Octomerger Bot
@@ -354,7 +354,7 @@ runs:
|
||||
|
||||
#### `runs.steps[*].with`
|
||||
|
||||
**Optional** A `map` of the input parameters defined by the action. 各入力パラメータはキー/値ペアです。 入力パラメータは環境変数として設定されます。 The variable is prefixed with INPUT_ and converted to upper case.
|
||||
**Optional** A `map` of the input parameters defined by the action. 各入力パラメータはキー/値ペアです。 For more information, see [Example: Specifying inputs](#example-specifying-inputs).
|
||||
|
||||
```yaml
|
||||
runs:
|
||||
|
||||
@@ -38,9 +38,10 @@ You can add the action you've created to {% data variables.product.prodname_mark
|
||||
To draft a new release and publish the action to {% data variables.product.prodname_marketplace %}, follow these instructions:
|
||||
|
||||
{% data reusables.repositories.navigate-to-repo %}
|
||||
1. When a repository contains an action metadata file (`action.yml` or `action.yaml`), you'll see a banner to publish the action to {% data variables.product.prodname_marketplace %}. Click **Draft a release**.
|
||||
|
||||
1. Select **Publish this action to the {% data variables.product.prodname_marketplace %}**. If you can't select the **Publish this action to the {% data variables.product.prodname_marketplace %}** checkbox, you'll need to read and accept the {% data variables.product.prodname_marketplace %} agreement first.
|
||||
1. Navigate to the action metadata file in your repository (`action.yml` or `action.yaml`), and you'll see a banner to publish the action to {% data variables.product.prodname_marketplace %}. Click **Draft a release**.
|
||||
|
||||
|
||||
1. Under "Release Action", select the checkbox to publish the action to the {% data variables.product.prodname_marketplace %}. If you can't select the checkbox, you must first click the link to read and accept the {% data variables.product.prodname_marketplace %} Developer Agreement.
|
||||
|
||||
1. If the labels in your metadata file contain any problems, you will see an error message.
|
||||
|
||||
|
||||
@@ -84,7 +84,7 @@ The following table indicates where each context and special function can be use
|
||||
| <code>jobs.<job_id>.name</code> | <code>github, needs, strategy, matrix, inputs</code> | |
|
||||
| <code>jobs.<job_id>.outputs.<output_id></code> | <code>github, needs, strategy, matrix, job, runner, env, secrets, steps, inputs</code> | |
|
||||
| <code>jobs.<job_id>.runs-on</code> | <code>github, needs, strategy, matrix, inputs</code> | |
|
||||
| <code>jobs.<job_id>.secrets.<secrets_id></code> | <code>github, needs, secrets{% ifversion actions-unified-inputs %}, inputs{% endif %}</code> | |
|
||||
| <code>jobs.<job_id>.secrets.<secrets_id></code> | <code>github, needs,{% ifversion actions-reusable-workflow-matrix %} strategy, matrix,{% endif %} secrets{% ifversion actions-unified-inputs %}, inputs{% endif %}</code> | |
|
||||
| <code>jobs.<job_id>.services</code> | <code>github, needs, strategy, matrix, inputs</code> | |
|
||||
| <code>jobs.<job_id>.services.<service_id>.credentials</code> | <code>github, needs, strategy, matrix, env, secrets, inputs</code> | |
|
||||
| <code>jobs.<job_id>.services.<service_id>.env.<env_id></code> | <code>github, needs, strategy, matrix, job, runner, env, secrets, inputs</code> | |
|
||||
@@ -98,7 +98,7 @@ The following table indicates where each context and special function can be use
|
||||
| <code>jobs.<job_id>.steps.working-directory</code> | <code>github, needs, strategy, matrix, job, runner, env, secrets, steps, inputs</code> | <code>hashFiles</code> |
|
||||
| <code>jobs.<job_id>.strategy</code> | <code>github, needs, inputs</code> | |
|
||||
| <code>jobs.<job_id>.timeout-minutes</code> | <code>github, needs, strategy, matrix, inputs</code> | |
|
||||
| <code>jobs.<job_id>.with.<with_id></code> | <code>github, needs{% ifversion actions-unified-inputs %}, inputs{% endif %}</code> | |
|
||||
| <code>jobs.<job_id>.with.<with_id></code> | <code>github, needs{% ifversion actions-reusable-workflow-matrix %}, strategy, matrix{% endif %}{% ifversion actions-unified-inputs %}, inputs{% endif %}</code> | |
|
||||
| <code>on.workflow_call.inputs.<inputs_id>.default</code> | <code>github{% ifversion actions-unified-inputs %}, inputs{% endif %}</code> | |
|
||||
| <code>on.workflow_call.outputs.<output_id>.value</code> | <code>github, jobs, inputs</code> | |
|
||||
{% else %}
|
||||
|
||||
@@ -39,7 +39,7 @@ You can view the reused workflows referenced in your {% data variables.product.p
|
||||
|
||||
### Reusable workflows and starter workflows
|
||||
|
||||
スターターワークフローを使うと、Organizationでワークフローの作成権限を持つ人は誰でも、ワークフローを素早く容易に作成できます。 When people create a new workflow, they can choose a starter workflow and some or all of the work of writing the workflow will be done for them. Within a starter workflow, you can also reference reusable workflows to make it easy for people to benefit from reusing centrally managed workflow code. If you use a tag or branch name when referencing the reusable workflow, you can ensure that everyone who reuses that workflow will always be using the same YAML code. However, if you reference a reusable workflow by a tag or branch, be sure that you can trust that version of the workflow. For more information, see "[Security hardening for {% data variables.product.prodname_actions %}](/actions/security-guides/security-hardening-for-github-actions#reusing-third-party-workflows)."
|
||||
スターターワークフローを使うと、Organizationでワークフローの作成権限を持つ人は誰でも、ワークフローを素早く容易に作成できます。 When people create a new workflow, they can choose a starter workflow and some or all of the work of writing the workflow will be done for them. Within a starter workflow, you can also reference reusable workflows to make it easy for people to benefit from reusing centrally managed workflow code. If you use a commit SHA when referencing the reusable workflow, you can ensure that everyone who reuses that workflow will always be using the same YAML code. However, if you reference a reusable workflow by a tag or branch, be sure that you can trust that version of the workflow. For more information, see "[Security hardening for {% data variables.product.prodname_actions %}](/actions/security-guides/security-hardening-for-github-actions#reusing-third-party-workflows)."
|
||||
|
||||
For more information, see "[Creating starter workflows for your organization](/actions/learn-github-actions/creating-starter-workflows-for-your-organization)."
|
||||
|
||||
@@ -69,10 +69,14 @@ Called workflows that are owned by the same user or organization{% ifversion ghe
|
||||
|
||||
## 制限事項
|
||||
|
||||
{% ifversion nested-reusable-workflow %}
|
||||
* You can connect up to four levels of workflows. For more information, see "[Calling a nested reusable workflow](#calling-a-nested-reusable-workflow)."
|
||||
{% else %}
|
||||
* Reusable workflows can't call other reusable workflows.
|
||||
{% endif %}
|
||||
* Reusable workflows stored within a private repository can only be used by workflows within the same repository.
|
||||
* Any environment variables set in an `env` context defined at the workflow level in the caller workflow are not propagated to the called workflow. For more information about the `env` context, see "[Context and expression syntax for GitHub Actions](/actions/reference/context-and-expression-syntax-for-github-actions#env-context)."
|
||||
* The `strategy` property is not supported in any job that calls a reusable workflow.
|
||||
* Any environment variables set in an `env` context defined at the workflow level in the caller workflow are not propagated to the called workflow. For more information about the `env` context, see "[Context and expression syntax for GitHub Actions](/actions/reference/context-and-expression-syntax-for-github-actions#env-context)."{% ifversion actions-reusable-workflow-matrix %}{% else %}
|
||||
* The `strategy` property is not supported in any job that calls a reusable workflow.{% endif %}
|
||||
|
||||
## Creating a reusable workflow
|
||||
|
||||
@@ -105,7 +109,13 @@ You can define inputs and secrets, which can be passed from the caller workflow
|
||||
{% endraw %}
|
||||
For details of the syntax for defining inputs and secrets, see [`on.workflow_call.inputs`](/actions/reference/workflow-syntax-for-github-actions#onworkflow_callinputs) and [`on.workflow_call.secrets`](/actions/reference/workflow-syntax-for-github-actions#onworkflow_callsecrets).
|
||||
{% ifversion actions-inherit-secrets-reusable-workflows %}
|
||||
1. In the reusable workflow, reference the input or secret that you defined in the `on` key in the previous step. If the secrets are inherited using `secrets: inherit`, you can reference them even if they are not defined in the `on` key.
|
||||
1. In the reusable workflow, reference the input or secret that you defined in the `on` key in the previous step.
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note**: If the secrets are inherited by using `secrets: inherit` in the calling workflow, you can reference them even if they are not explicitly defined in the `on` key. For more information, see "[Workflow syntax for GitHub Actions](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idsecretsinherit)."
|
||||
|
||||
{% endnote %}
|
||||
{%- else %}
|
||||
1. In the reusable workflow, reference the input or secret that you defined in the `on` key in the previous step.
|
||||
{%- endif %}
|
||||
@@ -127,7 +137,7 @@ You can define inputs and secrets, which can be passed from the caller workflow
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note**: Environment secrets are encrypted strings that are stored in an environment that you've defined for a repository. Environment secrets are only available to workflow jobs that reference the appropriate environment. For more information, see "[Using environments for deployment](/actions/deployment/targeting-different-environments/using-environments-for-deployment#environment-secrets)."
|
||||
**Note**: Environment secrets are encrypted strings that are stored in an environment that you've defined for a repository. Environment secrets are only available to workflow jobs that reference the appropriate environment. 詳しい情報については「[デプロイメントへの環境の利用](/actions/deployment/targeting-different-environments/using-environments-for-deployment#environment-secrets)」を参照してください。
|
||||
|
||||
{% endnote %}
|
||||
|
||||
@@ -164,7 +174,36 @@ jobs:
|
||||
token: ${{ secrets.token }}
|
||||
```
|
||||
{% endraw %}
|
||||
{% ifversion actions-reusable-workflow-matrix %}
|
||||
## Using a matrix strategy with a reusable workflow
|
||||
|
||||
Jobs using the matrix strategy can call a reusable workflow.
|
||||
|
||||
マトリックス戦略を使うと、単一のジョブ定義中で変数を使って、変数の組み合わせに基づく複数のジョブの実行を自動的に生成できます。 For example, you can use a matrix strategy to pass different inputs to a reusable workflow. マトリクスに関する詳しい情報については「[ジョブでのマトリクスの利用](/actions/using-jobs/using-a-matrix-for-your-jobs)」を参照してください。
|
||||
|
||||
### Example matrix strategy with a reusable workflow
|
||||
|
||||
This workflow file references the matrix context by defining the variable `target` with the values `[dev, stage, prod]`. このワークフローは、変数中のそれぞれの値に対して1つずつ、3つのジョブを実行します。 The workflow file also calls a reusable workflow by using the `uses` keyword.
|
||||
|
||||
{% raw %}
|
||||
```yaml{:copy}
|
||||
name: Reusable workflow with matrix strategy
|
||||
|
||||
on:
|
||||
push:
|
||||
|
||||
jobs:
|
||||
ReuseableMatrixJobForDeployment:
|
||||
strategy:
|
||||
matrix:
|
||||
target: [dev, stage, prod]
|
||||
uses: octocat/octo-repo/.github/workflows/deployment.yml@main
|
||||
with:
|
||||
target: ${{ matrix.target }}
|
||||
```
|
||||
{% endraw %}
|
||||
|
||||
{% endif %}
|
||||
## Calling a reusable workflow
|
||||
|
||||
You call a reusable workflow by using the `uses` keyword. Unlike when you are using actions within a workflow, you call reusable workflows directly within a job, and not from within job steps.
|
||||
@@ -234,9 +273,61 @@ jobs:
|
||||
```
|
||||
{% endraw %}
|
||||
|
||||
{% ifversion nested-reusable-workflow %}
|
||||
## Nesting reusable workflows
|
||||
|
||||
You can connect a maximum of four levels of workflows - that is, the top-level caller workflow and up to three levels of reusable workflows. For example: _caller-workflow.yml_ → _called-workflow-1.yml_ → _called-workflow-2.yml_ → _called-workflow-3.yml_. Loops in the workflow tree are not permitted.
|
||||
|
||||
From within a reusable workflow you can call another reusable workflow.
|
||||
|
||||
{% raw %}
|
||||
```yaml{:copy}
|
||||
name: Reusable workflow
|
||||
|
||||
on:
|
||||
workflow_call:
|
||||
|
||||
jobs:
|
||||
call-another-reusable:
|
||||
uses: octo-org/example-repo/.github/workflows/another-reusable.yml@v1
|
||||
```
|
||||
{% endraw %}
|
||||
|
||||
### Passing secrets to nested workflows
|
||||
|
||||
You can use `jobs.<job_id>.secrets` in a calling workflow to pass named secrets to a directly called workflow. Alternatively, you can use `jobs.<job_id>.secrets.inherit` to pass all of the calling workflow's secrets to a directly called workflow. For more information, see the section "[Passing inputs and secrets to a reusable workflow](/actions/using-workflows/reusing-workflows#passing-inputs-and-secrets-to-a-reusable-workflow)" above, and the reference article "[Workflow syntax for GitHub Actions](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idsecretsinherit)." Secrets are only passed to directly called workflow, so in the workflow chain A > B > C, workflow C will only receive secrets from A if they have been passed from A to B, and then from B to C.
|
||||
|
||||
In the following example, workflow A passes all of its secrets to workflow B, by using the `inherit` keyword, but workflow B only passes one secret to workflow C. Any of the other secrets passed to workflow B are not available to workflow C.
|
||||
|
||||
{% raw %}
|
||||
```yaml
|
||||
jobs:
|
||||
workflowA-calls-workflowB:
|
||||
uses: octo-org/example-repo/.github/workflows/B.yml@main
|
||||
secrets: inherit # pass all secrets
|
||||
```
|
||||
|
||||
```yaml
|
||||
jobs:
|
||||
workflowB-calls-workflowC:
|
||||
uses: different-org/example-repo/.github/workflows/C.yml@main
|
||||
secrets:
|
||||
envPAT: ${{ secrets.envPAT }} # pass just this secret
|
||||
```
|
||||
{% endraw %}
|
||||
|
||||
### Access and permissions
|
||||
|
||||
A workflow that contains nested reusable workflows will fail if any of the nested workflows is inaccessible to the initial caller workflow. For more information, see "[Access to reusable workflows](/actions/using-workflows/reusing-workflows#access-to-reusable-workflows)."
|
||||
|
||||
`GITHUB_TOKEN` permissions can only be the same or more restrictive in nested workflows. For example, in the workflow chain A > B > C, if workflow A has `package: read` token permission, then B and C cannot have `package: write` permission. 詳しい情報については「[自動トークン認証](/actions/security-guides/automatic-token-authentication)」を参照してください。
|
||||
{% endif %}
|
||||
|
||||
## Using outputs from a reusable workflow
|
||||
|
||||
A reusable workflow may generate data that you want to use in the caller workflow. To use these outputs, you must specify them as the outputs of the reusable workflow.
