”。 -![身份验证密钥](/assets/images/help/settings/settings-sidebar-ssh-keys.png) {% endif %} +1. In the user settings sidebar, click **SSH and GPG keys**. +![Authentication keys](/assets/images/help/settings/settings-sidebar-ssh-keys.png) +{% endif %} diff --git a/translations/zh-CN/data/ui.yml b/translations/zh-CN/data/ui.yml index 261e927e2a..a7a2c7da7a 100644 --- a/translations/zh-CN/data/ui.yml +++ b/translations/zh-CN/data/ui.yml @@ -1,219 +1,235 @@ -### YamlMime:Yaml -ms.openlocfilehash: 6f0f8abcf60ece31670c3cc4a7a17d067e505435 -ms.sourcegitcommit: ea9a577cff7ec16ded25ed57417c83ec04816428 -ms.translationtype: HT -ms.contentlocale: zh-CN -ms.lasthandoff: 04/07/2022 -ms.locfileid: "141506512" meta: - default_description: Get started, troubleshoot, and make the most of GitHub. Documentation for new users, developers, administrators, and all of GitHub's products. + default_description: 开始使用、排除故障和充分利用 GitHub。新用户、开发人员、管理员和所有 GitHub 产品的文档。 header: github_docs: GitHub Docs - contact: Contact + contact: 联系人 notices: - ghae_silent_launch: GitHub AE is currently under limited release. Please contact our Sales Team to find out more. - release_candidate: " is currently available as a release candidate. For more information, see \"About upgrades to new releases.\"" - localization_complete: We publish frequent updates to our documentation, and translation of this page may still be in progress. For the most current information, please visit the English documentation. If there's a problem with translations on this page, please let us know. - localization_in_progress: Hello, explorer! This page is under active development or still in translation. For the most up-to-date and accurate information, please visit our English documentation. - early_access: "\U0001F4E3 Please do not share this URL publicly. This page contains content about an early access feature." - release_notes_use_latest: Please use the latest release for the latest security, performance, and bug fixes. - ghes_release_notes_upgrade_patch_only: "\U0001F4E3 This is not the latest patch release of Enterprise Server." - ghes_release_notes_upgrade_release_only: "\U0001F4E3 This is not the latest release of Enterprise Server." - ghes_release_notes_upgrade_patch_and_release: "\U0001F4E3 This is not the latest patch release of this release series, and this is not the latest release of Enterprise Server." - sign_up_cta: Sign up + ghae_silent_launch: GitHub AE 目前处于受限版。 + release_candidate: + # The version name is rendered before the below text via includes/header-notification.html + ' 目前可作为候选发布。有关详细信息,请参阅“关于升级到新版本”。' + localization_complete: + "我们经常发布文档更新,此页面的翻译可能仍在进行中。有关最新信息,请访问英语文档。" + early_access: 📣 请不要公开分享此 URL。此页面包含有关早期访问功能的内容。 + release_notes_use_latest: 请使用最新版本获取最新的安全性、性能和 bug 修复程序。 + # GHES release notes + ghes_release_notes_upgrade_patch_only: "📣 这不是 Enterprise Server 的最新补丁版本。" + ghes_release_notes_upgrade_release_only: "📣 这不是 Enterprise Server 的最新版本。" + ghes_release_notes_upgrade_patch_and_release: "📣 这不是此版本系列的最新补丁版本,也不是 Enterprise Server 的最新版本。" + sign_up_cta: 注册 picker: - language_picker_default_text: Choose a language - product_picker_default_text: All products - version_picker_default_text: Choose a version + language_picker_default_text: 选择语言 + product_picker_default_text: 所有产品 + version_picker_default_text: 选择版本 release_notes: - banner_text: GitHub began rolling these changes out to enterprises on + banner_text: GitHub 开始向企业推出这些更改 search: - need_help: Need help? - placeholder: Search topics, products... - loading: Loading - no_results: No results found - search_results_for: Search results for - no_content: No content - matches_displayed: Matches displayed - search_error: An error occurred trying to perform the search. + need_help: 需要帮助? + placeholder: 搜索 GitHub Docs + loading: 加载 + no_results: 未找到结果 + search_results_for: 搜索以下项的结果 + no_content: 无内容 + matches_displayed: 显示的匹配项 + search_error: 尝试执行搜索时发生错误。 + description: 输入搜索词以在 GitHub 文档中找到它。 + label: 搜索 GitHub Docs + results_found: "在 {s} 毫秒内找到了 {n} 个结果" + results_page: "这是第 {page} 页,共 {pages} 页。" + nothing_found: 未找到任何内容 😿 homepage: - explore_by_product: Explore by product - version_picker: Version + explore_by_product: 按产品浏览 + version_picker: 版本 + description: 在 GitHub 旅程中随时为你提供帮助。 toc: - getting_started: Getting started - popular: Popular - guides: Guides - whats_new: What's new - videos: Videos - all_changelogs: All changelog posts + getting_started: 入门 + popular: 热门 + guides: 指南 + whats_new: 新增功能 + videos: 视频 + all_changelogs: 所有更改日志帖子 pages: - article_version: Article version - miniToc: In this article - contributor_callout: This article is contributed and maintained by - all_enterprise_releases: All Enterprise Server releases - about_versions: About versions + article_version: '文章版本' + miniToc: 本文内容 + contributor_callout: 这篇文章的参与者和维护者是 + all_enterprise_releases: 所有 Enterprise Server 发行版 + about_versions: 关于版本 errors: - oops: Ooops! - something_went_wrong: It looks like something went wrong. - we_track_errors: We track these errors automatically, but if the problem persists please feel free to contact us. - page_doesnt_exist: It looks like this page doesn't exist. + oops: 哎呀! + something_went_wrong: 似乎出现了问题。 + we_track_errors: 我们会自动跟踪这些错误,但如果问题仍然存在,请随时联系我们。 + page_doesnt_exist: 看来此页面不存在。 support: - still_need_help: Still need help? - contact_support: Contact support - ask_community: Ask the GitHub community + still_need_help: 还需要帮助? + contact_support: 联系支持人员 + ask_community: 询问 GitHub 社区 survey: - able_to_find: Did this doc help you? + able_to_find: 此文档对你有帮助吗? yes: Yes no: No - comment_yes_label: Let us know what we do well - comment_no_label: Let us know what we can do better - optional: Optional - required: Required + comment_yes_label: 让我们知道哪方面做得好 + comment_no_label: 告诉我们如何改进 + optional: 可选 + required: 必选 email_placeholder: email@example.com - email_label: If we can contact you with more questions, please enter your email address - email_validation: Please enter a valid email address + email_label: 如果我们可以就更多问题与你联系,请输入电子邮件地址 + email_validation: 请输入有效的电子邮件地址 send: Send - feedback: Thank you! We received your feedback. - not_support: If you need a reply, please contact support instead. - privacy_policy: Privacy policy + feedback: 谢谢!我们收到了你的反馈。 + not_support: 如果你需要回复,请联系客户支持。 + privacy_policy: 隐私政策 contribution_cta: title: 帮助我们创建出色的文档! - body: All GitHub docs are open source. See something that's wrong or unclear? Submit a pull request. - button: Make a contribution - or: Or, - to_guidelines: learn how to contribute. + body: 所有 GitHub 文档都是开源的。看到错误或不清楚的内容了吗?提交拉取请求。 + button: 做出贡献 + or: 或者, + to_guidelines: 了解如何参与。 products: graphql: reference: - implements: Implements - fields: Fields - arguments: Arguments + implements: 实现 + fields: 字段 + arguments: 参数 name: 名称 - type: Type + type: 类型 description: 说明 - input_fields: Input fields - return_fields: Return fields - implemented_by: Implemented by - values: Values - possible_types: Possible types - preview_notice: Preview notice - deprecation_notice: Deprecation notice + input_fields: 输入字段 + return_fields: 返回字段 + implemented_by: 实施者 + values: 值 + possible_types: 可能的类型 + preview_notice: 预览通知 + deprecation_notice: 启用通知 + preview_period: 在预览期间,API 可能会更改,恕不通知。 + overview: + preview_header: '若要切换此预览并访问以下架构成员,必须在 `Accept` 标头中提供自定义媒体类型:' + preview_schema_members: '预览的架构成员' + announced: 已公布 + updates: 更新 rest: reference: - default: Default + default: 默认 name: 名称 in: In - type: Type + type: 类型 description: 说明 - notes: Notes - parameters: Parameters - response: Response - status_codes: Status codes - http_status_code: HTTP Status Code - code_sample: Code sample - code_samples: Code samples - preview_notice: Preview notice - preview_notices: Preview notices - see_preview_notice: See preview notice - see_preview_notices: See preview notices - preview_header_is_required: This header is required - preview_notice_to_change: This API is under preview and subject to change - works_with_github_apps: Works with GitHub Apps + notes: 说明 + parameters: 参数 + response: 响应 + example_response: 示例响应 + status_code: 状态代码 + http_status_code: HTTP 响应状态代码 + code_sample: 代码示例 + code_samples: 代码示例 + preview_notice: 预览通知 + preview_notices: 预览通知 + see_preview_notice: 查看预览通知 + see_preview_notices: 查看预览通知 + preview_header_is_required: 此标头必填 + preview_notice_to_change: 此 API 处于预览阶段,可能会更改 + works_with: 使用 + api_reference: REST API 参考 + enum_description_title: 可以是以下选项之一 + required: 必选 + headers: 头文件 + query: 查询参数 + path: 路径参数 + body: 正文参数 footer: - all_rights_reserved: All rights reserved - terms: Terms - privacy: Privacy - security: Security + all_rights_reserved: 保留所有权利 + terms: 术语 + privacy: 隐私 + security: 安全性 product: - heading: Product + heading: Products links: - features: Features - security: Security + features: 功能 + security: 安全性 enterprise: Enterprise - case_studies: Case Studies - pricing: Pricing - resources: Resources + case_studies: 案例研究 + pricing: 定价 + resources: 资源 platform: - heading: Platform + heading: 平台 links: - developer_api: Developer API - partners: Partners + developer_api: 开发人员 API + partners: 合作伙伴 atom: Atom electron: Electron github_desktop: GitHub Desktop support: - heading: Support + heading: 支持 links: - help: Help - community_forum: Community Forum - training: Training - status: Status - contact_github: Contact GitHub + help: 帮助 + community_forum: 社区论坛 + training: 培训 + status: 状态 + contact_github: 联系 GitHub company: heading: Company links: - about: About - blog: Blog - careers: Careers - press: Press + about: 关于 + blog: 博客 + careers: 招聘 + press: 请按 shop: Shop product_landing: - quickstart: Quickstart - reference: Reference - overview: Overview - guides: Guides - code_examples: Code examples - search_code_examples: Search code examples - search_results_for: Search results for - matches_displayed: Matches displayed - show_more: Show more - explore_people_and_projects: Explore people and projects - sorry: Sorry, there is no result for - no_example: It looks like we don't have an example that fits your filter. - try_another: Try another filter or add your code example. - no_result: Sorry, there are no guides that match your filter. - learn: Learn how to add a code example - communities_using_discussions: Communities using discussions - add_your_community: Add your community - sponsor_community: GitHub Sponsors community - supported_releases: Supported releases - release_notes_for: Release notes for - upgrade_from: Upgrade from - browse_all_docs: Browse all docs - browse_all: Browse all - docs: docs - explore_release_notes: Explore release notes - view: View all + quickstart: 快速入门 + reference: 参考 + overview: 概述 + guides: 指南 + code_examples: 代码示例 + search_code_examples: 搜索代码示例 + search_results_for: 搜索以下项的结果 + matches_displayed: 显示的匹配项 + show_more: 显示更多 + explore_people_and_projects: 探索人员和项目 + sorry: 抱歉,找不到以下项的结果 + no_example: 看起来我们没有适合你的筛选条件的示例。 + try_another: 请尝试另一个筛选条件或添加你的代码示例。 + no_result: 抱歉,没有与你的筛选条件匹配的指南。 + learn: 了解如何添加代码示例 + communities_using_discussions: GitHub.com 上使用讨论的社区 + add_your_community: 添加社区 + sponsor_community: GitHub Sponsors 社区 + supported_releases: 支持的版本 + release_notes_for: 发行说明 + upgrade_from: 升级前的版本 + browse_all_docs: 浏览所有文档 + browse_all: 浏览全部 + docs: 文档 + explore_release_notes: 浏览发行说明 + view: 查看全部 product_guides: - start_path: Start learning path - learning_paths: '{{ productMap[currentProduct].name }} learning paths' - learning_paths_desc: Learning paths are a collection of guides that help you master a particular subject. - guides: '{{ productMap[currentProduct].name }} guides' - more_guides: more guides - load_more: Load more guides - all_guides: All {{ productMap[currentProduct].name }} guides - filter_instructions: Filter the guide list using these controls + start_path: 启动学习路径 + learning_paths: '{{ productMap[currentProduct].name }} 学习路径' + learning_paths_desc: 学习路径是一系列帮助你掌握特定主题的指南。 + guides: '{{ productMap[currentProduct].name }} 指南' + more_guides: 更多指南 + load_more: 加载更多指南 + all_guides: '所有 {{ productMap[currentProduct].name }} 指南' + filter_instructions: 使用这些控件筛选指南列表 filters: - type: Type - topic: Topic + type: 类型 + topic: 主题 all: All guides_found: - multiple: '{n} guides found' - one: 1 guide found - none: No guides found + multiple: '找到了 {n} 个指南' + one: 找到了 1 个指南 + none: 找不到指南 guide_types: - overview: Overview - quick_start: Quickstart - tutorial: Tutorial - how_to: How-to guide - reference: Reference + overview: 概述 + quick_start: 快速入门 + tutorial: 教程 + how_to: 操作指南 + reference: 参考 learning_track_nav: - prevGuide: Previous guide - nextGuide: Next guide + prevGuide: 上一个指南 + nextGuide: 下一个指南 toggle_images: - off: Images are off, click to show - on: Images are on, click to hide - hide_single: Hide image - show_single: Show image + off: 图像已关闭,点击显示 + on: 图像已打开,点击隐藏 + hide_single: 隐藏图像 + show_single: 显示图像 scroll_button: - scroll_to_top: Scroll to top + scroll_to_top: 滚动到顶部 diff --git a/translations/zh-CN/data/variables/actions.yml b/translations/zh-CN/data/variables/actions.yml new file mode 100644 index 0000000000..3d7e73935d --- /dev/null +++ b/translations/zh-CN/data/variables/actions.yml @@ -0,0 +1,2 @@ +azure_portal: 'Azure 门户' +hosted_runner: '大型运行器' diff --git a/translations/zh-CN/data/variables/command_line.yml b/translations/zh-CN/data/variables/command_line.yml new file mode 100644 index 0000000000..2685d9f629 --- /dev/null +++ b/translations/zh-CN/data/variables/command_line.yml @@ -0,0 +1,9 @@ +# Use this variable wherever backticks are necessary +backticks: >- + {% ifversion fpt or ghec %}github.com{% else %}[hostname]{% endif %} +# Use this variable within codeblocks (because it includes HTML! Which only renders in shell codeblocks!) +codeblock: >- + {% ifversion fpt or ghec %}github.com{% else %}hostname{% endif %} +# GitHub URL example +git_url_example: >- + https://{% ifversion fpt or ghec %}github.com{% else %}github.example.com{% endif %} diff --git a/translations/zh-CN/data/variables/contact.yml b/translations/zh-CN/data/variables/contact.yml new file mode 100644 index 0000000000..9a26b6c390 --- /dev/null +++ b/translations/zh-CN/data/variables/contact.yml @@ -0,0 +1,46 @@ +contact_ent_support: '[GitHub Enterprise 支持](https://support.github.com/contact?tags=docs-generic)' + +contact_support: >- + {% ifversion fpt or ghec %}[GitHub 支持](https://support.github.com/contact?tags=docs-generic){% elsif ghes %}你的网站管理员{% elsif ghae %}your enterprise owner{% endif %} +report_abuse: >- + {% ifversion fpt or ghec %}[报告滥用](https://github.com/contact/report-abuse){% endif %} +report_content: >- + {% ifversion fpt or ghec %}[报告内容](https://github.com/contact/report-content){% endif %} +contact_dmca: >- + {% ifversion fpt or ghec %}[版权声明表](https://github.com/contact/dmca){% endif %} +contact_privacy: >- + {% ifversion fpt or ghec %}[隐私联系人表](https://github.com/contact/privacy){% endif %} +contact_enterprise_sales: "[GitHub 销售团队](https://github.com/enterprise/contact)" + +contact_feedback_actions: '[GitHub Actions GitHub 社区讨论](https://github.com/orgs/community/discussions/categories/actions-and-packages)' + +# The team that provides Standard