|
||||
A reusable workflow may generate data that you want to use in the caller workflow. To use these outputs, you must specify them as the outputs of the reusable workflow.{% ifversion actions-reusable-workflow-matrix %}
|
||||
|
||||
If a reusable workflow that sets an output is executed with a matrix strategy, the output will be the output set by the last successful completing reusable workflow of the matrix which actually sets a value. That means if the last successful completing reusable workflow sets an empty string for its output, and the second last successful completing reusable workflow sets an actual value for its output, the output will contain the value of the second last completing reusable workflow.{% endif %}
|
||||
|
||||
The following reusable workflow has a single job containing two steps. In each of these steps we set a single word as the output: "hello" and "world." In the `outputs` section of the job, we map these step outputs to job outputs called: `output1` and `output2`. In the `on.workflow_call.outputs` section we then define two outputs for the workflow itself, one called `firstword` which we map to `output1`, and one called `secondword` which we map to `output2`.
|
||||
|
||||
|
||||
@@ -1037,15 +1037,23 @@ Allowed expression contexts: `github`, `needs`, and `secrets`.
|
||||
- `[]` 括弧内にリストされた、あるいは範囲に含まれる1つのキャラクタにマッチします。 範囲に含めることができるのは`a-z`、`A-Z`、`0-9`のみです。 たとえば、`[0-9a-z]`という範囲は任意の数字もしくは小文字にマッチします。 たとえば`[CB]at`は`Cat`あるいは`Bat`にマッチし、`[1-2]00`は`100`や`200`にマッチします。
|
||||
- `!`: パターンの先頭に置くと、肯定のパターンを否定にします。 先頭のキャラクタではない場合は、特別な意味を持ちません。
|
||||
|
||||
YAMLにおいては、`*`、`[`、`!`は特別なキャラクタです。 パターンを`*`、`[`、`!`で始める場合、そのパターンをクオートで囲まなければなりません。
|
||||
YAMLにおいては、`*`、`[`、`!`は特別なキャラクタです。 パターンを`*`、`[`、`!`で始める場合、そのパターンをクオートで囲まなければなりません。 Also, if you use a [flow sequence](https://yaml.org/spec/1.2.2/#flow-sequences) with a pattern containing `[` and/or `]`, the pattern must be enclosed in quotes.
|
||||
|
||||
```yaml
|
||||
# 有効
|
||||
- '**/README.md'
|
||||
# Valid
|
||||
branches:
|
||||
- '**/README.md'
|
||||
|
||||
# 無効 - ワークフローの実行を妨げる
|
||||
# 解析エラーを作成する
|
||||
- **/README.md
|
||||
# Invalid - creates a parse error that
|
||||
# prevents your workflow from running.
|
||||
branches:
|
||||
- **/README.md
|
||||
|
||||
# Valid
|
||||
branches: [ main, 'release/v[0-9].[0-9]' ]
|
||||
|
||||
# Invalid - creates a parse error
|
||||
branches: [ main, release/v[0-9].[0-9] ]
|
||||
```
|
||||
|
||||
For more information about branch, tag, and path filter syntax, see "[`on.<push>.<branches|tags>`](#onpushbranchestagsbranches-ignoretags-ignore)", "[`on.<pull_request>.<branches|tags>`](#onpull_requestpull_request_targetbranchesbranches-ignore)", and "[`on.<push|pull_request>.paths`](#onpushpull_requestpull_request_targetpathspaths-ignore)."
|
||||
|
||||
@@ -37,20 +37,40 @@ topics:
|
||||
|
||||
コードベースが既知のセキュリティリスクのある依存関係を使用していることを検出すると、{% data variables.product.product_name %} は {% data variables.product.prodname_dependabot_alerts %} を生成します。 {% data variables.product.prodname_dependabot_security_updates %} が有効になっているリポジトリの場合、{% data variables.product.product_name %} がデフォルトのブランチで脆弱性のある依存関係を検出すると、{% data variables.product.prodname_dependabot %} はそれを修正するためのプルリクエストを作成します。 プルリクエストは、脆弱性を回避するために必要最低限の安全なバージョンに依存関係をアップグレードします。
|
||||
|
||||
{% ifversion dependabot-most-important-sort-option %} デフォルトでは、{% data variables.product.prodname_dependabot_alerts %}は重要度の順に{% data variables.product.prodname_dependabot_alerts %}タブに表示されますが、他の基準でアラートをソートできます。 {% endif %}{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5638 %}{% data variables.product.prodname_dependabot_alerts %}タブのドロップダウンメニューを使って、あるいはフィルタを検索バーで`key:value`ペアを入力することによって{% data variables.product.prodname_dependabot_alerts %}をソート及びフィルタリングしたりできます。 利用可能なフィルタは、リポジトリ(たとえば`repo:my-repository`)、パッケージ(たとえば`package:django`)、エコシステム(たとえば`ecosystem:npm`)、マニフェスト(たとえば`manifest:webwolf/pom.xml`)、状態(たとえば`is:open`)、アドバイザリがパッチを持っているか(たとえば`has: patch`)です。{% ifversion dependabot-alerts-development-label %}たとえば`scope:development`あるいは`scope:runtime`というように、`scope`を使って依存関係のスコープデータでアラートをフィルタすることもできます。 `scope:development`を指定すると、アラートのリストは実働ではなく開発の間に使われた依存関係だけを表示します。{% endif %}
|
||||
|
||||
それぞれの{% data variables.product.prodname_dependabot %}アラートは一意の数値識別子を持っており、{% data variables.product.prodname_dependabot_alerts %}タブにはすべての検出された脆弱性に対するアラートがリストされます。 旧来の{% data variables.product.prodname_dependabot_alerts %}は依存関係で脆弱性をグループ化し、依存関係ごとに1つのアラートを生成しました。 旧来の{% data variables.product.prodname_dependabot %}アラートにアクセスすると、そのパッケージでフィルタされた{% data variables.product.prodname_dependabot_alerts %}タブにリダイレクトされます。 {% endif %}
|
||||
|
||||
{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5638 %}
|
||||
You can filter and sort {% data variables.product.prodname_dependabot_alerts %} using a variety of filters and sort options available on the user interface. For more information, see "[Prioritizing {% data variables.product.prodname_dependabot_alerts %}](#prioritizing-across--data-variablesproductprodname_dependabot_alerts-)" below.
|
||||
|
||||
## Prioritizing {% data variables.product.prodname_dependabot_alerts %}
|
||||
|
||||
{% data variables.product.company_short %} helps you prioritize fixing {% data variables.product.prodname_dependabot_alerts %}. {% ifversion dependabot-most-important-sort-option %} By default, {% data variables.product.prodname_dependabot_alerts %} are sorted by importance. The "Most important" sort order helps you prioritize which {% data variables.product.prodname_dependabot_alerts %} to focus on first. アラートは、潜在的な影響、行動可能性、関連性に基づいてランク付けされます。 優先順位の計算は常に改善されており、CSVVスコア、依存関係スコープ、脆弱性のある関数呼び出しがアラートで見つかっているかといった要素を含みます。
|
||||
|
||||
|
||||
{% endif %}
|
||||
|
||||
{% data reusables.dependabot.dependabot-alerts-filters %}
|
||||
|
||||
In addition to the filters available via the search bar, you can sort and filter {% data variables.product.prodname_dependabot_alerts %} using the dropdown menus at the top of the alert list. The search bar also allows for full text searching of alerts and related security advisories. You can search for part of a security advisory name or description to return the alerts in your repository that relate to that security advisory. For example, searching for `yaml.load() API could execute arbitrary code` will return {% data variables.product.prodname_dependabot_alerts %} linked to "[PyYAML insecurely deserializes YAML strings leading to arbitrary code execution](https://github.com/advisories/GHSA-rprw-h62v-c2w7)" as the search string appears in the advisory description.
|
||||
|
||||
{% endif %}
|
||||
|
||||
{% ifversion dependabot-bulk-alerts %}
|
||||
{% elsif ghes = 3.5 %}
|
||||
You can select a filter in a dropdown menu at the top of the list, then click the filter that you would like to apply. {% endif %}
|
||||
|
||||
{% ifversion dependabot-alerts-development-label %}
|
||||
## 依存関係のスコープに対してサポートされているエコシステムとマニフェスト
|
||||
|
||||
<!-- TODO: for now we'd have this table and heading as they are, but we're planning to replace this with at a later date a new heading containing all the available filters in one or more tables -->
|
||||
{% data reusables.dependabot.dependabot-alerts-dependency-scope %}
|
||||
|
||||
開発時の依存関係としてリストされているパッケージに対するアラートは、{% data variables.product.prodname_dependabot_alerts %}のページ上で`Development`ラベルでマークされており、`scope`フィルタでフィルタリングすることもできます。 
|
||||
開発時の依存関係としてリストされているパッケージに対するアラートは、{% data variables.product.prodname_dependabot_alerts %}のページ上で`Development`ラベルでマークされており、`scope`フィルタでフィルタリングすることもできます。
|
||||
|
||||
開発スコープのパッケージに対するアラートの詳細ページには、`Development`ラベルを含むTags"セクションが表示されます。 
|
||||
|
||||
|
||||
開発スコープのパッケージに対するアラートの詳細ページには、`Development`ラベルを含むTags"セクションが表示されます。
|
||||
|
||||
|
||||
|
||||
{% endif %}
|
||||
|
||||
@@ -90,23 +110,10 @@ topics:
|
||||
{% data reusables.repositories.navigate-to-repo %}
|
||||
{% data reusables.repositories.sidebar-security %}
|
||||
{% data reusables.repositories.sidebar-dependabot-alerts %}
|
||||
1. あるいは、アラートをフィルタリングするには、**Repository(リポジトリ)**、**Package(パッケージ)**、**Ecosystem(エコシステム)**、**Manifest(マニフェスト)**ドロップダウンメニューを選択し、続いて適用したいフィルタをクリックしてください。 検索バーにフィルタを入力することもできます。 たとえば`ecosystem:npm`{% ifversion ghes < 3.7 or ghae-issue-5638 %}もしくは`has:patch`{% endif %}{% ifversion dependabot-alerts-development-label %}、`has:patch`、`scope:development`{% endif %}。 アラートをソートするには、**Sort(ソート)**ドロップダウンメニューを選択し、ソートの基準にしたいオプションをクリックするか、検索バーに`sort:`と入力してから、候補(たとえば`sort:newest`)から選択肢を選んでください。
|
||||
|
||||
{% ifversion dependabot-most-important-sort-option %}
|
||||
{% note %}
|
||||
|
||||
**ノート:** デフォルトでは、{% data variables.product.prodname_dependabot_alerts %}は重要度でソートされています。 "Most important(重要な順)"ソートは、まず焦点を置くべき{% data variables.product.prodname_dependabot_alerts %}の優先順位付けを助けてくれます。 アラートは、潜在的な影響、行動可能性、関連性に基づいてランク付けされます。 優先順位の計算は常に改善されており、CSVVスコア、依存関係スコープ、脆弱性のある関数呼び出しがアラートで見つかっているかといった要素を含みます。
|
||||
{% endnote %}
|
||||
|
||||
|
||||
{% endif %}
|
||||
|
||||
アラートのラベルをクリックして、その種類のアラートだけを表示させることもできます。{% ifversion dependabot-alerts-development-label %}たとえば、アラートのリスト内の`Development`ラベルをクリックすれば、実働ではなく開発で使われている依存関係に関係するアラートだけが表示されます。 サポートされているエコシステムのリストに関する情報については「[依存関係スコープでサポートされているエコシステムとマニフェスト](#supported-ecosystems-and-manifests-for-dependency-scope)」を参照してください。
|
||||
|
||||
{% endif %}
|
||||
1. Optionally, to filter alerts, select a filter in a dropdown menu then click the filter that you would like to apply. 検索バーにフィルタを入力することもできます。 For more information about filtering and sorting alerts, see "[Prioritizing {% data variables.product.prodname_dependabot_alerts %}](#prioritizing-across--data-variablesproductprodname_dependabot_alerts-)."
|
||||
{%- ifversion dependabot-bulk-alerts %}
|
||||
{% else %}
|
||||
{% endif %}
|
||||
{% endif %}
|
||||
1. 表示したいアラートをクリックしてください。{% ifversion dependabot-bulk-alerts %} {% else %}
|
||||
{% endif %}
|
||||
|
||||
|
||||
@@ -1,6 +1,29 @@
|
||||
---
|
||||
title: 開発者
|
||||
intro: 'APIと統合し、{% data variables.product.prodname_dotcom %}ワークフローをカスタマイズし、アプリケーションを構築してコミュニティと共有することによって、さらに{% data variables.product.prodname_dotcom %}との関係を深めてください。'
|
||||
intro: 'Go deeper with {% data variables.product.prodname_dotcom %} by integrating with our APIs and webhooks, customizing your {% data variables.product.prodname_dotcom %} workflow, and building and sharing apps with the community.'
|
||||
introLinks:
|
||||
About apps: /developers/apps/getting-started-with-apps/about-apps
|
||||
layout: product-landing
|
||||
featuredLinks:
|
||||
guides:
|
||||
- /developers/apps/getting-started-with-apps/differences-between-github-apps-and-oauth-apps
|
||||
- /developers/apps/building-github-apps/creating-a-github-app
|
||||
- /developers/apps/building-github-apps/authenticating-with-github-apps
|
||||
- /developers/apps/building-github-apps/identifying-and-authorizing-users-for-github-apps
|
||||
popular:
|
||||
- /developers/webhooks-and-events/webhooks/webhook-events-and-payloads
|
||||
- /developers/apps/building-github-apps/creating-a-github-app
|
||||
- /developers/apps/building-github-apps/authenticating-with-github-apps
|
||||
- /developers/webhooks-and-events/webhooks/about-webhooks
|
||||
- /developers/apps/building-oauth-apps/creating-an-oauth-app
|
||||
- /developers/apps/building-oauth-apps/authorizing-oauth-apps
|
||||
- /developers/github-marketplace/github-marketplace-overview/about-github-marketplace
|
||||
guideCards:
|
||||
- /developers/webhooks-and-events/webhooks/creating-webhooks
|
||||
- /developers/apps/guides/using-the-github-api-in-your-app
|
||||
- /developers/apps/guides/creating-ci-tests-with-the-checks-api
|
||||
changelog:
|
||||
label: apps
|
||||
versions:
|
||||
fpt: '*'
|
||||
ghes: '*'
|
||||
|
||||
@@ -0,0 +1,7 @@
|
||||
#Reference: #7094
|
||||
#Documentation for allowing matrix jobs to call reusable workflows.
|
||||
versions:
|
||||
fpt: '*'
|
||||
ghec: '*'
|
||||
ghes: '>=3.7'
|
||||
ghae: 'issue-7094'
|
||||
@@ -0,0 +1,7 @@
|
||||
#Issues 7093
|
||||
#Reusable workflows can call other reusable workflows
|
||||
versions:
|
||||
fpt: '*'
|
||||
ghec: '*'
|
||||
ghes: '>=3.7'
|
||||
ghae: 'issue-7093'
|
||||
@@ -994,6 +994,13 @@ upcoming_changes:
|
||||
date: '2022-10-01T00:00:00+00:00'
|
||||
criticality: 破壊的
|
||||
owner: lukewar
|
||||
-
|
||||
location: ProjectView.groupedItems
|
||||
description: '`groupedItems` will be removed. Follow the ProjectV2 guide at https://github.blog/changelog/2022-06-23-the-new-github-issues-june-23rd-update/, to find a suitable replacement.'
|
||||
reason: '`ProjectNext`は、より多機能な`ProjectV2`に置き換えられて非推奨になりました。'
|
||||
date: '2022-10-01T00:00:00+00:00'
|
||||
criticality: 破壊的
|
||||
owner: lukewar
|
||||
-
|
||||
location: ProjectView.items
|
||||
description: '`items`は削除されます。適切な置き換えを見つけるには、https://github.blog/changelog/2022-06-23-the-new-github-issues-june-23rd-update/ にあるProjectV2ガイドに従ってください。'
|
||||
|
||||
@@ -994,6 +994,13 @@ upcoming_changes:
|
||||
date: '2022-10-01T00:00:00+00:00'
|
||||
criticality: 破壊的
|
||||
owner: lukewar
|
||||
-
|
||||
location: ProjectView.groupedItems
|
||||
description: '`groupedItems` will be removed. Follow the ProjectV2 guide at https://github.blog/changelog/2022-06-23-the-new-github-issues-june-23rd-update/, to find a suitable replacement.'
|
||||
reason: '`ProjectNext`は、より多機能な`ProjectV2`に置き換えられて非推奨になりました。'
|
||||
date: '2022-10-01T00:00:00+00:00'
|
||||
criticality: 破壊的
|
||||
owner: lukewar
|
||||
-
|
||||
location: ProjectView.items
|
||||
description: '`items`は削除されます。適切な置き換えを見つけるには、https://github.blog/changelog/2022-06-23-the-new-github-issues-june-23rd-update/ にあるProjectV2ガイドに従ってください。'
|
||||
|
||||
@@ -0,0 +1,17 @@
|
||||
You can sort and filter {% data variables.product.prodname_dependabot_alerts %} by typing filters as `key:value` pairs into the search bar.
|
||||
|
||||
| オプション | 説明 | サンプル |
|
||||
|:---------- |:---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |:---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
|
||||
| `エコシステム` | Displays alerts for the selected ecosystem | Use `ecosystem:npm` to show {% data variables.product.prodname_dependabot_alerts %} for npm |{% ifversion fpt or ghec or ghes > 3.5 %}
|
||||
| `has` | Displays alerts meeting the selected filter criteria | Use `has:patch` to show alerts related to advisories that have a patch{% ifversion dependabot-alerts-vulnerable-calls %}</br>Use `has:vulnerable-calls` to show alerts relating to calls to vulnerable functions{% endif %}
|
||||
{% endif %}
|
||||
| `is` | Displays alerts based on their state | Use `is:open` to show open alerts |
|
||||
| `manifest` | Displays alerts for the selected manifest | Use `manifest:webwolf/pom.xml` to show alerts on the pom.xml file of the webwolf application |
|
||||
| `package` | Displays alerts for the selected package | Use `package:django` to show alerts for django |
|
||||
| `解決策` | Displays alerts of the selected resolution status | Use `resolution:no-bandwidth` to show alerts previously parked due to lack of resources or time to fix them |
|
||||
| `repo` | Displays alerts based on the repository they relate to</br>Note that this filter is only available on the security overview. For more information, see "[About the security overview](/code-security/security-overview/about-the-security-overview)" | Use `repo:octocat-repo` to show alerts in the repository called `octocat-repo` |{%- ifversion dependabot-alerts-development-label %}
|
||||
| `スコープ` | Displays alerts based on the scope of the dependency they relate to | Use `scope:development` to show alerts for dependencies that are only used during development
|
||||
{% endif %}
|
||||
| `重要度` | Displays alerts based on their level of severity | Use `severity:high` to show alerts with a severity of High |{%- ifversion dependabot-most-important-sort-option %}
|
||||
| `ソート` | Displays alerts according to the selected sort order | The default sorting option for alerts is `sort:most-important`, which ranks alerts by importance</br>Use `sort:newest` to show the latest alerts reported by {% data variables.product.prodname_dependabot %}
|
||||
{% endif %}
|
||||
@@ -1 +1 @@
|
||||
If team sync is enabled for your organization or enterprise account, you can synchronize a {% data variables.product.prodname_dotcom %} team with an IdP group. When you synchronize a {% data variables.product.prodname_dotcom %} team with an IdP group, membership changes to the IdP group are reflected on {% data variables.product.product_name %} automatically, reducing the need for manual updates and custom scripts. {% ifversion ghec %}For more information, see "[Managing team synchronization for your organization](/organizations/managing-saml-single-sign-on-for-your-organization/managing-team-synchronization-for-your-organization)" and "[Managing team synchronization for organizations in your enterprise](/admin/identity-and-access-management/managing-iam-for-your-enterprise/managing-team-synchronization-for-organizations-in-your-enterprise)".{% endif %}
|
||||
Team同期がOrganizationもしくはEnterpriseアカウントで有効化されているなら、{% data variables.product.prodname_dotcom %}のTeamをIdPグループと同期できます。 {% data variables.product.prodname_dotcom %} TeamをIdPグループと同期すると、IdPグループへのメンバーシップの変更は{% data variables.product.product_name %}に自動的に反映され、手動での更新やカスタムスクリプトの必要性を削減してくれます。 {% ifversion ghec %}詳しい情報については「[OrganizationのTeam同期の管理](/organizations/managing-saml-single-sign-on-for-your-organization/managing-team-synchronization-for-your-organization)」及び「[Enterprise内のOrganizationのTeam同期の管理](/admin/identity-and-access-management/managing-iam-for-your-enterprise/managing-team-synchronization-for-organizations-in-your-enterprise)」を参照してください。{% endif %}
|
||||
|
||||
@@ -1 +1 @@
|
||||
たとえば、自分のオフィスのネットワークのIPアドレスからのアクセスのみを許可できます。 The allow list for IP addresses will block access to private resources via the web, API, and Git from any IP addresses that are not on the allow list.
|
||||
たとえば、自分のオフィスのネットワークのIPアドレスからのアクセスのみを許可できます。 IPアドレスの許可リストは、許可リストに載っていないIPアドレスからのWeb、API、Gitによるプライベートリソースへのアクセスをブロックします。
|
||||
|
||||
@@ -1 +1 @@
|
||||
3. Confirm that SAML SSO is enabled for your organization. 詳細は「[Organization で SAML シングルサインオンを管理する](/organizations/managing-saml-single-sign-on-for-your-organization/)」を参照してください。
|
||||
3. SAML SSOがOrganizationで有効化されていることを確認してください。 詳細は「[Organization で SAML シングルサインオンを管理する](/organizations/managing-saml-single-sign-on-for-your-organization/)」を参照してください。
|
||||
|
||||
@@ -1 +1 @@
|
||||
1. We recommend you confirm that your users have SAML enabled and have a linked SCIM identity to avoid potential provisioning errors. For more information, see "[Troubleshooting identity and access management for your organization](/organizations/managing-saml-single-sign-on-for-your-organization/troubleshooting-identity-and-access-management-for-your-organization)."
|
||||
1. ユーザがSAMLを有効化しており、潜在的なプロビジョニングのエラーを回避するためにリンクされたSCIMアイデンティティを持っていることを確認するようおすすめします。 詳しい情報については「[Organizationでのアイデンティティ及びアクセス管理のトラブルシューティング](/organizations/managing-saml-single-sign-on-for-your-organization/troubleshooting-identity-and-access-management-for-your-organization)」を参照してください。
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
Before you enable team synchronization for Okta, you or your IdP administrator must:
|
||||
OktaのTeam同期を有効化する前に、あなたもしくはあなたのIdPの管理者は、以下のことをしなければなりません:
|
||||
|
||||
- Configure the SAML, SSO, and SCIM integration for your organization using Okta. 詳しい情報については「[Oktaを使用したSAMLシングルサインオンとSCIMの設定](/organizations/managing-saml-single-sign-on-for-your-organization/configuring-saml-single-sign-on-and-scim-using-okta)」を参照してください。
|
||||
- Oktaを使ったOrganizatioinでのSAML、SSO、SCIMインテグレーションの設定。 詳しい情報については「[Oktaを使用したSAMLシングルサインオンとSCIMの設定](/organizations/managing-saml-single-sign-on-for-your-organization/configuring-saml-single-sign-on-and-scim-using-okta)」を参照してください。
|
||||
- OktaインスタンスのテナントURLを提供してください。
|
||||
- Okta環境にサービスユーザとして読み取りのみの管理権限を持つ、有効なSSWSトークンを生成してください。 詳しい情報についてはOktaのドキュメンテーションの[トークンの生成](https://developer.okta.com/docs/guides/create-an-api-token/create-the-token/)及び[サービスユーザ](https://help.okta.com/asa/en-us/Content/Topics/Adv_Server_Access/docs/service-users.htm)を参照してください。
|
||||
|
||||
@@ -1,8 +1,8 @@
|
||||
### 使用制限
|
||||
|
||||
There are usage limits for the team synchonization feature. Exceeding these limits will lead to a degredation in performance and may cause synchronization failures.
|
||||
Team同期の機能には使用制限があります。 これらの制限を超過すると、パフォーマンスの低下が生じ、同期に失敗することがあります。
|
||||
|
||||
- Maximum number of members in a GitHub team: 5,000
|
||||
- Maximum number of members in a GitHub organization: 10,000
|
||||
- Maximum number of teams in a GitHub organization: 1,500
|
||||
- GitHub Team内の最大メンバー数: 5,000
|
||||
- GitHub Organization内の最大メンバー数: 10,000
|
||||
- GitHub Organization内のTeamの最大メンバー数: 1,500
|
||||
|
||||
|
||||
@@ -1 +1 @@
|
||||
If you want to sell an app that's owned by your personal account, first you'll need to transfer the app to an organization, and then request verification for a listing created by the organization.
|
||||
自分の個人アカウントが所有するアプリケーションを販売したいなら、まずそのアプリケーションをOrganizationに移譲し、続いてそのOrganizationが作成したリストのための検証をリクエストしてください。
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
{% warning %}
|
||||
|
||||
**ノート:**{% data variables.product.prodname_marketplace %}の現在のバージョンでは、アプリケーションのWebサイトで購入したアカウントをすでに持っている顧客が、{% data variables.product.prodname_marketplace %}を通じてアプリケーションを購入できてしまいます。 If you find that you already have an account set up for the customer who purchased your app, please report the "double" purchases to [GitHub Support](https://github.com/contact).
|
||||
**ノート:**{% data variables.product.prodname_marketplace %}の現在のバージョンでは、アプリケーションのWebサイトで購入したアカウントをすでに持っている顧客が、{% data variables.product.prodname_marketplace %}を通じてアプリケーションを購入できてしまいます。 アプリケーションを購入した顧客に対して、すでにアカウントがセットアップされていることに気づいたら、[GitHub Support](https://github.com/contact)に「二重」購入を報告してください。
|
||||
|
||||
{% endwarning %}
|
||||
|
||||
@@ -1,3 +1,3 @@
|
||||
{%- ifversion fpt or ghec or ghes or ghae-issue-4910 %}issues, pull requests, releases, security alerts, or discussions
|
||||
{%- else %}issues, pull requests, releases, or discussions<!-- `else` statement probably not picked up by GHES 3.1 deprecation script. Will need to review here -->
|
||||
{%- ifversion fpt or ghec or ghes or ghae-issue-4910 %}Issue、Pull Request、リリース、セキュリティアラート、ディスカッション
|
||||
{%- else %}Issue、Pull Request、リリース、ディスカッション<!-- `else` statement probably not picked up by GHES 3.1 deprecation script. Will need to review here -->
|
||||
{% endif %}
|
||||
|
||||
@@ -1,3 +1,3 @@
|
||||
Your team can collaborate on {% data variables.product.product_name %} by using an organization account, which serves as a container for your shared work and gives the work a unique name and brand.
|
||||
チームはOrganizationアカウントを使うことで{% data variables.product.product_name %}上で共同作業できます。Organizationアカウントは共有作業のコンテナとして働き、作業に固有の名前とブランドを与えます。
|
||||
|
||||
Each person that uses {% data variables.product.prodname_dotcom %} always signs into a personal account, and multiple personal accounts can collaborate on shared projects by joining the same organization account. A subset of these personal accounts can be given the role of organization owner, which allows those people to granularly manage access to the organization's resources using sophisticated security and administrative features.
|
||||
{% data variables.product.prodname_dotcom %}を使う各人は、常に個人アカウントにサインインし、複数の個人アカウントが同じOrganizationアカウントに参加することによって、共有されたプロジェクト上で共同作業できます。 これらの個人アカウントの一部にOrganiationオーナーのロールを与えることができます。これによって、それらの人々は洗練されたセキュリティ及び管理機能を使い、詳細にOrganizationのリソースへのアクセスを管理できるようになります。
|
||||
|
||||
@@ -1 +1 @@
|
||||
To perform any actions on {% data variables.product.prodname_dotcom %}, such as creating a pull request in a repository or changing an organization's billing settings, a person must have sufficient access to the relevant account or resource. This access is controlled by permissions. A permission is the ability to perform a specific action. For example, the ability to delete an issue is a permission. A role is a set of permissions you can assign to individuals or teams.
|
||||
リポジトリでのPull Requestの作成やOrganizationの支払い設定の変更など、{% data variables.product.prodname_dotcom %}でなんらかのアクションを行うためには、ユーザは関連するアカウントやリソースに対する十分なアクセス権を持っていなければなりません。 このアクセスは、権限によって制御されます。 権限は、特定のアクションを行える能力です。 たとえばIssueを削除する能力は権限です。 ロールは、個人やTeamに割り当てることができる権限のセットです。
|
||||
|
||||
@@ -1 +1 @@
|
||||
Security manager is an organization-level role that organization owners can assign to any team in an organization. When applied, it gives every member of the team permissions to manage security alerts and settings across your organization, as well as read permissions for all repositories in the organization.
|
||||
セキュリティマネージャーはOrganizationレベルのロールで、OrganizationのオーナーがOrganization内の任意のTeamに割り当てることができます。 このロールが適用されると、Teamの各メンバーにはOrganization全体のセキュリティーアラートと設定の管理権限と、Organization内のすべてのリポジトリへの読み取り権限が付与されます。
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
{% data reusables.user-settings.access_settings %}
|
||||
1. In the "Access" section of the sidebar, click **{% octicon "organization" aria-label="The organization icon" %} Organizations**.
|
||||
1. サイドバーの"Access(アクセス)"セクションで、**{% octicon "organization" aria-label="The organization icon" %} Organizations**をクリックしてください。
|
||||
{% data reusables.profile.org_settings %}
|
||||
1. If you are an organization owner, in the "Access" section of the sidebar, click **{% octicon "credit-card" aria-label="The credit-card icon" %} Billing and plans**.
|
||||
1. Organizationのオーナーは、サイドバーの"Access(アクセス)"セクションで、**{% octicon "credit-card" aria-label="The credit-card icon" %} Billing and plans(支払いとプラン)**をクリックしてください。
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5658 %}
|
||||
1. In the "Access" section of the sidebar, click **{% octicon "credit-card" aria-label="The credit card icon" %} Billing and plans**.