Support +enterprise_support: 'GitHub Enterprise 支持' + +# The larger team that includes Enterprise Support and Premium Support +github_support: 'GitHub 支持' + +# The team that provides Premium Support +premium_support: 'GitHub 高级支持' + +# Enterprise Support portal (previously the Zendesk portal at enterprise.githubsupport.com) +enterprise_portal: 'GitHub 支持门户' +contact_enterprise_portal: '[GitHub 支持门户](https://support.github.com/contact?tags=docs-generic)' + +# Azure support (GitHub AE) portal +ae_azure_portal: 'Azure 支持门户' +contact_ae_portal: '[Azure 支持门户](https://portal.azure.com/#blade/Microsoft_Azure_Support/HelpAndSupportBlade)' + +# GitHub Support portal (for dotcom - this sends users to a contact form) +support_portal: 'GitHub 支持门户' +contact_support_portal: '[GitHub 支持门户](https://support.github.com/contact?tags=docs-generic)' + +# GitHub Support portal (this sends users to the Support landing page) +landing_page_portal: 'GitHub 支持门户' +contact_landing_page_portal: '[GitHub 支持门户](https://support.github.com/)' + +# The team that provides GitHub Community Support on the GitHub Community forum (for GitHub Free) +community_support: 'GitHub 社区支持' + +# GitHub Community discussions +community_support_forum: '[GitHub 社区讨论](https://github.com/orgs/community/discussions)' diff --git a/translations/zh-CN/data/variables/large_files.yml b/translations/zh-CN/data/variables/large_files.yml new file mode 100644 index 0000000000..5ab4bef999 --- /dev/null +++ b/translations/zh-CN/data/variables/large_files.yml @@ -0,0 +1,14 @@ +product_name_long: 'Git Large File Storage' +product_name_short: 'Git LFS' +warning_size: '50 MB' +max_github_size: '100 MB' +max_github_browser_size: '25 MB' +initial_bandwidth_quota: '1 GB' +initial_storage_quota: '1 GB' +max_lfs_size: '2 GB' +max_file_size: '2 GB' +command_name: lfs +version_name: "https://git-lfs.github.com/spec/v1" +pack_monthly_price: 每月 5 美元 +pack_monthly_bandwidth: '50 GB' +pack_monthly_storage: '50 GB' diff --git a/translations/zh-CN/data/variables/notifications.yml b/translations/zh-CN/data/variables/notifications.yml new file mode 100644 index 0000000000..9ebf3716ff --- /dev/null +++ b/translations/zh-CN/data/variables/notifications.yml @@ -0,0 +1,4 @@ +no_reply_address: >- + {% ifversion fpt or ghec %}`noreply@github.com`{% else %}由站点管理员配置的无需回复电子邮件地址{% endif %} +cc_address: >- + {% ifversion fpt or ghec %}`@noreply.github.com`{% else %}基于由站点管理员配置的无需回复电子邮件地址{% endif %} diff --git a/translations/zh-CN/data/variables/projects.yml b/translations/zh-CN/data/variables/projects.yml new file mode 100644 index 0000000000..e4ef47adf7 --- /dev/null +++ b/translations/zh-CN/data/variables/projects.yml @@ -0,0 +1,18 @@ +projects_v2: 'projects' +projects_v2_caps: '项目' +project_v2: 'project' +project_v2_caps: 'Project' + +projects_v1_board: >- + {% ifversion ghes or ghae %}项目版块{% else %}经典项目{% endif %} +projects_v1_board_caps: >- + {% ifversion ghes or ghae %}项目版块{% else %}经典项目{% endif %} +projects_v1_boards: >- + {% ifversion ghes or ghae %}项目版块{% else %}经典项目{% endif %} +projects_v1_boards_caps: >- + {% ifversion ghes or ghae %}项目版块{% else %}经典项目{% endif %} +command-palette-shortcut: 'Command+K (Mac) or Ctrl+K (Windows/Linux)' + +# Use feature flags to return which projects versions are available. +projects_v2_and_v1: '{% ifversion projects-v2 %}{% data variables.projects.projects_v2 %}{% ifversion projects-v1 %} 和 {% data variables.projects.projects_v1_boards %}{% endif %}{% else %}{% data variables.projects.projects_v1_boards %}{% endif %}' +project_v2_and_v1: '{% ifversion projects-v2 %}{% data variables.projects.project_v2 %}{% ifversion projects-v1 %} 和 {% data variables.projects.projects_v1_board %}{% endif %}{% else %}{% data variables.projects.projects_v1_board %}{% endif %}'