|
||||
1. サイドバーの"Access(アクセス)"セクションで**{% octicon "credit-card" aria-label="The credit card icon" %} Billing and plans(支払いとプラン)**をクリックしてください。
|
||||
{% else %}
|
||||
1. OrganizationのSettings(設定)サイドバーで、**Billing & plans(支払いとプラン)**をクリックしてください。 
|
||||
{% endif %}
|
||||
|
||||
@@ -1 +1 @@
|
||||
1. In the sidebar, select **{% octicon "report" aria-label="The report icon" %} Moderation**, then click **Blocked users**.
|
||||
1. サイドバーで**{% octicon "report" aria-label="The report icon" %}Moderation(モデレーション)**を選択して、続いて**Blocked users(ブロックされたユーザ)**をクリックしてください。
|
||||
|
||||
@@ -1 +1 @@
|
||||
1. If the person you're inviting has never been a member of the organization or if you cleared their privileges, choose an organization role for the user. 
|
||||
1. 招待している人がOrganizationのメンバーだったことがない、あるいはその人の権限をクリア済みなら、そのユーザのOrganizationのロールを選択してください。 
|
||||
|
||||
@@ -1 +1 @@
|
||||
1. In the left sidebar, click **{% octicon "codespaces" aria-label="The codespaces icon" %} Codespaces**.
|
||||
1. 左のサイドバーで**{% octicon "codespaces" aria-label="The codespaces icon" %} Codespaces**をクリックしてください。
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5658 %}
|
||||
1. In the left sidebar, select **{% octicon "code" aria-label="The code icon" %} Developer settings** then click **{% data variables.product.prodname_github_apps %}**.
|
||||
1. 左のサイドバーで**{% octicon "code" aria-label="The code icon" %} Developer settings(開発者設定)**を選択し、続いて**{% data variables.product.prodname_github_apps %}**をクリックしてください。
|
||||
{% else %}
|
||||
1. 左のサイドバーで**{% data variables.product.prodname_github_apps %}**をクリックしてください。 
|
||||
1. 左のサイドバーで**{% data variables.product.prodname_github_apps %}**をクリックしてください。 
|
||||
{% endif %}
|
||||
|
||||
@@ -1 +1 @@
|
||||
1. To the right of "Manage access", click **Add people** or **Add teams**. 
|
||||
1. "Manage access(アクセスの管理)"の右で、**Add people(人の追加)**あるいは**Add teams(Teamの追加)**をクリックしてください。 
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5658 %}
|
||||
1. In the "Access" section of the sidebar, click **{% octicon "people" aria-label="The people icon" %} Member privileges**.
|
||||
1. サイドバーの"Access(アクセス)"セクションで、**{% octicon "people" aria-label="The people icon" %} Member privileges(メンバーの権限)**をクリックしてください。
|
||||
{% else %}
|
||||
4. 左のサイドバーで、**Member privileges(メンバーの権限)**をクリックしてください。 
|
||||
{% endif %}
|
||||
|
||||
@@ -1 +1 @@
|
||||
If a person has been given conflicting access, you'll see a warning on the repository access page. The warning appears with "{% octicon "alert" aria-label="The alert icon" %} Mixed roles" next to the person with the conflicting access. To see the source of the conflicting access, hover over the warning icon or click **Mixed roles**.
|
||||
競合するアクセスがユーザに付与されると、リポジトリのアクセスページに警告が表示されます。 警告は、競合するアクセスを持つ人の隣に"{% octicon "alert" aria-label="The alert icon" %} Mixed roles(混合ロール) "と表示されます。 競合するアクセスのソースを表示するには、警告アイコンの上にカーソルを合わせるか、**Mixed roles(混合ロール)**をクリックしてください。
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5658 %}
|
||||
1. In the "Access" section of the sidebar, click **{% octicon "organization" aria-label="The organization icon" %} Organizations**.
|
||||
1. サイドバーの"Access(アクセス)"セクションで、**{% octicon "organization" aria-label="The organization icon" %} Organizations**をクリックしてください。
|
||||
{% else %}
|
||||
1. ユーザ設定サイドバーで**Organizations**をクリックしてください。 
|
||||
{% endif %}
|
||||
|
||||
@@ -376,13 +376,13 @@ translations/zh-CN/data/reusables/dependency-submission/about-dependency-submiss
|
||||
translations/zh-CN/data/reusables/dotcom_billing/downgrade-org-to-free.md,broken liquid tags
|
||||
translations/zh-CN/data/reusables/education/access-github-community-exchange.md,broken liquid tags
|
||||
translations/zh-CN/data/reusables/enterprise-accounts/emu-password-reset-session.md,broken liquid tags
|
||||
translations/zh-CN/data/reusables/enterprise-accounts/emu-short-summary.md,broken liquid tags
|
||||
translations/zh-CN/data/reusables/enterprise-accounts/emu-short-summary.md,rendering error
|
||||
translations/zh-CN/data/reusables/enterprise-licensing/verified-domains-license-sync.md,broken liquid tags
|
||||
translations/zh-CN/data/reusables/enterprise_installation/hardware-considerations-all-platforms.md,broken liquid tags
|
||||
translations/zh-CN/data/reusables/enterprise_management_console/badge_indicator.md,broken liquid tags
|
||||
translations/zh-CN/data/reusables/enterprise_user_management/consider-usernames-for-external-authentication.md,broken liquid tags
|
||||
translations/zh-CN/data/reusables/enterprise_user_management/consider-usernames-for-external-authentication.md,rendering error
|
||||
translations/zh-CN/data/reusables/gated-features/codespaces-classroom-articles.md,broken liquid tags
|
||||
translations/zh-CN/data/reusables/gated-features/enterprise-accounts.md,broken liquid tags
|
||||
translations/zh-CN/data/reusables/gated-features/enterprise-accounts.md,rendering error
|
||||
translations/zh-CN/data/reusables/gated-features/packages.md,broken liquid tags
|
||||
translations/zh-CN/data/reusables/gated-features/secret-scanning-partner.md,broken liquid tags
|
||||
translations/zh-CN/data/reusables/gated-features/secret-scanning.md,broken liquid tags
|
||||
@@ -403,9 +403,9 @@ translations/zh-CN/data/reusables/package_registry/packages-cluster-support.md,b
|
||||
translations/zh-CN/data/reusables/repositories/deleted_forks_from_private_repositories_warning.md,broken liquid tags
|
||||
translations/zh-CN/data/reusables/repositories/enable-security-alerts.md,broken liquid tags
|
||||
translations/zh-CN/data/reusables/repositories/select-marketplace-apps.md,broken liquid tags
|
||||
translations/zh-CN/data/reusables/saml/saml-session-oauth.md,broken liquid tags
|
||||
translations/zh-CN/data/reusables/saml/saml-session-oauth.md,rendering error
|
||||
translations/zh-CN/data/reusables/saml/you-must-periodically-authenticate.md,Listed in localization-support#489
|
||||
translations/zh-CN/data/reusables/saml/you-must-periodically-authenticate.md,broken liquid tags
|
||||
translations/zh-CN/data/reusables/saml/you-must-periodically-authenticate.md,rendering error
|
||||
translations/zh-CN/data/reusables/scim/after-you-configure-saml.md,broken liquid tags
|
||||
translations/zh-CN/data/reusables/secret-scanning/enterprise-enable-secret-scanning.md,broken liquid tags
|
||||
translations/zh-CN/data/reusables/secret-scanning/partner-program-link.md,broken liquid tags
|
||||
|
||||
|
@@ -354,7 +354,7 @@ runs:
|
||||
|
||||
#### `runs.steps[*].with`
|
||||
|
||||
**可选** 输入参数的 `map` 由操作定义。 每个输入参数都是一个键/值对。 输入参数被设置为环境变量。 该变量的前缀为 INPUT_,并转换为大写。
|
||||
**可选** 输入参数的 `map` 由操作定义。 每个输入参数都是一个键/值对。 For more information, see [Example: Specifying inputs](#example-specifying-inputs).
|
||||
|
||||
```yaml
|
||||
runs:
|
||||
|
||||
@@ -38,8 +38,10 @@ shortTitle: 在 GitHub Marketplace 中发布
|
||||
要草拟新发行版并将操作发布到 {% data variables.product.prodname_marketplace %},请遵循以下说明:
|
||||
|
||||
{% data reusables.repositories.navigate-to-repo %}
|
||||
1. 当仓库包含操作元数据文件(`action.yml` 或 `action.yaml`),您会看到一个用于将操作发布到 {% data variables.product.prodname_marketplace %} 的横幅。 单击 **Draft a release(草拟发行版)**。 
|
||||
1. 选择**将此操作发布到 {% data variables.product.prodname_marketplace %}**。 如果无法选择**将此操作发布到 {% data variables.product.prodname_marketplace %}** 复选框,则需要先阅读并接受 {% data variables.product.prodname_marketplace %} 协议。 
|
||||
1. Navigate to the action metadata file in your repository (`action.yml` or `action.yaml`), and you'll see a banner to publish the action to {% data variables.product.prodname_marketplace %}. 单击 **Draft a release(草拟发行版)**。
|
||||
|
||||
|
||||
1. Under "Release Action", select the checkbox to publish the action to the {% data variables.product.prodname_marketplace %}. If you can't select the checkbox, you must first click the link to read and accept the {% data variables.product.prodname_marketplace %} Developer Agreement. 
|
||||
1. 如果元数据文件中的标签包含任何问题,您将看到一条错误消息。 
|
||||
1. 如果您看到任何屏幕上的建议,请通过更新元数据文件来解决这些问题。 完成后,您将看到一条“Everything looks good!(一切看起来都不错!)”的消息。 
|
||||
1. 选择“Primary Category(主要类别)”,然后按需要选择“Another Category(另一个类别)”,这将有助于人们找到您的 {% data variables.product.prodname_marketplace %} 中的操作。 
|
||||
|
||||
@@ -84,7 +84,7 @@ miniTocMaxHeadingLevel: 3
|
||||
| <code>jobs.<job_id>.name</code> | <code>github, needs, strategy, matrix, inputs</code> | |
|
||||
| <code>jobs.<job_id>.outputs.<output_id></code> | <code>github, needs, strategy, matrix, job, runner, env, secrets, steps, inputs</code> | |
|
||||
| <code>jobs.<job_id>.runs-on</code> | <code>github, needs, strategy, matrix, inputs</code> | |
|
||||
| <code>jobs.<job_id>.secrets.<secrets_id></code> | <code>github, needs, secrets{% ifversion actions-unified-inputs %}, inputs{% endif %}</code> | |
|
||||
| <code>jobs.<job_id>.secrets.<secrets_id></code> | <code>github, needs,{% ifversion actions-reusable-workflow-matrix %} strategy, matrix,{% endif %} secrets{% ifversion actions-unified-inputs %}, inputs{% endif %}</code> | |
|
||||
| <code>jobs.<job_id>.services</code> | <code>github, needs, strategy, matrix, inputs</code> | |
|
||||
| <code>jobs.<job_id>.services.<service_id>.credentials</code> | <code>github, needs, strategy, matrix, env, secrets, inputs</code> | |
|
||||
| <code>jobs.<job_id>.services.<service_id>.env.<env_id></code> | <code>github, needs, strategy, matrix, job, runner, env, secrets, inputs</code> | |
|
||||
@@ -98,7 +98,7 @@ miniTocMaxHeadingLevel: 3
|
||||
| <code>jobs.<job_id>.steps.working-directory</code> | <code>github, needs, strategy, matrix, job, runner, env, secrets, steps, inputs</code> | <code>hashFiles</code> |
|
||||
| <code>jobs.<job_id>.strategy</code> | <code>github, needs, inputs</code> | |
|
||||
| <code>jobs.<job_id>.timeout-minutes</code> | <code>github, needs, strategy, matrix, inputs</code> | |
|
||||
| <code>jobs.<job_id>.with.<with_id></code> | <code>github, needs{% ifversion actions-unified-inputs %}, inputs{% endif %}</code> | |
|
||||
| <code>jobs.<job_id>.with.<with_id></code> | <code>github, needs{% ifversion actions-reusable-workflow-matrix %}, strategy, matrix{% endif %}{% ifversion actions-unified-inputs %}, inputs{% endif %}</code> | |
|
||||
| <code>on.workflow_call.inputs.<inputs_id>.default</code> | <code>github{% ifversion actions-unified-inputs %}, inputs{% endif %}</code> | |
|
||||
| <code>on.workflow_call.outputs.<output_id>.value</code> | <code>github, jobs, inputs</code> | |
|
||||
{% else %}
|
||||
|
||||
@@ -812,6 +812,8 @@ on:
|
||||
|
||||
此事件在拉取请求基础的上下文中运行,而不是像 `pull_request` 事件一样在合并提交的上下文中运行。 这样可以防止从拉取请求的头部执行不安全的代码,以免更改您的仓库或窃取您在工作流程中使用的任何机密。 此事件允许您的工作流程对来自复刻的拉取请求执行标记或评论等操作。 如果需要从拉取请求构建或运行代码,请避免使用此事件。
|
||||
|
||||
To ensure repository security, branches with names that match certain patterns (such as those which look similar to SHAs) may not trigger workflows with the `pull_request_target` event.
|
||||
|
||||
{% warning %}
|
||||
|
||||
**警告:** 对于由 `pull_request_target` 事件触发的工作流程,除非指定了 `permissions` 密钥并且工作流程可以访问机密,否则将向 `GITHUB_TOKEN` 授予读/写存储库权限, 即使它是从复刻触发的。 虽然工作流程在拉取请求的基础上下文中运行,但您应该确保不在此事件中检出、生成或运行来自拉取请求的不受信任代码。 此外,任何缓存都与基本分支共享相同的作用域。 为帮助防止缓存中毒,如果缓存内容可能已更改,则不应保存缓存。 更多信息请参阅 GitHub 安全实验室网站上的“[保持 GitHub Actions 和工作流程安全:阻止 pwn 请求](https://securitylab.github.com/research/github-actions-preventing-pwn-requests)”。
|
||||
|
||||
@@ -39,7 +39,7 @@ You can view the reused workflows referenced in your {% data variables.product.p
|
||||
|
||||
### Reusable workflows and starter workflows
|
||||
|
||||
Starter workflows allow everyone in your organization who has permission to create workflows to do so more quickly and easily. When people create a new workflow, they can choose a starter workflow and some or all of the work of writing the workflow will be done for them. Within a starter workflow, you can also reference reusable workflows to make it easy for people to benefit from reusing centrally managed workflow code. If you use a tag or branch name when referencing the reusable workflow, you can ensure that everyone who reuses that workflow will always be using the same YAML code. However, if you reference a reusable workflow by a tag or branch, be sure that you can trust that version of the workflow. For more information, see "[Security hardening for {% data variables.product.prodname_actions %}](/actions/security-guides/security-hardening-for-github-actions#reusing-third-party-workflows)."
|
||||
Starter workflows allow everyone in your organization who has permission to create workflows to do so more quickly and easily. When people create a new workflow, they can choose a starter workflow and some or all of the work of writing the workflow will be done for them. Within a starter workflow, you can also reference reusable workflows to make it easy for people to benefit from reusing centrally managed workflow code. If you use a commit SHA when referencing the reusable workflow, you can ensure that everyone who reuses that workflow will always be using the same YAML code. However, if you reference a reusable workflow by a tag or branch, be sure that you can trust that version of the workflow. For more information, see "[Security hardening for {% data variables.product.prodname_actions %}](/actions/security-guides/security-hardening-for-github-actions#reusing-third-party-workflows)."
|
||||
|
||||
For more information, see "[Creating starter workflows for your organization](/actions/learn-github-actions/creating-starter-workflows-for-your-organization)."
|
||||
|
||||
@@ -69,10 +69,14 @@ Called workflows that are owned by the same user or organization{% ifversion ghe
|
||||
|
||||
## Limitations
|
||||
|
||||
{% ifversion nested-reusable-workflow %}
|
||||
* You can connect up to four levels of workflows. For more information, see "[Calling a nested reusable workflow](#calling-a-nested-reusable-workflow)."
|
||||
{% else %}
|
||||
* Reusable workflows can't call other reusable workflows.
|
||||
{% endif %}
|
||||
* Reusable workflows stored within a private repository can only be used by workflows within the same repository.
|
||||
* Any environment variables set in an `env` context defined at the workflow level in the caller workflow are not propagated to the called workflow. For more information about the `env` context, see "[Context and expression syntax for GitHub Actions](/actions/reference/context-and-expression-syntax-for-github-actions#env-context)."
|
||||
* The `strategy` property is not supported in any job that calls a reusable workflow.
|
||||
* Any environment variables set in an `env` context defined at the workflow level in the caller workflow are not propagated to the called workflow. For more information about the `env` context, see "[Context and expression syntax for GitHub Actions](/actions/reference/context-and-expression-syntax-for-github-actions#env-context)."{% ifversion actions-reusable-workflow-matrix %}{% else %}
|
||||
* The `strategy` property is not supported in any job that calls a reusable workflow.{% endif %}
|
||||
|
||||
## Creating a reusable workflow
|
||||
|
||||
@@ -105,7 +109,13 @@ You can define inputs and secrets, which can be passed from the caller workflow
|
||||
{% endraw %}
|
||||
For details of the syntax for defining inputs and secrets, see [`on.workflow_call.inputs`](/actions/reference/workflow-syntax-for-github-actions#onworkflow_callinputs) and [`on.workflow_call.secrets`](/actions/reference/workflow-syntax-for-github-actions#onworkflow_callsecrets).
|
||||
{% ifversion actions-inherit-secrets-reusable-workflows %}
|
||||
1. In the reusable workflow, reference the input or secret that you defined in the `on` key in the previous step. If the secrets are inherited using `secrets: inherit`, you can reference them even if they are not defined in the `on` key.
|
||||
1. In the reusable workflow, reference the input or secret that you defined in the `on` key in the previous step.
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note**: If the secrets are inherited by using `secrets: inherit` in the calling workflow, you can reference them even if they are not explicitly defined in the `on` key. For more information, see "[Workflow syntax for GitHub Actions](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idsecretsinherit)."
|
||||
|
||||
{% endnote %}
|
||||
{%- else %}
|
||||
1. In the reusable workflow, reference the input or secret that you defined in the `on` key in the previous step.
|
||||
{%- endif %}
|
||||
@@ -164,7 +174,36 @@ jobs:
|
||||
token: ${{ secrets.token }}
|
||||
```
|
||||
{% endraw %}
|
||||
{% ifversion actions-reusable-workflow-matrix %}
|
||||
## Using a matrix strategy with a reusable workflow
|
||||
|
||||
Jobs using the matrix strategy can call a reusable workflow.
|
||||
|
||||
A matrix strategy lets you use variables in a single job definition to automatically create multiple job runs that are based on the combinations of the variables. For example, you can use a matrix strategy to pass different inputs to a reusable workflow. For more information about matrices, see "[Using a matrix for your jobs](/actions/using-jobs/using-a-matrix-for-your-jobs)."
|
||||
|
||||
### Example matrix strategy with a reusable workflow
|
||||
|
||||
This workflow file references the matrix context by defining the variable `target` with the values `[dev, stage, prod]`. The workflow will run three jobs, one for each value in the variable. The workflow file also calls a reusable workflow by using the `uses` keyword.
|
||||
|
||||
{% raw %}
|
||||
```yaml{:copy}
|
||||
name: Reusable workflow with matrix strategy
|
||||
|
||||
on:
|
||||
push:
|
||||
|
||||
jobs:
|
||||
ReuseableMatrixJobForDeployment:
|
||||
strategy:
|
||||
matrix:
|
||||
target: [dev, stage, prod]
|
||||
uses: octocat/octo-repo/.github/workflows/deployment.yml@main
|
||||
with:
|
||||
target: ${{ matrix.target }}
|
||||
```
|
||||
{% endraw %}
|
||||
|
||||
{% endif %}
|
||||
## Calling a reusable workflow
|
||||
|
||||
You call a reusable workflow by using the `uses` keyword. Unlike when you are using actions within a workflow, you call reusable workflows directly within a job, and not from within job steps.
|
||||
@@ -234,9 +273,62 @@ jobs:
|
||||
```
|
||||
{% endraw %}
|
||||
|
||||
{% ifversion nested-reusable-workflow %}
|
||||
## Nesting reusable workflows
|
||||
|
||||
You can connect a maximum of four levels of workflows - that is, the top-level caller workflow and up to three levels of reusable workflows. For example: _caller-workflow.yml_ → _called-workflow-1.yml_ → _called-workflow-2.yml_ → _called-workflow-3.yml_. Loops in the workflow tree are not permitted.
|
||||
|
||||
From within a reusable workflow you can call another reusable workflow.
|
||||
|
||||
{% raw %}
|
||||
```yaml{:copy}
|
||||
name: Reusable workflow
|
||||
|
||||
on:
|
||||
workflow_call:
|
||||
|
||||
jobs:
|
||||
call-another-reusable:
|
||||
uses: octo-org/example-repo/.github/workflows/another-reusable.yml@v1
|
||||
```
|
||||
{% endraw %}
|
||||
|
||||
### Passing secrets to nested workflows
|
||||
|
||||
You can use `jobs.<job_id>.secrets` in a calling workflow to pass named secrets to a directly called workflow. Alternatively, you can use `jobs.<job_id>.secrets.inherit` to pass all of the calling workflow's secrets to a directly called workflow. For more information, see the section "[Passing inputs and secrets to a reusable workflow](/actions/using-workflows/reusing-workflows#passing-inputs-and-secrets-to-a-reusable-workflow)" above, and the reference article "[Workflow syntax for GitHub Actions](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idsecretsinherit)." Secrets are only passed to directly called workflow, so in the workflow chain A > B > C, workflow C will only receive secrets from A if they have been passed from A to B, and then from B to C.
|
||||
|
||||
In the following example, workflow A passes all of its secrets to workflow B, by using the `inherit` keyword, but workflow B only passes one secret to workflow C. Any of the other secrets passed to workflow B are not available to workflow C.
|
||||
|
||||
{% raw %}
|
||||
```yaml
|
||||
jobs:
|
||||
workflowA-calls-workflowB:
|
||||
uses: octo-org/example-repo/.github/workflows/B.yml@main
|
||||
secrets: inherit # pass all secrets
|
||||
```
|
||||
|
||||
```yaml
|
||||
jobs:
|
||||
workflowB-calls-workflowC:
|
||||
uses: different-org/example-repo/.github/workflows/C.yml@main
|
||||
secrets:
|
||||
envPAT: ${{ secrets.envPAT }} # pass just this secret
|
||||
```
|
||||
{% endraw %}
|
||||
|
||||
### Access and permissions
|
||||
|
||||
A workflow that contains nested reusable workflows will fail if any of the nested workflows is inaccessible to the initial caller workflow. For more information, see "[Access to reusable workflows](/actions/using-workflows/reusing-workflows#access-to-reusable-workflows)."
|
||||
|
||||
`GITHUB_TOKEN` permissions can only be the same or more restrictive in nested workflows. For example, in the workflow chain A > B > C, if workflow A has `package: read` token permission, then B and C cannot have `package: write` permission. For more information, see "[Automatic token authentication](/actions/security-guides/automatic-token-authentication)."
|
||||
{% endif %}
|
||||
|
||||
## Using outputs from a reusable workflow
|
||||
|
||||
A reusable workflow may generate data that you want to use in the caller workflow. To use these outputs, you must specify them as the outputs of the reusable workflow.
|
||||
A reusable workflow may generate data that you want to use in the caller workflow. To use these outputs, you must specify them as the outputs of the reusable workflow.{% ifversion actions-reusable-workflow-matrix %}
|
||||
|
||||
If a reusable workflow that sets an output is executed with a matrix strategy, the output will be the output set by the last successful completing reusable workflow of the matrix which actually sets a value.
|
||||
That means if the last successful completing reusable workflow sets an empty string for its output, and the second last successful completing reusable workflow sets an actual value for its output, the output will contain the value of the second last completing reusable workflow.{% endif %}
|
||||
|
||||
The following reusable workflow has a single job containing two steps. In each of these steps we set a single word as the output: "hello" and "world." In the `outputs` section of the job, we map these step outputs to job outputs called: `output1` and `output2`. In the `on.workflow_call.outputs` section we then define two outputs for the workflow itself, one called `firstword` which we map to `output1`, and one called `secondword` which we map to `output2`.
|
||||
|
||||
|
||||
@@ -365,9 +365,9 @@ jobs:
|
||||
|
||||
选择要作为作业中步骤的一部分运行的操作。 操作是一种可重复使用的代码单位。 您可以使用工作流程所在仓库中、公共仓库中或[发布 Docker 容器映像](https://hub.docker.com/)中定义的操作。
|
||||
|
||||
强烈建议指定 Git ref、SHA 或 Docker 标记编号来包含所用操作的版本。 如果不指定版本,在操作所有者发布更新时可能会中断您的工作流程或造成非预期的行为。
|
||||
We strongly recommend that you include the version of the action you are using by specifying a Git ref, SHA, or Docker tag. 如果不指定版本,在操作所有者发布更新时可能会中断您的工作流程或造成非预期的行为。
|
||||
- 使用已发行操作版本的 SHA 对于稳定性和安全性是最安全的。
|
||||
- 使用特定主要操作版本可在保持兼容性的同时接收关键修复和安全补丁。 还可确保您的工作流程继续工作。
|
||||
- If the action publishes major version tags, you should expect to receive critical fixes and security patches while still retaining compatibility. Note that this behavior is at the discretion of the action's author.
|
||||
- 使用操作的默认分支可能很方便,但如果有人新发布具有突破性更改的主要版本,您的工作流程可能会中断。
|
||||
|
||||
有些操作要求必须通过 [`with`](#jobsjob_idstepswith) 关键词设置输入。 请查阅操作的自述文件,确定所需的输入。
|
||||
@@ -1037,15 +1037,23 @@ jobs:
|
||||
- `[]` 匹配列在括号中或包含在范围内的一个字符。 范围只能包含 `a-z`、`A-Z` 和 `0-9`。 例如,范围 `[0-9a-z]` 匹配任何数字或小写字母。 例如,`[CB]at` 匹配 `Cat` 或 `Bat`,`[1-2]00` 匹配 `100` 和 `200`。
|
||||
- `!`:在模式开始时,它将否定以前的正模式。 如果不是第一个字符,它就没有特殊的意义。
|
||||
|
||||
字符 `*`、`[` 和 `!` 是 YAML 中的特殊字符。 如果模式以 `*`、`[` 或 `!` 开头,必须用引号括住模式。
|
||||
字符 `*`、`[` 和 `!` 是 YAML 中的特殊字符。 如果模式以 `*`、`[` 或 `!` 开头,必须用引号括住模式。 Also, if you use a [flow sequence](https://yaml.org/spec/1.2.2/#flow-sequences) with a pattern containing `[` and/or `]`, the pattern must be enclosed in quotes.
|
||||
|
||||
```yaml
|
||||
# Valid
|
||||
- '**/README.md'
|
||||
branches:
|
||||
- '**/README.md'
|
||||
|
||||
# Invalid - creates a parse error that
|
||||
# prevents your workflow from running.
|
||||
- **/README.md
|
||||
branches:
|
||||
- **/README.md
|
||||
|
||||
# Valid
|
||||
branches: [ main, 'release/v[0-9].[0-9]' ]
|
||||
|
||||
# Invalid - creates a parse error
|
||||
branches: [ main, release/v[0-9].[0-9] ]
|
||||
```
|
||||
|
||||
有关分支、标记和路径筛选器语法的更多信息,请参阅“[`on.<push>.<branches|tags>`](#onpushbranchestagsbranches-ignoretags-ignore)”、“[`on.<pull_request>.<branches|tags>`](#onpull_requestpull_request_targetbranchesbranches-ignore)”和“[`on.<push|pull_request>.paths`](#onpushpull_requestpull_request_targetpathspaths-ignore)”。
|
||||
|
||||
@@ -672,7 +672,7 @@ You can add the optional `--prune` argument to remove unreachable Git objects th
|
||||
|
||||
{% warning %}
|
||||
|
||||
**Warning**: Before using the `--prune` argument to remove unreachable Git objects, put {% data variables.product.product_location %} into maintenance mode, or ensure the repository is offline. For more information, see "[Enabling and scheduling maintenance mode](/admin/configuration/configuring-your-enterprise/enabling-and-scheduling-maintenance-mode)."
|
||||
**Warning**: Before using the `--prune` argument to remove unreachable Git objects, put {% data variables.product.product_location %} into maintenance mode, or ensure all repositories within the same repository network are locked. For more information, see "[Enabling and scheduling maintenance mode](/admin/configuration/configuring-your-enterprise/enabling-and-scheduling-maintenance-mode)."
|
||||
|
||||
{% endwarning %}
|
||||
|
||||
|
||||
@@ -20,7 +20,7 @@ shortTitle: 创建 HA 副本
|
||||
## 创建高可用性副本
|
||||
|
||||
1. 在所需平台上设置新的 {% data variables.product.prodname_ghe_server %} 设备。 副本设备应镜像主设备的 CPU、RAM 和存储设置。 建议您在独立环境中安装副本设备。 底层硬件、软件和网络组件应与主设备的相应部分隔离。 如果要使用云提供商,请使用单独的区域或分区。 更多信息请参阅“[设置 {% data variables.product.prodname_ghe_server %} 实例](/enterprise/admin/guides/installation/setting-up-a-github-enterprise-server-instance)”。
|
||||
1. 确保主设备和新的副本设备可以通过端口 122/TCP 和 1194/UDP 相互通信。 更多信息请参阅“[网络端口](/admin/configuration/configuring-network-settings/network-ports#administrative-ports)”。
|
||||
1. Ensure that the new appliance can communicate with all other appliances in this high availability environment over ports 122/TCP and 1194/UDP. 更多信息请参阅“[网络端口](/admin/configuration/configuring-network-settings/network-ports#administrative-ports)”。
|
||||
1. 在浏览器中,导航到新副本设备的 IP 地址并上传您的 {% data variables.product.prodname_enterprise %} 许可。
|
||||
{% data reusables.enterprise_installation.replica-steps %}
|
||||
1. 使用 SSH 连接到副本设备的 IP 地址。
|
||||
|
||||
@@ -32,7 +32,7 @@ There are a few approaches for tackling newly committed credentials, but one exa
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** You can automate this step. For large enterprises and organizations with hundreds of repositories, manually following up is unsustainable. You could incorporate automation into the webhook process defined in the first step. The webhook payload contains repository and organization information about the leaked secret. Using this information, you can contact the current maintainers on the repository and create a email/message to the responsible people or open an issue.
|
||||
**Note:** You can automate this step. For large enterprises and organizations with hundreds of repositories, manually following up is unsustainable. You could incorporate automation into the webhook process defined in the first step. The webhook payload contains repository and organization information about the leaked secret. Using this information, you can contact the current maintainers on the repository and create an email/message to the responsible people or open an issue.
|
||||
|
||||
{% endnote %}
|
||||
3. **Educate**: Create an internal training document assigned to the developer who committed the secret. Within this training document, you can explain the risks created by committing secrets and direct them to your best practice information about using secrets securely in development. If the a developer doesn't learn from the experience and continues to commit secrets, you could create an escalation process, but education usually works well.
|
||||
|
||||
@@ -37,20 +37,40 @@ topics:
|
||||
|
||||
{% data variables.product.product_name %} 在检测到您的代码库正在使用具有已知安全风险的依赖项时会生成 {% data variables.product.prodname_dependabot_alerts %}。 对于启用了 {% data variables.product.prodname_dependabot_security_updates %} 的仓库,当 {% data variables.product.product_name %} 在默认分支中检测到有漏洞的依赖项时,{% data variables.product.prodname_dependabot %} 会创建拉取请求来修复它。 拉取请求会将依赖项升级到避免漏洞所需的最低安全版本。
|
||||
|
||||
{% ifversion dependabot-most-important-sort-option %} 默认情况下,{% data variables.product.prodname_dependabot_alerts %} 按重要性顺序显示在 {% data variables.product.prodname_dependabot_alerts %} 选项卡中,但您可以按其他条件对警报进行排序。 {% endif %}{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5638 %}您可以使用 {% data variables.product.prodname_dependabot_alerts %} 选项卡中的下拉菜单对 {% data variables.product.prodname_dependabot_alerts %} 进行排序和过滤,也可以在搜索栏中键入过滤条件作为`键:值`对。 可用的过滤器是存储库(例如 `repo:my-repository`)、包(例如 `package:django`)、生态系统(例如 `ecosystem:npm`)、清单(例如 `manifest:webwolf/pom.xml`)、状态(例如 `is:open`) 以及公告是否有补丁(例如 `has: patch`)。{% ifversion dependabot-alerts-development-label %} 还可以使用 `scope`(例如:`scope:development` 或 `scope:runtime`)筛选具有依赖关系范围数据的警报。 使用 `scope:development`,警报列表将仅显示开发期间使用的依赖项,而不显示生产期间使用的依赖项。{% endif %}
|
||||
|
||||
每个 {% data variables.product.prodname_dependabot %} 警报都有一个唯一的数字标识符,{% data variables.product.prodname_dependabot_alerts %} 选项卡列出了每个检测到的漏洞的警报。 旧版 {% data variables.product.prodname_dependabot_alerts %} 按依赖项对漏洞进行分组,并为每个依赖项生成一个警报。 如果导航到旧版 {% data variables.product.prodname_dependabot %} 警报,则会将您重定向到为该包筛选的 {% data variables.product.prodname_dependabot_alerts %} 选项卡。 {% endif %}
|
||||
|
||||
{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5638 %}
|
||||
You can filter and sort {% data variables.product.prodname_dependabot_alerts %} using a variety of filters and sort options available on the user interface. For more information, see "[Prioritizing {% data variables.product.prodname_dependabot_alerts %}](#prioritizing-across--data-variablesproductprodname_dependabot_alerts-)" below.
|
||||
|
||||
## Prioritizing {% data variables.product.prodname_dependabot_alerts %}
|
||||
|
||||
{% data variables.product.company_short %} helps you prioritize fixing {% data variables.product.prodname_dependabot_alerts %}. {% ifversion dependabot-most-important-sort-option %} By default, {% data variables.product.prodname_dependabot_alerts %} are sorted by importance. The "Most important" sort order helps you prioritize which {% data variables.product.prodname_dependabot_alerts %} to focus on first. 警报根据其潜在影响、可操作性和相关性进行排名。 我们的优先级计算不断改进,包括 CVSS 分数、依赖范围以及是否为警报找到有漏洞的函数调用等因素。
|
||||
|
||||
|
||||
{% endif %}
|
||||
|
||||
{% data reusables.dependabot.dependabot-alerts-filters %}
|
||||
|
||||
In addition to the filters available via the search bar, you can sort and filter {% data variables.product.prodname_dependabot_alerts %} using the dropdown menus at the top of the alert list. The search bar also allows for full text searching of alerts and related security advisories. You can search for part of a security advisory name or description to return the alerts in your repository that relate to that security advisory. For example, searching for `yaml.load() API could execute arbitrary code` will return {% data variables.product.prodname_dependabot_alerts %} linked to "[PyYAML insecurely deserializes YAML strings leading to arbitrary code execution](https://github.com/advisories/GHSA-rprw-h62v-c2w7)" as the search string appears in the advisory description.
|
||||
|
||||
{% endif %}
|
||||
|
||||
{% ifversion dependabot-bulk-alerts %}
|
||||
{% elsif ghes = 3.5 %}
|
||||
You can select a filter in a dropdown menu at the top of the list, then click the filter that you would like to apply. {% endif %}
|
||||
|
||||
{% ifversion dependabot-alerts-development-label %}
|
||||
## 支持的生态系统和依赖范围清单
|
||||
|
||||
<!-- TODO: for now we'd have this table and heading as they are, but we're planning to replace this with at a later date a new heading containing all the available filters in one or more tables -->
|
||||
{% data reusables.dependabot.dependabot-alerts-dependency-scope %}
|
||||
|
||||
列为开发依赖项的包的警报在 {% data variables.product.prodname_dependabot_alerts %} 页上标有 `Development` 标签,并且还可以通过 `scope` 筛选器进行筛选。 
|
||||
列为开发依赖项的包的警报在 {% data variables.product.prodname_dependabot_alerts %} 页上标有 `Development` 标签,并且还可以通过 `scope` 筛选器进行筛选。
|
||||
|
||||
开发范围的包上警报的警报详细信息页显示“标记”部分,其中包含 `Development` 标签。 
|
||||
|
||||
|
||||
开发范围的包上警报的警报详细信息页显示“标记”部分,其中包含 `Development` 标签。
|
||||
|
||||
|
||||
|
||||
{% endif %}
|
||||
|
||||
@@ -90,23 +110,10 @@ topics:
|
||||
{% data reusables.repositories.navigate-to-repo %}
|
||||
{% data reusables.repositories.sidebar-security %}
|
||||
{% data reusables.repositories.sidebar-dependabot-alerts %}
|
||||
1. (可选)若要筛选警报,请选择 **Repository(仓库)**、**Package(包)**、**Ecosystem(生态系统)**或 **Manifest(清单)**下拉菜单,然后单击要应用的筛选器。 您还可以在搜索栏中键入过滤条件。 例如 `ecosystem:npm`{% ifversion ghes < 3.7 or ghae-issue-5638 %} 或 `has:patch`{% endif %}{% ifversion dependabot-alerts-development-label %}、`has:patch` 或 `scope:development`{% endif %}。 要对警报进行排序,请选择 **Sort(排序)**下拉菜单,然后单击要作为排序依据的选项,或在搜索栏中键入 `sort:`,然后从建议中选择一个选项(例如,`sort:newest`)。
|
||||
|
||||
{% ifversion dependabot-most-important-sort-option %}
|
||||
{% note %}
|
||||
|
||||
**注意:** 默认情况下,{% data variables.product.prodname_dependabot_alerts %} 按重要性排序。 “最重要”排序可帮助您确定要首先关注的 {% data variables.product.prodname_dependabot_alerts %} 的优先级。 警报根据其潜在影响、可操作性和相关性进行排名。 我们的优先级计算不断改进,包括 CVSS 分数、依赖范围以及是否为警报找到有漏洞的函数调用等因素。
|
||||
{% endnote %}
|
||||
|
||||
|
||||
{% endif %}
|
||||
|
||||
还可以单击警报上的标签以仅显示该类型的警报。{% ifversion dependabot-alerts-development-label %} 例如,单击警报列表中的 `Development` 标签将仅显示与开发中使用的依赖项相关的警报,而不显示与生产中使用的依赖项相关的警报。 有关支持的生态系统列表的信息,请参阅[依赖项范围支持的生态系统和清单](#supported-ecosystems-and-manifests-for-dependency-scope)”。
|
||||
|
||||
{% endif %}
|
||||
1. Optionally, to filter alerts, select a filter in a dropdown menu then click the filter that you would like to apply. 您还可以在搜索栏中键入过滤条件。 For more information about filtering and sorting alerts, see "[Prioritizing {% data variables.product.prodname_dependabot_alerts %}](#prioritizing-across--data-variablesproductprodname_dependabot_alerts-)."
|
||||
{%- ifversion dependabot-bulk-alerts %}
|
||||
{% else %}
|
||||
{% endif %}
|
||||
{% endif %}
|
||||
1. 单击要查看的警报。{% ifversion dependabot-bulk-alerts %} {% else %}
|
||||
{% endif %}
|
||||
|
||||
@@ -156,7 +163,12 @@ topics:
|
||||
如果计划大量工作来升级依赖项,或者决定不需要修复警报,则可以忽略警报。 通过忽略已评估的警报,可以更轻松地在新警报出现时对其进行分类。
|
||||
|
||||
1. 查看警报的详细信息。 更多信息请参阅“[查看有漏洞的依赖项](#viewing-dependabot-alerts)”(上文)。
|
||||
1. 选择“Dismiss(忽略)”下拉列表,然后单击忽略警报的原因。{% ifversion reopen-dependabot-alerts %} 未修复的已忽略警报可以稍后重新打开。{% endif %} 
|
||||
1. 选择“Dismiss(忽略)”下拉列表,然后单击忽略警报的原因。{% ifversion reopen-dependabot-alerts %} 未修复的已忽略警报可以稍后重新打开。{% endif %}
|
||||
{% ifversion dependabot-alerts-dismissal-comment %}1. Optionally, add a dismissal comment. The dismissal comment will be added to the alert timeline and can be used as justification during auditing and reporting. You can retrieve or set a comment by using the GraphQL API. The comment is contained in the `dismissComment` field. For more information, see "[{% data variables.product.prodname_dependabot_alerts %}](/graphql/reference/objects#repositoryvulnerabilityalert)" in the GraphQL API documentation.
|
||||
|
||||
1. Click **Dismiss alert**.
|
||||
{% else %}
|
||||
{% endif %}
|
||||
{% ifversion dependabot-bulk-alerts %}
|
||||
|
||||
### 一次忽略多个警报
|
||||
@@ -185,7 +197,7 @@ You can view all open alerts, and you can reopen alerts that have been previousl
|
||||
{%- else %}
|
||||
|
||||
{%- endif %}
|
||||
1. Click the alert that you would like to view or update.
|
||||
1. 单击要查看或更新的警报。
|
||||
|
||||
{%- ifversion dependabot-bulk-alerts %}
|
||||
|
||||
|
||||
@@ -94,11 +94,11 @@ If your codespace fails to pick up configuration settings from dotfiles, see "[T
|
||||
|
||||
You can also personalize {% data variables.product.prodname_codespaces %} using additional [{% data variables.product.prodname_codespaces %} settings](https://github.com/settings/codespaces):
|
||||
|
||||
- To set your default region, see "[Setting your default region for {% data variables.product.prodname_github_codespaces %}](/codespaces/customizing-your-codespace/setting-your-default-region-for-github-codespaces)."
|
||||
- To set your editor, see "[Setting your default editor for {% data variables.product.prodname_github_codespaces %}](/codespaces/customizing-your-codespace/setting-your-default-editor-for-github-codespaces)."
|
||||
- To add encrypted secrets, see "[Managing encrypted secrets for {% data variables.product.prodname_github_codespaces %}](/codespaces/managing-codespaces-for-your-organization/managing-encrypted-secrets-for-your-repository-and-organization-for-github-codespaces)."
|
||||
- To enable GPG verification, see "[Managing GPG verification for {% data variables.product.prodname_github_codespaces %}](/codespaces/managing-your-codespaces/managing-gpg-verification-for-github-codespaces)."
|
||||
- To allow your codespaces to access other repositories, see "[Managing repository access for your organization's codespaces](/codespaces/managing-codespaces-for-your-organization/managing-repository-access-for-your-organizations-codespaces)."
|
||||
- To set your editor, see "[Setting your default editor for {% data variables.product.prodname_github_codespaces %}](/codespaces/customizing-your-codespace/setting-your-default-editor-for-github-codespaces)."
|
||||
- To set how long a codespace can remain unused before it is automatically stopped, see "[Setting your timeout period for GitHub Codespaces](/codespaces/customizing-your-codespace/setting-your-timeout-period-for-github-codespaces)."
|
||||
- To set the period for which your unused codespaces are retained, see "[Configuring automatic deletion of your codespaces](/codespaces/customizing-your-codespace/configuring-automatic-deletion-of-your-codespaces)."
|
||||
- To set your default region, see "[Setting your default region for {% data variables.product.prodname_github_codespaces %}](/codespaces/customizing-your-codespace/setting-your-default-region-for-github-codespaces)."
|
||||
|
||||
## Further reading
|
||||
|
||||
|
||||
@@ -40,7 +40,6 @@ includeGuides:
|
||||
- /codespaces/managing-codespaces-for-your-organization/enabling-codespaces-for-your-organization
|
||||
- /codespaces/managing-codespaces-for-your-organization/managing-billing-for-codespaces-in-your-organization
|
||||
- /codespaces/managing-codespaces-for-your-organization/managing-encrypted-secrets-for-your-repository-and-organization-for-codespaces
|
||||
- /codespaces/managing-codespaces-for-your-organization/managing-repository-access-for-your-organizations-codespaces
|
||||
- /codespaces/managing-codespaces-for-your-organization/restricting-access-to-machine-types
|
||||
- /codespaces/managing-codespaces-for-your-organization/retricting-the-idle-timeout-period
|
||||
- /codespaces/managing-codespaces-for-your-organization/restricting-the-retention-period-for-codespaces
|
||||
|
||||
@@ -7,11 +7,11 @@ introLinks:
|
||||
quickstart: /codespaces/getting-started/quickstart
|
||||
featuredLinks:
|
||||
guides:
|
||||
- /billing/managing-billing-for-github-codespaces/about-billing-for-codespaces
|
||||
- /codespaces/managing-codespaces-for-your-organization/enabling-codespaces-for-your-organization
|
||||
- /codespaces/setting-up-your-codespace/configuring-codespaces-for-your-project
|
||||
- /codespaces/managing-codespaces-for-your-organization/managing-repository-access-for-your-organizations-codespaces
|
||||
- /codespaces/developing-in-codespaces/codespaces-lifecycle
|
||||
- /codespaces/setting-up-your-codespace/configuring-codespaces-for-your-project
|
||||
- /codespaces/managing-your-codespaces/managing-repository-access-for-your-codespaces
|
||||
- /billing/managing-billing-for-github-codespaces/about-billing-for-codespaces
|
||||
popular:
|
||||
- /codespaces/getting-started-with-codespaces/getting-started-with-your-nodejs-project-in-codespaces
|
||||
- /codespaces/getting-started-with-codespaces/getting-started-with-your-python-project-in-codespaces
|
||||
|
||||
@@ -132,7 +132,3 @@ If additional repository permissions are defined in the `devcontainer.json` file
|
||||
1. 如果您选择了“Selected repositories(所选仓库)”,请选择下拉菜单,然后单击一个仓库,以允许该仓库的代码空间访问您拥有的其他仓库。 对于您要允许其代码空间访问您拥有的其他仓库的所有仓库重复此操作。
|
||||
|
||||
|
||||
|
||||
## 延伸阅读
|
||||
|
||||
- "[管理组织的代码空间的存储库访问](/codespaces/managing-codespaces-for-your-organization/managing-repository-access-for-your-organizations-codespaces)"
|
||||
|
||||
@@ -539,7 +539,7 @@ body:
|
||||
|
||||
### 示例
|
||||
|
||||
```
|
||||
```yaml
|
||||
body:
|
||||
- type: dropdown
|
||||
attributes:
|
||||
@@ -552,7 +552,7 @@ body:
|
||||
|
||||
通过确保 `options` 数组中不存在重复选项,可以修复此错误。
|
||||
|
||||
```
|
||||
```yaml
|
||||
body:
|
||||
- type: dropdown
|
||||
attributes:
|
||||
@@ -570,7 +570,7 @@ body:
|
||||
|
||||
### 示例
|
||||
|
||||
```
|
||||
```yaml
|
||||
body:
|
||||
- type: dropdown
|
||||
attributes:
|
||||
@@ -585,7 +585,7 @@ body:
|
||||
|
||||
可以通过删除 "None" 作为选项来修复该错误。 如果您希望贡献者能够表明他们不喜欢这些类型的馅饼,可以另外删除`必要的`验证。
|
||||
|
||||
```
|
||||
```yaml
|
||||
body:
|
||||
- type: dropdown
|
||||
attributes:
|
||||
@@ -605,7 +605,7 @@ body:
|
||||
|
||||
### 示例
|
||||
|
||||
```
|
||||
```yaml
|
||||
body:
|
||||
- type: dropdown
|
||||
attributes:
|
||||
@@ -618,7 +618,7 @@ body:
|
||||
|
||||
可以通过将每个有问题的选项括在引号中来修复该错误,以防止它们被处理为布尔值。
|
||||
|
||||
```
|
||||
```yaml
|
||||
body:
|
||||
- type: dropdown
|
||||
attributes:
|
||||
@@ -629,6 +629,36 @@ body:
|
||||
- Maybe
|
||||
```
|
||||
|
||||
## Body cannot be empty
|
||||
|
||||
The template body `key:value` pair can not be empty. For more information about which top-level keys are required, see "[Syntax for issue forms](/communities/using-templates-to-encourage-useful-issues-and-pull-requests/syntax-for-issue-forms#top-level-syntax)."
|
||||
|
||||
The error can be fixed by adding the `body:` section.
|
||||
|
||||
### 示例
|
||||
|
||||
```yaml
|
||||
name: Support Request
|
||||
description: Something went wrong and you need help?
|
||||
---
|
||||
body:
|
||||
- type: textarea
|
||||
attributes:
|
||||
label: "What's wrong?"
|
||||
```
|
||||
|
||||
In this example, the error can be fixed by deleting the `---` (document separator) between the headers and the `body` section.
|
||||
|
||||
```yaml
|
||||
name: Support Request
|
||||
description: Something went wrong and you need help?
|
||||
|
||||
body:
|
||||
- type: textarea
|
||||
attributes:
|
||||
label: "What's wrong?"
|
||||
```
|
||||
|
||||
## 延伸阅读
|
||||
|
||||
- [YAML](https://yaml.org/)
|
||||
|
||||
@@ -1,6 +1,29 @@
|
||||
---
|
||||
title: 开发者
|
||||
intro: '通过与我们的 API 集成,自定义您的 {% data variables.product.prodname_dotcom %} 工作流程,以及构建并与社区分享应用程序,更深入地了解 {% data variables.product.prodname_dotcom %}。'
|
||||
intro: 'Go deeper with {% data variables.product.prodname_dotcom %} by integrating with our APIs and webhooks, customizing your {% data variables.product.prodname_dotcom %} workflow, and building and sharing apps with the community.'
|
||||
introLinks:
|
||||
About apps: /developers/apps/getting-started-with-apps/about-apps
|
||||
layout: product-landing
|
||||
featuredLinks:
|
||||
guides:
|
||||
- /developers/apps/getting-started-with-apps/differences-between-github-apps-and-oauth-apps
|
||||
- /developers/apps/building-github-apps/creating-a-github-app
|
||||
- /developers/apps/building-github-apps/authenticating-with-github-apps
|
||||
- /developers/apps/building-github-apps/identifying-and-authorizing-users-for-github-apps
|
||||
popular:
|
||||
- /developers/webhooks-and-events/webhooks/webhook-events-and-payloads
|
||||
- /developers/apps/building-github-apps/creating-a-github-app
|
||||
- /developers/apps/building-github-apps/authenticating-with-github-apps
|
||||
- /developers/webhooks-and-events/webhooks/about-webhooks
|
||||
- /developers/apps/building-oauth-apps/creating-an-oauth-app
|
||||
- /developers/apps/building-oauth-apps/authorizing-oauth-apps
|
||||
- /developers/github-marketplace/github-marketplace-overview/about-github-marketplace
|
||||
guideCards:
|
||||
- /developers/webhooks-and-events/webhooks/creating-webhooks
|
||||
- /developers/apps/guides/using-the-github-api-in-your-app
|
||||
- /developers/apps/guides/creating-ci-tests-with-the-checks-api
|
||||
changelog:
|
||||
label: apps
|
||||
versions:
|
||||
fpt: '*'
|
||||
ghes: '*'
|
||||
|
||||
@@ -55,7 +55,7 @@ redirect_from:
|
||||
|
||||
### 选择作业类型
|
||||
|
||||
在“Individual or group assignment(个人或小组作业)”下,选择下拉菜单,然后单击 **Group assignment(小组作业)**。 创建作业后不可更改作业类型。 如果要创建个人作业,请参阅“[创建个人作业](/education/manage-coursework-with-github-classroom/create-an-individual-assignment)”。
|
||||
在“Individual or group assignment(个人或小组作业)”下,选择下拉菜单,然后单击 **Group assignment(小组作业)**。 创建作业后不可更改作业类型。 If you'd rather create an individual assignment, see "[Create an individual assignment](/education/manage-coursework-with-github-classroom/create-an-individual-assignment)."
|
||||
|
||||
### 确定作业的团队
|
||||
|
||||
|
||||
@@ -740,7 +740,7 @@ For more information, see "[Managing the publication of {% data variables.produc
|
||||
| Action | Description
|
||||
|------------------|-------------------
|
||||
|`create` | Triggered when an organization owner creates a new custom repository role. For more information, see "[Managing custom repository roles for an organization](/organizations/managing-peoples-access-to-your-organization-with-roles/managing-custom-repository-roles-for-an-organization)."
|
||||
|`destroy` | Triggered when a organization owner deletes a custom repository role. For more information, see "[Managing custom repository roles for an organization](/organizations/managing-peoples-access-to-your-organization-with-roles/managing-custom-repository-roles-for-an-organization)."
|
||||
|`destroy` | Triggered when an organization owner deletes a custom repository role. For more information, see "[Managing custom repository roles for an organization](/organizations/managing-peoples-access-to-your-organization-with-roles/managing-custom-repository-roles-for-an-organization)."
|
||||
|`update` | Triggered when an organization owner edits an existing custom repository role. For more information, see "[Managing custom repository roles for an organization](/organizations/managing-peoples-access-to-your-organization-with-roles/managing-custom-repository-roles-for-an-organization)."
|
||||
|
||||
{% endif %}
|
||||
|
||||
@@ -1,57 +0,0 @@
|
||||
---
|
||||
title: 使用主题选择器将主题添加到 GitHub Pages 站点
|
||||
intro: '您可以将主题添加到 {% data variables.product.prodname_pages %} 站点,以自定义站点的外观。'
|
||||
redirect_from:
|
||||
- /articles/creating-a-github-pages-site-with-the-jekyll-theme-chooser
|
||||
- /articles/adding-a-jekyll-theme-to-your-github-pages-site-with-the-jekyll-theme-chooser
|
||||
- /articles/adding-a-theme-to-your-github-pages-site-with-the-theme-chooser
|
||||
- /github/working-with-github-pages/adding-a-theme-to-your-github-pages-site-with-the-theme-chooser
|
||||
product: '{% data reusables.gated-features.pages %}'
|
||||
versions:
|
||||
fpt: '*'
|
||||
ghec: '*'
|
||||
topics:
|
||||
- Pages
|
||||
shortTitle: 将主题添加到 Pages 站点
|
||||
permissions: 'People with admin permissions for a repository can use the theme chooser to add a theme to a {% data variables.product.prodname_pages %} site.'
|
||||
---
|
||||
|
||||
## 关于主题选择器
|
||||
|
||||
{% ifversion pages-custom-workflow %}
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note**: The Jekyll theme chooser is not supported for {% data variables.product.prodname_pages %} sites that are published with a custom {% data variables.product.prodname_actions %} workflow. If you build your site with Jekyll and publish your site with a custom {% data variables.product.prodname_actions %} workflow, you can add a theme by editing the `_config.yml` file. For more information, see "[Adding a theme to your GitHub Pages site using Jekyll](/pages/setting-up-a-github-pages-site-with-jekyll/adding-a-theme-to-your-github-pages-site-using-jekyll)."
|
||||
|
||||
{% endnote %}
|
||||
|
||||
{% endif %}
|
||||
|
||||
主题选择器可用于向仓库添加 Jekyll 主题。 有关 Jekyll 的更多信息,请参阅“[关于 {% data variables.product.prodname_pages %} 和 Jekyll](/articles/about-github-pages-and-jekyll)”。
|
||||
|
||||
主题选择器如何工作取决于您的资源库是公共的还是私有的。
|
||||
- 如果已为仓库启用 {% data variables.product.prodname_pages %},主题选择器会将主题添加到当前发布源。
|
||||
- 如果您的仓库是公共的,并且已对仓库禁用 {% data variables.product.prodname_pages %},则使用主题选择器将启用 {% data variables.product.prodname_pages %} 并将默认分支配置为发布源。
|
||||
- 如果您的仓库是公共的,并且已对仓库禁用 {% data variables.product.prodname_pages %},则必须先通过配置发布源来启用 {% data variables.product.prodname_pages %},然后才可使用主题选择器。
|
||||
|
||||
有关发布源的更多信息,请参阅“[关于 {% data variables.product.prodname_pages %}](/articles/about-github-pages#publishing-sources-for-github-pages-sites)”。
|
||||
|
||||
如果以前曾手动向仓库添加 Jekyll 主题,则这些文件在使用主题选择器后也可能应用。 为避免冲突,请先删除所有手动添加的主题文件夹和文件,然后再使用主题选择器。 更多信息请参阅“[使用 Jekyll 添加主题到 {% data variables.product.prodname_pages %} 站点](/articles/adding-a-theme-to-your-github-pages-site-using-jekyll)”。
|
||||
|
||||
## 使用主题选择器添加主题
|
||||
|
||||
{% data reusables.pages.navigate-site-repo %}
|
||||
{% data reusables.repositories.sidebar-settings %}
|
||||
{% data reusables.pages.sidebar-pages %}
|
||||
3. 在“{% data variables.product.prodname_pages %}”下,单击 **Choose a theme(选择主题)**或 **Change theme(更改主题)**。 
|
||||
4. 在页面顶部单击所需的主题,然后单击 **Select theme(选择主题)**。 
|
||||
5. 系统可能会提示您编辑站点的 *README.md* 文件。
|
||||
- 要稍后编辑该文件,请单击 **Cancel(取消)**。 
|
||||
- 要现在编辑文件,请参阅“[编辑文件](/repositories/working-with-files/managing-files/editing-files)”。
|
||||
|
||||
您选择的主题将自动应用到仓库中的 Markdown 文件。 要将主题应用到仓库中的 HTML 文件,您需要添加 YAML 前页,以指定每个文件的布局。 更多信息请参阅 Jekyll 网站上的“[前页](https://jekyllrb.com/docs/front-matter/)”。
|
||||
|
||||
## 延伸阅读
|
||||
|
||||
- Jekyll 网站上的[主题](https://jekyllrb.com/docs/themes/)
|
||||
@@ -59,9 +59,9 @@ shortTitle: 创建 GitHub Pages 站点
|
||||
|
||||
您可以通过创建更多新文件向网站添加更多页面。 每个文件都将在网站上与发布源相同的目录结构中。 例如,如果项目网站的发布源是 `gh-pages` 分支,并且您在 `gh-pages` 分支上创建了名为 `/about/contact-us.md` 的新文件,该文件将在 {% ifversion fpt or ghec %}`https://<user>.github.io/<repository>/{% else %}`http(s)://<hostname>/pages/<username>/<repository>/{% endif %}about/contact-us.html` 下。
|
||||
|
||||
您还可以添加主题以自定义网站的外观。 更多信息请参阅{% ifversion fpt or ghec %}“[使用主题选择器添加主题到 {% data variables.product.prodname_pages %} 站点](/articles/adding-a-theme-to-your-github-pages-site-with-the-theme-chooser){% else %}”[使用 Jekyll 添加主题到 {% data variables.product.prodname_pages %} 站点](/articles/adding-a-theme-to-your-github-pages-site-using-jekyll){% endif %}”。
|
||||
您还可以添加主题以自定义网站的外观。 For more information, see "[Adding a theme to your {% data variables.product.prodname_pages %} site using Jekyll](/articles/adding-a-theme-to-your-github-pages-site-using-jekyll)".
|
||||
|
||||
要更多地自定义您的站点,您可以使用 Jekyl - 内置 {% data variables.product.prodname_pages %} 支持的静态站点生成器。 更多信息请参阅“[关于 {% data variables.product.prodname_pages %} 和 Jekyll](/articles/about-github-pages-and-jekyll)”。
|
||||
要更多地自定义您的站点,您可以使用 Jekyl - 内置 {% data variables.product.prodname_pages %} 支持的静态站点生成器。 For more information, see "[About {% data variables.product.prodname_pages %} and Jekyll](/articles/about-github-pages-and-jekyll)".
|
||||
|
||||
## 延伸阅读
|
||||
|
||||
|
||||
@@ -17,7 +17,6 @@ topics:
|
||||
children:
|
||||
- /about-github-pages
|
||||
- /creating-a-github-pages-site
|
||||
- /adding-a-theme-to-your-github-pages-site-with-the-theme-chooser
|
||||
- /configuring-a-publishing-source-for-your-github-pages-site
|
||||
- /changing-the-visibility-of-your-github-pages-site
|
||||
- /creating-a-custom-404-page-for-your-github-pages-site
|
||||
|
||||
@@ -12,7 +12,6 @@ featuredLinks:
|
||||
- '{% ifversion fpt or ghec %}/pages/configuring-a-custom-domain-for-your-github-pages-site/managing-a-custom-domain-for-your-github-pages-site{% endif %}'
|
||||
- '{% ifversion ghes or ghae %}/pages/setting-up-a-github-pages-site-with-jekyll/creating-a-github-pages-site-with-jekyll{% endif %}'
|
||||
- '{% ifversion ghec %}/pages/getting-started-with-github-pages/changing-the-visibility-of-your-github-pages-site{% endif %}'
|
||||
- '{% ifversion fpt %}/pages/getting-started-with-github-pages/adding-a-theme-to-your-github-pages-site-with-the-theme-chooser{% endif %}'
|
||||
- '{% ifversion ghes or ghae %}/pages/setting-up-a-github-pages-site-with-jekyll/adding-content-to-your-github-pages-site-using-jekyll{% endif %}'
|
||||
popular:
|
||||
- '{% ifversion fpt or ghec %}/pages/configuring-a-custom-domain-for-your-github-pages-site/about-custom-domains-and-github-pages{% endif %}'
|
||||
|
||||
@@ -26,11 +26,12 @@ product: '{% data reusables.gated-features.pages %}'
|
||||
1. 输入 `username.github.io` 作为存储库名称。 将 `username` 替换为您的 {% data variables.product.prodname_dotcom %} 用户名。 例如,如果您的用户名是 `octocat`,则存储库名称应为 `octocat.github.io`。 
|
||||
{% data reusables.repositories.sidebar-settings %}
|
||||
{% data reusables.pages.sidebar-pages %}
|
||||
1. 单击 **Choose a theme(选择主题)**。 
|
||||
2. 主题选择器将打开。 浏览可用的主题,然后单击 **Select theme(选择主题)**以选择主题。 以后更改主题很容易,因此,如果您不确定,请暂时选择一个。 
|
||||
3. 选择主题后,存储库的 `README.md` 文件将在文件编辑器中打开。 `README.md` 文件是您将为网站编写内容的位置。 您可以编辑文件或暂时保留默认内容。
|
||||
4. 编辑完文件后,单击 **Commit changes(提交更改)**。
|
||||
5. 访问 `username.github.io` 以查看您的新网站。 **注:**对站点的更改在推送到 {% data variables.product.product_name %} 后,最长可能需要 20 分钟才会发布。
|
||||
1. Under "Build and deployment", under "Source", select **Deploy from a branch**.
|
||||
1. Under "Build and deployment", under "Branch", use the **None** or **Branch** drop-down menu and select a publishing source.
|
||||
|
||||
|
||||
1. Optionally, open the `README.md` file of your repository. `README.md` 文件是您将为网站编写内容的位置。 您可以编辑文件或暂时保留默认内容。
|
||||
1. 访问 `username.github.io` 以查看您的新网站。 **注:**对站点的更改在推送到 {% data variables.product.product_name %} 后,最长可能需要 10 分钟才会发布。
|
||||
|
||||
## 更改标题和说明
|
||||
|
||||
|
||||
@@ -75,9 +75,9 @@ kramdown:
|
||||
{% data reusables.pages.add-jekyll-theme %} 更多信息请参阅 Jekyll 文档中的“[主题](https://jekyllrb.com/docs/themes/)”。
|
||||
|
||||
{% ifversion fpt or ghec %}
|
||||
您可以在 {% data variables.product.prodname_dotcom %} 上添加支持的主题到站点。 更多信息请参阅 {% data variables.product.prodname_pages %} 站点上“[支持的主题](https://pages.github.com/themes/)"和"[使用主题选择器添加主题到 {% data variables.product.prodname_pages %} 站点](/articles/adding-a-theme-to-your-github-pages-site-with-the-theme-chooser)”。
|
||||
您可以在 {% data variables.product.prodname_dotcom %} 上添加支持的主题到站点。 For more information, see "[Supported themes](https://pages.github.com/themes/)" on the {% data variables.product.prodname_pages %} site and [Adding a theme to your {% data variables.product.prodname_pages %} site using Jekyll"](/articles/adding-a-theme-to-your-github-pages-site-using-jekyll).
|
||||
|
||||
要使用 {% data variables.product.prodname_dotcom %} 上托管的任何其他开源 Jekyll 主题,您可以手动添加主题。{% else %} 您可以手动添加主题到站点。{% endif %} 更多信息请参阅{% ifversion fpt or ghec %} [{% data variables.product.prodname_dotcom %}](https://github.com/topics/jekyll-theme) 上托管的主题和 {% else %}{% data variables.product.prodname_pages %} 站点上 "[支持的主题](https://pages.github.com/themes/)"和{% endif %}“[使用 Jekyll 添加主题到 {% data variables.product.prodname_pages %} 站点](/articles/adding-a-theme-to-your-github-pages-site-using-jekyll)”。
|
||||
To use any other open source Jekyll theme hosted on {% data variables.product.prodname_dotcom %}, you can add the theme manually.{% else %} You can add a theme to your site manually.{% endif %} For more information, see{% ifversion fpt or ghec %} [themes hosted on {% data variables.product.prodname_dotcom %}](https://github.com/topics/jekyll-theme) and{% else %} "[Supported themes](https://pages.github.com/themes/)" on the {% data variables.product.prodname_pages %} site and{% endif %} "[Adding a theme to your {% data variables.product.prodname_pages %} site using Jekyll](/articles/adding-a-theme-to-your-github-pages-site-using-jekyll)".
|
||||
|
||||
您可以通过编辑主题文件来覆盖任何主题的默认值。 更多信息请参阅您的主题文档和 Jekyll 文档中的“[覆盖主题默认值](https://jekyllrb.com/docs/themes/#overriding-theme-defaults)“。
|
||||
|
||||
|
||||
@@ -26,7 +26,7 @@ shortTitle: Jekyll build errors for Pages
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** It can take up to 20 minutes for changes to your site to publish after you push the changes to {% data variables.product.product_name %}.
|
||||
**Note:** It can take up to 10 minutes for changes to your site to publish after you push the changes to {% data variables.product.product_name %}.
|
||||
|
||||
{% endnote %}
|
||||
|
||||
|
||||
@@ -6,6 +6,7 @@ redirect_from:
|
||||
- /articles/adding-a-jekyll-theme-to-your-github-pages-site
|
||||
- /articles/adding-a-theme-to-your-github-pages-site-using-jekyll
|
||||
- /github/working-with-github-pages/adding-a-theme-to-your-github-pages-site-using-jekyll
|
||||
- /pages/getting-started-with-github-pages/adding-a-theme-to-your-github-pages-site-with-the-theme-chooser
|
||||
product: '{% data reusables.gated-features.pages %}'
|
||||
versions:
|
||||
fpt: '*'
|
||||
|
||||
@@ -0,0 +1,7 @@
|
||||
#Reference: #7094
|
||||
#Documentation for allowing matrix jobs to call reusable workflows.
|
||||
versions:
|
||||
fpt: '*'
|
||||
ghec: '*'
|
||||
ghes: '>=3.7'
|
||||
ghae: 'issue-7094'
|
||||
@@ -0,0 +1,6 @@
|
||||
#Reference: Issue #7673 - Dependabot alerts: optional comment with dismissal - [GA]
|
||||
versions:
|
||||
fpt: '*'
|
||||
ghec: '*'
|
||||
ghes: '>3.6'
|
||||
ghae: 'issue-7673'
|
||||
@@ -0,0 +1,7 @@
|
||||
#Issues 7093
|
||||
#Reusable workflows can call other reusable workflows
|
||||
versions:
|
||||
fpt: '*'
|
||||
ghec: '*'
|
||||
ghes: '>=3.7'
|
||||
ghae: 'issue-7093'
|
||||
@@ -156,7 +156,7 @@ upcoming_changes:
|
||||
owner: lukewar
|
||||
-
|
||||
location: ProjectNextFieldType.TEXT
|
||||
description: '`TEXT` will be removed. Follow the ProjectV2 guide at https://github.blog/changelog/2022-06-23-the-new-github-issues-june-23rd-update/, to find a suitable replacement.'
|
||||
description: '“TEXT”将被删除。请按照 https://github.blog/changelog/2022-06-23-the-new-github-issues-june-23rd-update/ 的 ProjectV2 指南,找到合适的替代项。'
|
||||
reason: '''ProjectNext'' API 已被弃用,取而代之的是功能更强大的 ''ProjectV2'' API。'
|
||||
date: '2022-10-01T00:00:00+00:00'
|
||||
criticality: 重大
|
||||
|
||||
@@ -576,7 +576,7 @@ upcoming_changes:
|
||||
owner: lukewar
|
||||
-
|
||||
location: ProjectNextFieldType.TEXT
|
||||
description: '`TEXT` will be removed. Follow the ProjectV2 guide at https://github.blog/changelog/2022-06-23-the-new-github-issues-june-23rd-update/, to find a suitable replacement.'
|
||||
description: '“TEXT”将被删除。请按照 https://github.blog/changelog/2022-06-23-the-new-github-issues-june-23rd-update/ 的 ProjectV2 指南,找到合适的替代项。'
|
||||
reason: '''ProjectNext'' API 已被弃用,取而代之的是功能更强大的 ''ProjectV2'' API。'
|
||||
date: '2022-10-01T00:00:00+00:00'
|
||||
criticality: 重大
|
||||
@@ -994,6 +994,13 @@ upcoming_changes:
|
||||
date: '2022-10-01T00:00:00+00:00'
|
||||
criticality: 重大
|
||||
owner: lukewar
|
||||
-
|
||||
location: ProjectView.groupedItems
|
||||
description: '`groupedItems` will be removed. Follow the ProjectV2 guide at https://github.blog/changelog/2022-06-23-the-new-github-issues-june-23rd-update/, to find a suitable replacement.'
|
||||
reason: '''ProjectNext'' API 已被弃用,取而代之的是功能更强大的 ''ProjectV2'' API。'
|
||||
date: '2022-10-01T00:00:00+00:00'
|
||||
criticality: 重大
|
||||
owner: lukewar
|
||||
-
|
||||
location: ProjectView.items
|
||||
description: '“items”将被删除。请按照 https://github.blog/changelog/2022-06-23-the-new-github-issues-june-23rd-update/ 的 ProjectV2 指南,找到合适的替代项。'
|
||||
|
||||
@@ -576,7 +576,7 @@ upcoming_changes:
|
||||
owner: lukewar
|
||||
-
|
||||
location: ProjectNextFieldType.TEXT
|
||||
description: '`TEXT` will be removed. Follow the ProjectV2 guide at https://github.blog/changelog/2022-06-23-the-new-github-issues-june-23rd-update/, to find a suitable replacement.'
|
||||
description: '“TEXT”将被删除。请按照 https://github.blog/changelog/2022-06-23-the-new-github-issues-june-23rd-update/ 的 ProjectV2 指南,找到合适的替代项。'
|
||||
reason: '''ProjectNext'' API 已被弃用,取而代之的是功能更强大的 ''ProjectV2'' API。'
|
||||
date: '2022-10-01T00:00:00+00:00'
|
||||
criticality: 重大
|
||||
@@ -994,6 +994,13 @@ upcoming_changes:
|
||||
date: '2022-10-01T00:00:00+00:00'
|
||||
criticality: 重大
|
||||
owner: lukewar
|
||||
-
|
||||
location: ProjectView.groupedItems
|
||||
description: '`groupedItems` will be removed. Follow the ProjectV2 guide at https://github.blog/changelog/2022-06-23-the-new-github-issues-june-23rd-update/, to find a suitable replacement.'
|
||||
reason: '''ProjectNext'' API 已被弃用,取而代之的是功能更强大的 ''ProjectV2'' API。'
|
||||
date: '2022-10-01T00:00:00+00:00'
|
||||
criticality: 重大
|
||||
owner: lukewar
|
||||
-
|
||||
location: ProjectView.items
|
||||
description: '“items”将被删除。请按照 https://github.blog/changelog/2022-06-23-the-new-github-issues-june-23rd-update/ 的 ProjectV2 指南,找到合适的替代项。'
|
||||
|
||||
@@ -5,5 +5,5 @@ If you need help with anything related to workflow configuration, such as syntax
|
||||
如有以下任意情况,无论您的使用或预期使用是否属于使用限制类别,都请联系 {% data variables.contact.contact_support %}:
|
||||
|
||||
* 如果您认为您的帐户受到不正确的限制
|
||||
* 如果您在执行您的操作之一时遇到意外错误,例如:唯一的 ID
|
||||
* If you encounter an unexpected error when executing one of your actions
|
||||
* 如果你遇到与预期矛盾现有行为,但不一定是文件记录的情况。
|
||||
|
||||
@@ -0,0 +1,17 @@
|
||||
You can sort and filter {% data variables.product.prodname_dependabot_alerts %} by typing filters as `key:value` pairs into the search bar.
|
||||
|
||||
| 选项 | 描述 | 示例 |
|
||||
|:---------- |:---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |:---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
|
||||
| `生态系统` | Displays alerts for the selected ecosystem | Use `ecosystem:npm` to show {% data variables.product.prodname_dependabot_alerts %} for npm |{% ifversion fpt or ghec or ghes > 3.5 %}
|
||||
| `has` | Displays alerts meeting the selected filter criteria | Use `has:patch` to show alerts related to advisories that have a patch{% ifversion dependabot-alerts-vulnerable-calls %}</br>Use `has:vulnerable-calls` to show alerts relating to calls to vulnerable functions{% endif %}
|
||||
{% endif %}
|
||||
| `is` | Displays alerts based on their state | Use `is:open` to show open alerts |
|
||||
| `manifest` | Displays alerts for the selected manifest | Use `manifest:webwolf/pom.xml` to show alerts on the pom.xml file of the webwolf application |
|
||||
| `package` | Displays alerts for the selected package | Use `package:django` to show alerts for django |
|
||||
| `解决方法` | Displays alerts of the selected resolution status | Use `resolution:no-bandwidth` to show alerts previously parked due to lack of resources or time to fix them |
|
||||
| `repo` | Displays alerts based on the repository they relate to</br>Note that this filter is only available on the security overview. For more information, see "[About the security overview](/code-security/security-overview/about-the-security-overview)" | Use `repo:octocat-repo` to show alerts in the repository called `octocat-repo` |{%- ifversion dependabot-alerts-development-label %}
|
||||
| `作用域` | Displays alerts based on the scope of the dependency they relate to | Use `scope:development` to show alerts for dependencies that are only used during development
|
||||
{% endif %}
|
||||
| `严重程度` | Displays alerts based on their level of severity | Use `severity:high` to show alerts with a severity of High |{%- ifversion dependabot-most-important-sort-option %}
|
||||
| `排序` | Displays alerts according to the selected sort order | The default sorting option for alerts is `sort:most-important`, which ranks alerts by importance</br>Use `sort:newest` to show the latest alerts reported by {% data variables.product.prodname_dependabot %}
|
||||
{% endif %}
|
||||
@@ -5,5 +5,5 @@
|
||||
1. 键入投票的标题和可选正文。 
|
||||
1. 输入投票问题。 
|
||||
1. 为投票输入至少两个选项。 
|
||||
1. (可选)要添加额外的投票选项,请单击 **Add an option(添加选项)**。 
|
||||
1. Optionally, to add an extra poll option, click **Add an option**. 
|
||||
1. 点击 **Start poll(开始投票)**。 
|
||||
|
||||
Reference in New Issue
Block a user